codexuse-cli 3.9.2 → 3.9.7

package/dist/server/index.mjs

@@ -8,9 +8,9 @@ import crypto$1, { createHash, randomBytes, randomUUID } from "node:crypto";
 import * as NFS from "node:fs";
 import fs, { accessSync, constants, existsSync, promises, readFileSync, realpathSync, statSync } from "node:fs";
 import * as OS from "node:os";
-import os, { homedir } from "node:os";
+import nodeOs, { homedir } from "node:os";
 import * as Path from "node:path";
-import path, { extname, join } from "node:path";
+import nodePath, { extname, join } from "node:path";
 import * as NodeUrl from "node:url";
 import { fileURLToPath } from "node:url";
 import * as readline$1 from "node:readline";
@@ -19,7 +19,7 @@ import * as Net from "node:net";
 import fs$1, { mkdir, readFile, stat, writeFile } from "node:fs/promises";
 import { AsyncLocalStorage } from "node:async_hooks";
 import { EventEmitter } from "node:events";
-import path$1, { join as join$1 } from "path";
+import path, { join as join$1 } from "path";
 import util from "node:util";
 import http from "node:http";
 import { WebSocketServer } from "ws";
@@ -47814,7 +47814,8 @@ const UserInputQuestion = Struct({
 	id: TrimmedNonEmptyStringSchema$1,
 	header: TrimmedNonEmptyStringSchema$1,
 	question: TrimmedNonEmptyStringSchema$1,
-	options: Array$1(UserInputQuestionOption)
+	options: Array$1(UserInputQuestionOption),
+	multiSelect: optional$2(Boolean$2)
 });
 const UserInputRequestedPayload = Struct({ questions: Array$1(UserInputQuestion) });
 const UserInputResolvedPayload = Struct({ answers: UnknownRecordSchema });
@@ -48763,6 +48764,13 @@ const WS_METHODS = {
 	autoRollGetSettings: "autoRoll.getSettings",
 	autoRollSaveSettings: "autoRoll.saveSettings",
 	officialCodexRestart: "officialCodex.restart",
+	officialCodexInstances: "officialCodex.instances",
+	officialCodexLaunchProfile: "officialCodex.launchProfile",
+	officialCodexFocusProfile: "officialCodex.focusProfile",
+	officialCodexStopProfile: "officialCodex.stopProfile",
+	officialCodexRestartProfile: "officialCodex.restartProfile",
+	officialCodexLaunchProfiles: "officialCodex.launchProfiles",
+	officialCodexStopProfiles: "officialCodex.stopProfiles",
 	cliInfo: "cli.info",
 	cliStatus: "cli.status",
 	cliCheckFreshness: "cli.checkFreshness",
@@ -48907,7 +48915,11 @@ const WebSocketRequestBody = Union([
 		accountKey: TrimmedNonEmptyString,
 		groupName: Union([TrimmedNonEmptyString, Null])
 	})),
-	tagRequestBody(WS_METHODS.profilesDelete, Struct({ name: TrimmedNonEmptyString })),
+	tagRequestBody(WS_METHODS.profilesDelete, Struct({
+		name: TrimmedNonEmptyString,
+		replacementProfileName: optional$2(Union([TrimmedNonEmptyString, Null])),
+		removeActiveAuth: optional$2(Boolean$2)
+	})),
 	tagRequestBody(WS_METHODS.profilesExport, Struct({ name: TrimmedNonEmptyString })),
 	tagRequestBody(WS_METHODS.profilesCancelAuth, Struct({ name: TrimmedNonEmptyString })),
 	tagRequestBody(WS_METHODS.rateLimitsRefreshNow, Struct({})),
@@ -48919,6 +48931,13 @@ const WebSocketRequestBody = Union([
 	tagRequestBody(WS_METHODS.autoRollGetSettings, Struct({})),
 	tagRequestBody(WS_METHODS.autoRollSaveSettings, Struct({ settings: Unknown })),
 	tagRequestBody(WS_METHODS.officialCodexRestart, Struct({})),
+	tagRequestBody(WS_METHODS.officialCodexInstances, Struct({})),
+	tagRequestBody(WS_METHODS.officialCodexLaunchProfile, Struct({ name: TrimmedNonEmptyString })),
+	tagRequestBody(WS_METHODS.officialCodexFocusProfile, Struct({ name: TrimmedNonEmptyString })),
+	tagRequestBody(WS_METHODS.officialCodexStopProfile, Struct({ name: TrimmedNonEmptyString })),
+	tagRequestBody(WS_METHODS.officialCodexRestartProfile, Struct({ name: TrimmedNonEmptyString })),
+	tagRequestBody(WS_METHODS.officialCodexLaunchProfiles, Struct({ names: Array$1(TrimmedNonEmptyString) })),
+	tagRequestBody(WS_METHODS.officialCodexStopProfiles, Struct({ names: Array$1(TrimmedNonEmptyString) })),
 	tagRequestBody(WS_METHODS.cliInfo, Struct({})),
 	tagRequestBody(WS_METHODS.cliStatus, Struct({})),
 	tagRequestBody(WS_METHODS.cliCheckFreshness, Struct({})),
@@ -49196,7 +49215,7 @@ const launchDetached = (launch) => gen(function* () {
 });
 const make$9 = gen(function* () {
 	const open = yield* tryPromise({
-		try: () => import("./open-DX6_a9Ta.mjs"),
+		try: () => import("./open-BWXrZXJl.mjs"),
 		catch: (cause) => new OpenError({
 			message: "failed to load browser opener",
 			cause
@@ -54296,8 +54315,8 @@ const IGNORED_DIRECTORY_NAMES = new Set([
 	".cache"
 ]);
 function expandHomePath(input) {
-	if (input === "~") return os.homedir();
-	if (input.startsWith("~/") || input.startsWith("~\\")) return path.join(os.homedir(), input.slice(2));
+	if (input === "~") return nodeOs.homedir();
+	if (input.startsWith("~/") || input.startsWith("~\\")) return nodePath.join(nodeOs.homedir(), input.slice(2));
 	return input;
 }
 function isWindowsAbsolutePath(input) {
@@ -54306,13 +54325,13 @@ function isWindowsAbsolutePath(input) {
 function resolveBrowseTarget(input) {
 	if (process.platform !== "win32" && isWindowsAbsolutePath(input.partialPath)) throw new Error("Windows-style paths are only supported on Windows.");
 	const expanded = expandHomePath(input.partialPath);
-	if (path.isAbsolute(expanded) || input.partialPath.startsWith("~")) return path.resolve(expanded);
-	return input.cwd ? path.resolve(expandHomePath(input.cwd), expanded) : path.resolve(expanded);
+	if (nodePath.isAbsolute(expanded) || input.partialPath.startsWith("~")) return nodePath.resolve(expanded);
+	return input.cwd ? nodePath.resolve(expandHomePath(input.cwd), expanded) : nodePath.resolve(expanded);
 }
 const workspaceIndexCache = /* @__PURE__ */ new Map();
 const inFlightWorkspaceIndexBuilds = /* @__PURE__ */ new Map();
 function toPosixPath(input) {
-	return input.split(path.sep).join("/");
+	return input.split(nodePath.sep).join("/");
 }
 function parentPathOf(input) {
 	const separatorIndex = input.lastIndexOf("/");
@@ -54527,7 +54546,7 @@ async function buildWorkspaceIndex(cwd) {
 		const currentDirectories = pendingDirectories;
 		pendingDirectories = [];
 		const candidateEntriesByDirectory = (await mapWithConcurrency(currentDirectories, WORKSPACE_SCAN_READDIR_CONCURRENCY, async (relativeDir) => {
-			const absoluteDir = relativeDir ? path.join(cwd, relativeDir) : cwd;
+			const absoluteDir = relativeDir ? nodePath.join(cwd, relativeDir) : cwd;
 			try {
 				return {
 					relativeDir,
@@ -54549,7 +54568,7 @@ async function buildWorkspaceIndex(cwd) {
 				if (!dirent.name || dirent.name === "." || dirent.name === "..") continue;
 				if (dirent.isDirectory() && IGNORED_DIRECTORY_NAMES.has(dirent.name)) continue;
 				if (!dirent.isDirectory() && !dirent.isFile()) continue;
-				const relativePath = toPosixPath(relativeDir ? path.join(relativeDir, dirent.name) : dirent.name);
+				const relativePath = toPosixPath(relativeDir ? nodePath.join(relativeDir, dirent.name) : dirent.name);
 				if (isPathInIgnoredDirectory(relativePath)) continue;
 				candidates.push({
 					dirent,
@@ -54630,8 +54649,8 @@ async function searchWorkspaceEntries(input) {
 async function browseFilesystemEntries(input) {
 	const resolvedInputPath = resolveBrowseTarget(input);
 	const endsWithSeparator = /[\\/]$/.test(input.partialPath) || input.partialPath === "~";
-	const parentPath = endsWithSeparator ? resolvedInputPath : path.dirname(resolvedInputPath);
-	const prefix = endsWithSeparator ? "" : path.basename(resolvedInputPath);
+	const parentPath = endsWithSeparator ? resolvedInputPath : nodePath.dirname(resolvedInputPath);
+	const prefix = endsWithSeparator ? "" : nodePath.basename(resolvedInputPath);
 	const dirents = await fs$1.readdir(parentPath, { withFileTypes: true });
 	const showHidden = endsWithSeparator || prefix.startsWith(".");
 	const lowerPrefix = prefix.toLowerCase();
@@ -54639,7 +54658,7 @@ async function browseFilesystemEntries(input) {
 		parentPath,
 		entries: dirents.filter((dirent) => dirent.isDirectory() && dirent.name.toLowerCase().startsWith(lowerPrefix) && (showHidden || !dirent.name.startsWith("."))).map((dirent) => ({
 			name: dirent.name,
-			fullPath: path.join(parentPath, dirent.name)
+			fullPath: nodePath.join(parentPath, dirent.name)
 		})).sort((left, right) => left.name.localeCompare(right.name))
 	};
 }
@@ -55959,16 +55978,16 @@ const ProjectionPendingApprovalRepositoryLive = effect(ProjectionPendingApproval
 //#region src/attachmentPaths.ts
 const ATTACHMENTS_ROUTE_PREFIX = "/attachments";
 function normalizeAttachmentRelativePath(rawRelativePath) {
-	const normalized = path.normalize(rawRelativePath).replace(/^[/\\]+/, "");
+	const normalized = nodePath.normalize(rawRelativePath).replace(/^[/\\]+/, "");
 	if (normalized.length === 0 || normalized.startsWith("..") || normalized.includes("\0")) return null;
 	return normalized.replace(/\\/g, "/");
 }
 function resolveAttachmentRelativePath(input) {
 	const normalizedRelativePath = normalizeAttachmentRelativePath(input.relativePath);
 	if (!normalizedRelativePath) return null;
-	const attachmentsRoot = path.resolve(path.join(input.stateDir, "attachments"));
-	const filePath = path.resolve(path.join(attachmentsRoot, normalizedRelativePath));
-	if (!filePath.startsWith(`${attachmentsRoot}${path.sep}`)) return null;
+	const attachmentsRoot = nodePath.resolve(nodePath.join(input.stateDir, "attachments"));
+	const filePath = nodePath.resolve(nodePath.join(attachmentsRoot, normalizedRelativePath));
+	if (!filePath.startsWith(`${attachmentsRoot}${nodePath.sep}`)) return null;
 	return filePath;
 }
 //#endregion
@@ -58202,6 +58221,75 @@ function normalizeCommitMessagePrompt(value) {
 	return normalized.length > 0 ? normalized : null;
 }
 //#endregion
+//#region ../../packages/contracts/src/settings/auto-roll.ts
+const DEFAULT_AUTO_ROLL_ENABLED = false;
+const DEFAULT_AUTO_ROLL_REARM_REMAINING_THRESHOLD = 15;
+const DEFAULT_AUTO_ROLL_SWITCH_REMAINING_THRESHOLD = 5;
+const DEFAULT_RESTART_OFFICIAL_CODEX_ON_AUTO_ROLL = false;
+const DEFAULT_LAUNCH_OFFICIAL_CODEX_WHEN_CLOSED_ON_AUTO_ROLL = false;
+const DEFAULT_AUTO_ROLL_PRIORITY_ORDER = [];
+const DEFAULT_LOW_REMAINING_NOTIFICATION_ENABLED = false;
+const DEFAULT_LOW_REMAINING_NOTIFICATION_THRESHOLD = 1;
+const AUTO_ROLL_SWITCH_REMAINING_MIN = 0;
+const AUTO_ROLL_SWITCH_REMAINING_MAX = 50;
+const AUTO_ROLL_REARM_REMAINING_MAX = 100;
+const LOW_REMAINING_NOTIFICATION_MIN = 1;
+const LOW_REMAINING_NOTIFICATION_MAX = 50;
+function clampNumber(value, min, max) {
+	return Math.min(max, Math.max(min, value));
+}
+function resolveFiniteNumber(value, fallback) {
+	return typeof value === "number" && Number.isFinite(value) ? value : fallback;
+}
+function legacyUsedThresholdToRemaining(value, fallbackUsed) {
+	return 100 - clampNumber(resolveFiniteNumber(value, fallbackUsed), 0, 100);
+}
+function sanitizeAutoRollSwitchRemainingThreshold(value) {
+	return clampNumber(resolveFiniteNumber(value, 5), 0, 50);
+}
+function sanitizeAutoRollRearmRemainingThreshold(value, switchRemainingThreshold) {
+	const sanitizedSwitch = sanitizeAutoRollSwitchRemainingThreshold(switchRemainingThreshold);
+	return clampNumber(resolveFiniteNumber(value, 15), sanitizedSwitch + 1, 100);
+}
+function sanitizeAutoRollThresholds(rearmRemainingThreshold, switchRemainingThreshold) {
+	const sanitizedSwitch = sanitizeAutoRollSwitchRemainingThreshold(switchRemainingThreshold);
+	return {
+		rearmRemainingThreshold: sanitizeAutoRollRearmRemainingThreshold(rearmRemainingThreshold, sanitizedSwitch),
+		switchRemainingThreshold: sanitizedSwitch
+	};
+}
+function sanitizeAutoRollPriorityOrder(value) {
+	if (!Array.isArray(value)) return [...DEFAULT_AUTO_ROLL_PRIORITY_ORDER];
+	const seen = /* @__PURE__ */ new Set();
+	const normalized = [];
+	for (const item of value) {
+		if (typeof item !== "string") continue;
+		const trimmed = item.trim();
+		if (!trimmed || seen.has(trimmed)) continue;
+		seen.add(trimmed);
+		normalized.push(trimmed);
+	}
+	return normalized;
+}
+function sanitizeLowRemainingNotificationThreshold(value) {
+	return clampNumber(resolveFiniteNumber(value, 1), 1, 50);
+}
+function normalizeAutoRollSettings(raw) {
+	const enabled = typeof raw?.enabled === "boolean" ? raw.enabled : false;
+	const rawSwitchRemaining = typeof raw?.switchRemainingThreshold === "number" ? raw.switchRemainingThreshold : legacyUsedThresholdToRemaining(raw?.switchThreshold, 95);
+	const { rearmRemainingThreshold: normalizedRearm, switchRemainingThreshold: normalizedSwitch } = sanitizeAutoRollThresholds(typeof raw?.rearmRemainingThreshold === "number" ? raw.rearmRemainingThreshold : legacyUsedThresholdToRemaining(raw?.warningThreshold, 85), rawSwitchRemaining);
+	return {
+		enabled,
+		rearmRemainingThreshold: normalizedRearm,
+		switchRemainingThreshold: normalizedSwitch,
+		restartOfficialCodexOnAutoRoll: raw?.restartOfficialCodexOnAutoRoll === true ? true : false,
+		launchOfficialCodexWhenClosedOnAutoRoll: raw?.launchOfficialCodexWhenClosedOnAutoRoll === true ? true : false,
+		priorityOrder: sanitizeAutoRollPriorityOrder(raw?.priorityOrder),
+		lowRemainingNotificationEnabled: raw?.lowRemainingNotificationEnabled === true ? true : false,
+		lowRemainingNotificationThreshold: sanitizeLowRemainingNotificationThreshold(typeof raw?.lowRemainingNotificationThreshold === "number" ? raw.lowRemainingNotificationThreshold : NaN)
+	};
+}
+//#endregion
 //#region ../../packages/runtime-app-state/src/storage/documents.ts
 const APP_STORAGE_TABLE = "app_storage_documents";
 const APP_STORAGE_DB_DIR = "t3-projects";
@@ -58285,7 +58373,7 @@ function ensureSchema(db, dbPath) {
 	initializedDbPaths.add(dbPath);
 }
 async function openDatabase(dbPath) {
-	await promises.mkdir(path.dirname(dbPath), { recursive: true });
+	await promises.mkdir(nodePath.dirname(dbPath), { recursive: true });
 	if (process.versions.bun !== void 0) {
 		const database = new (await (Function("return import('bun:sqlite')")())).Database(dbPath);
 		return {
@@ -58318,7 +58406,7 @@ async function withDatabase(dbPath, task) {
 	throw new Error("App storage database remained busy after retrying.");
 }
 function resolveAppStorageDbPath(userDataDir) {
-	return path.join(userDataDir, APP_STORAGE_DB_DIR, APP_STORAGE_DB_NAME);
+	return nodePath.join(userDataDir, APP_STORAGE_DB_DIR, APP_STORAGE_DB_NAME);
 }
 async function readDocument(dbPath, namespace, normalize) {
 	return withDatabase(dbPath, (db) => {
@@ -58388,21 +58476,21 @@ function clone(value) {
 	return JSON.parse(JSON.stringify(value));
 }
 function resolveDefaultUserDataDir() {
-	const home = process.env.HOME || process.env.USERPROFILE || os.homedir();
+	const home = process.env.HOME || process.env.USERPROFILE || nodeOs.homedir();
 	if (!home) throw new Error("Unable to resolve home directory for app state.");
-	if (process.platform === "darwin") return path.join(home, "Library", "Application Support", APP_NAME);
+	if (process.platform === "darwin") return nodePath.join(home, "Library", "Application Support", APP_NAME);
 	if (process.platform === "win32") {
 		const appData = process.env.APPDATA;
-		if (appData) return path.join(appData, APP_NAME);
-		return path.join(home, "AppData", "Roaming", APP_NAME);
+		if (appData) return nodePath.join(appData, APP_NAME);
+		return nodePath.join(home, "AppData", "Roaming", APP_NAME);
 	}
-	return path.join(home, ".config", APP_NAME);
+	return nodePath.join(home, ".config", APP_NAME);
 }
 function getUserDataDir() {
 	return configuredUserDataDir ?? resolveDefaultUserDataDir();
 }
 function resolveLegacyAppStatePath() {
-	return path.join(getUserDataDir(), LEGACY_APP_STATE_FILE);
+	return nodePath.join(getUserDataDir(), LEGACY_APP_STATE_FILE);
 }
 function resolveStorageDbPath() {
 	return resolveAppStorageDbPath(getUserDataDir());
@@ -58412,9 +58500,23 @@ function createDefaultAppState() {
 		schemaVersion: 1,
 		autoRoll: {
 			enabled: false,
-			warningThreshold: 85,
-			switchThreshold: 95,
-			restartOfficialCodexOnAutoRoll: false
+			rearmRemainingThreshold: 15,
+			switchRemainingThreshold: 5,
+			restartOfficialCodexOnAutoRoll: false,
+			launchOfficialCodexWhenClosedOnAutoRoll: false,
+			priorityOrder: [],
+			lowRemainingNotificationEnabled: false,
+			lowRemainingNotificationThreshold: 1
+		},
+		officialCodex: {
+			lastProfileSwitchAt: null,
+			lastProfileSwitchProfileKey: null,
+			lastVerifiedLaunchAt: null,
+			lastVerifiedLaunchProfileKey: null,
+			lastObservedPid: null,
+			lastRestartStatus: null,
+			lastRestartReason: null,
+			instancesByProfileName: {}
 		},
 		app: {
 			lastAppVersion: null,
@@ -58507,17 +58609,47 @@ function asString$9(value) {
 	const trimmed = value.trim();
 	return trimmed.length > 0 ? trimmed : null;
 }
+function asNumberOrNull(value) {
+	return typeof value === "number" && Number.isFinite(value) ? value : null;
+}
 function normalizeAppState(raw) {
 	const defaults = createDefaultAppState();
 	if (!isRecord$7(raw)) return defaults;
+	const rawAutoRoll = isRecord$7(raw.autoRoll) ? raw.autoRoll : void 0;
 	const merged = clone(deepMerge(defaults, raw));
 	merged.schemaVersion = 1;
-	if (typeof merged.autoRoll.enabled !== "boolean") merged.autoRoll.enabled = false;
-	if (!Number.isFinite(merged.autoRoll.warningThreshold)) merged.autoRoll.warningThreshold = 85;
-	if (!Number.isFinite(merged.autoRoll.switchThreshold)) merged.autoRoll.switchThreshold = 95;
-	if (merged.autoRoll.warningThreshold < 50 || merged.autoRoll.warningThreshold > 99) merged.autoRoll.warningThreshold = 85;
-	if (merged.autoRoll.switchThreshold <= merged.autoRoll.warningThreshold || merged.autoRoll.switchThreshold > 100) merged.autoRoll.switchThreshold = Math.min(100, Math.max(merged.autoRoll.warningThreshold + 1, 95));
-	if (typeof merged.autoRoll.restartOfficialCodexOnAutoRoll !== "boolean") merged.autoRoll.restartOfficialCodexOnAutoRoll = false;
+	merged.autoRoll = normalizeAutoRollSettings(rawAutoRoll);
+	if (!isRecord$7(merged.officialCodex)) merged.officialCodex = clone(defaults.officialCodex);
+	merged.officialCodex.lastProfileSwitchAt = asNumberOrNull(merged.officialCodex.lastProfileSwitchAt);
+	merged.officialCodex.lastProfileSwitchProfileKey = asString$9(merged.officialCodex.lastProfileSwitchProfileKey);
+	merged.officialCodex.lastVerifiedLaunchAt = asNumberOrNull(merged.officialCodex.lastVerifiedLaunchAt);
+	merged.officialCodex.lastVerifiedLaunchProfileKey = asString$9(merged.officialCodex.lastVerifiedLaunchProfileKey);
+	merged.officialCodex.lastObservedPid = asNumberOrNull(merged.officialCodex.lastObservedPid);
+	merged.officialCodex.lastRestartStatus = asString$9(merged.officialCodex.lastRestartStatus);
+	merged.officialCodex.lastRestartReason = asString$9(merged.officialCodex.lastRestartReason);
+	if (!isRecord$7(merged.officialCodex.instancesByProfileName)) merged.officialCodex.instancesByProfileName = {};
+	else {
+		const nextInstances = {};
+		for (const [key, value] of Object.entries(merged.officialCodex.instancesByProfileName)) {
+			if (!isRecord$7(value)) continue;
+			const profileName = asString$9(value.profileName) ?? asString$9(key);
+			if (!profileName) continue;
+			nextInstances[profileName] = {
+				profileName,
+				profileKey: asString$9(value.profileKey),
+				profileHome: asString$9(value.profileHome),
+				appPath: asString$9(value.appPath),
+				bundleId: asString$9(value.bundleId),
+				pid: asNumberOrNull(value.pid),
+				appServerPid: asNumberOrNull(value.appServerPid),
+				launchedAt: asNumberOrNull(value.launchedAt),
+				lastVerifiedAt: asNumberOrNull(value.lastVerifiedAt),
+				lastStatus: asString$9(value.lastStatus),
+				lastError: asString$9(value.lastError)
+			};
+		}
+		merged.officialCodex.instancesByProfileName = nextInstances;
+	}
 	merged.app.lastAppVersion = asString$9(merged.app.lastAppVersion);
 	merged.app.pendingUpdateVersion = asString$9(merged.app.pendingUpdateVersion);
 	merged.app.lastProfileName = asString$9(merged.app.lastProfileName);
@@ -58749,13 +58881,13 @@ const IS_CASE_INSENSITIVE_PLATFORM$2 = process.platform === "darwin" || process.
 function stripTrailingSeparators$2(input) {
 	const trimmed = input.trim();
 	if (trimmed.length === 0) return trimmed;
-	const root = path.parse(trimmed).root;
+	const root = nodePath.parse(trimmed).root;
 	let next = trimmed;
 	while (next.length > root.length && /[\\/]+$/.test(next)) next = next.slice(0, -1);
 	return next;
 }
 function canonicalizeWorkspaceRoot$1(input) {
-	const resolved = path.resolve(input.trim());
+	const resolved = nodePath.resolve(input.trim());
 	return stripTrailingSeparators$2((() => {
 		try {
 			return realpathSync.native(resolved);
@@ -58769,10 +58901,10 @@ function workspaceRootKey$1(input) {
 	return IS_CASE_INSENSITIVE_PLATFORM$2 ? canonical.toLowerCase() : canonical;
 }
 function resolveAgentChatWorkspaceRoot() {
-	return canonicalizeWorkspaceRoot$1(path.join(getUserDataDir(), AGENT_CHAT_WORKSPACE_DIRNAME));
+	return canonicalizeWorkspaceRoot$1(nodePath.join(getUserDataDir(), AGENT_CHAT_WORKSPACE_DIRNAME));
 }
 function resolveAgentChatAgentsPath() {
-	return path.join(resolveAgentChatWorkspaceRoot(), AGENT_CHAT_AGENTS_FILENAME);
+	return nodePath.join(resolveAgentChatWorkspaceRoot(), AGENT_CHAT_AGENTS_FILENAME);
 }
 function isAgentChatWorkspaceRoot(workspaceRoot) {
 	return workspaceRootKey$1(workspaceRoot) === workspaceRootKey$1(resolveAgentChatWorkspaceRoot());
@@ -58786,13 +58918,13 @@ const IS_CASE_INSENSITIVE_PLATFORM$1 = process.platform === "darwin" || process.
 function stripTrailingSeparators$1(input) {
 	const trimmed = input.trim();
 	if (trimmed.length === 0) return trimmed;
-	const root = path.parse(trimmed).root;
+	const root = nodePath.parse(trimmed).root;
 	let next = trimmed;
 	while (next.length > root.length && /[\\/]+$/.test(next)) next = next.slice(0, -1);
 	return next;
 }
 function canonicalizeWorkspaceRoot(input) {
-	const resolved = path.resolve(input.trim());
+	const resolved = nodePath.resolve(input.trim());
 	return stripTrailingSeparators$1((() => {
 		try {
 			return realpathSync.native(resolved);
@@ -58806,54 +58938,15 @@ function workspaceRootKey(input) {
 	return IS_CASE_INSENSITIVE_PLATFORM$1 ? canonical.toLowerCase() : canonical;
 }
 function resolveGeneralChatWorkspaceRoot() {
-	return canonicalizeWorkspaceRoot(path.join(getUserDataDir(), GENERAL_CHAT_WORKSPACE_DIRNAME));
+	return canonicalizeWorkspaceRoot(nodePath.join(getUserDataDir(), GENERAL_CHAT_WORKSPACE_DIRNAME));
 }
 function resolveGeneralChatAgentsPath() {
-	return path.join(resolveGeneralChatWorkspaceRoot(), GENERAL_CHAT_AGENTS_FILENAME);
+	return nodePath.join(resolveGeneralChatWorkspaceRoot(), GENERAL_CHAT_AGENTS_FILENAME);
 }
 function isGeneralChatWorkspaceRoot(workspaceRoot) {
 	return workspaceRootKey(workspaceRoot) === workspaceRootKey(resolveGeneralChatWorkspaceRoot());
 }
 //#endregion
-//#region ../../packages/contracts/src/settings/auto-roll.ts
-const DEFAULT_AUTO_ROLL_ENABLED = false;
-const DEFAULT_AUTO_ROLL_WARNING_THRESHOLD = 85;
-const DEFAULT_AUTO_ROLL_SWITCH_THRESHOLD = 95;
-const DEFAULT_RESTART_OFFICIAL_CODEX_ON_AUTO_ROLL = false;
-const AUTO_ROLL_WARNING_MIN = 50;
-const AUTO_ROLL_WARNING_MAX = 99;
-const AUTO_ROLL_SWITCH_MAX = 100;
-function clampNumber(value, min, max) {
-	return Math.min(max, Math.max(min, value));
-}
-function resolveFiniteNumber(value, fallback) {
-	return Number.isFinite(value) ? value : fallback;
-}
-function sanitizeAutoRollWarningThreshold(value) {
-	return clampNumber(resolveFiniteNumber(value, 85), 50, AUTO_ROLL_WARNING_MAX);
-}
-function sanitizeAutoRollSwitchThreshold(value, warningThreshold) {
-	const sanitizedWarning = sanitizeAutoRollWarningThreshold(warningThreshold);
-	return clampNumber(resolveFiniteNumber(value, 95), sanitizedWarning + 1, AUTO_ROLL_SWITCH_MAX);
-}
-function sanitizeAutoRollThresholds(warningThreshold, switchThreshold) {
-	const sanitizedWarning = sanitizeAutoRollWarningThreshold(warningThreshold);
-	return {
-		warningThreshold: sanitizedWarning,
-		switchThreshold: sanitizeAutoRollSwitchThreshold(switchThreshold, sanitizedWarning)
-	};
-}
-function normalizeAutoRollSettings(raw) {
-	const enabled = typeof raw?.enabled === "boolean" ? raw.enabled : false;
-	const { warningThreshold: normalizedWarning, switchThreshold: normalizedSwitch } = sanitizeAutoRollThresholds(resolveFiniteNumber(typeof raw?.warningThreshold === "number" ? raw.warningThreshold : NaN, 85), resolveFiniteNumber(typeof raw?.switchThreshold === "number" ? raw.switchThreshold : NaN, 95));
-	return {
-		enabled,
-		warningThreshold: normalizedWarning,
-		switchThreshold: normalizedSwitch,
-		restartOfficialCodexOnAutoRoll: raw?.restartOfficialCodexOnAutoRoll === true ? true : false
-	};
-}
-//#endregion
 //#region ../../packages/runtime-codex/src/codex/settings.ts
 function asString$8(value) {
 	if (typeof value !== "string") return null;
@@ -58891,12 +58984,6 @@ function parseStoredLicense(raw) {
 	};
 	return Boolean(license.licenseKey || license.purchaseEmail || license.lastVerifiedAt || license.nextCheckAt || license.lastVerificationError || license.status) ? license : null;
 }
-async function getLastProfileName() {
-	return asString$8((await getAppState()).app.lastProfileName);
-}
-async function persistLastProfileName(profileName) {
-	await patchAppState({ app: { lastProfileName: asString$8(profileName) } });
-}
 async function getStoredLicense() {
 	return parseStoredLicense((await getAppState()).license);
 }
@@ -58927,9 +59014,13 @@ async function persistAutoRollSettings(settings) {
 	const normalized = normalizeAutoRollSettings(settings ?? void 0);
 	await patchAppState({ autoRoll: {
 		enabled: normalized.enabled,
-		warningThreshold: normalized.warningThreshold,
-		switchThreshold: normalized.switchThreshold,
-		restartOfficialCodexOnAutoRoll: normalized.restartOfficialCodexOnAutoRoll
+		rearmRemainingThreshold: normalized.rearmRemainingThreshold,
+		switchRemainingThreshold: normalized.switchRemainingThreshold,
+		restartOfficialCodexOnAutoRoll: normalized.restartOfficialCodexOnAutoRoll,
+		launchOfficialCodexWhenClosedOnAutoRoll: normalized.launchOfficialCodexWhenClosedOnAutoRoll,
+		priorityOrder: normalized.priorityOrder,
+		lowRemainingNotificationEnabled: normalized.lowRemainingNotificationEnabled,
+		lowRemainingNotificationThreshold: normalized.lowRemainingNotificationThreshold
 	} });
 }
 async function readCodexSettingsJsonRaw() {
@@ -58967,9 +59058,13 @@ async function writeCodexSettingsJsonRaw(payload) {
 		},
 		autoRoll: autoRoll ? {
 			enabled: autoRoll.enabled,
-			warningThreshold: autoRoll.warningThreshold,
-			switchThreshold: autoRoll.switchThreshold,
-			restartOfficialCodexOnAutoRoll: autoRoll.restartOfficialCodexOnAutoRoll
+			rearmRemainingThreshold: autoRoll.rearmRemainingThreshold,
+			switchRemainingThreshold: autoRoll.switchRemainingThreshold,
+			restartOfficialCodexOnAutoRoll: autoRoll.restartOfficialCodexOnAutoRoll,
+			launchOfficialCodexWhenClosedOnAutoRoll: autoRoll.launchOfficialCodexWhenClosedOnAutoRoll,
+			priorityOrder: autoRoll.priorityOrder,
+			lowRemainingNotificationEnabled: autoRoll.lowRemainingNotificationEnabled,
+			lowRemainingNotificationThreshold: autoRoll.lowRemainingNotificationThreshold
 		} : void 0,
 		license: license ? {
 			licenseKey: license.licenseKey ?? null,
@@ -59007,7 +59102,7 @@ function normalizeSecret(value) {
 	return typeof value === "string" ? value.trim() : "";
 }
 async function readLegacyLicenseSecret() {
-	const legacyPath = path.join(getUserDataDir(), LEGACY_LICENSE_SECRET_FILE$1);
+	const legacyPath = nodePath.join(getUserDataDir(), LEGACY_LICENSE_SECRET_FILE$1);
 	try {
 		return normalizeSecret(await promises.readFile(legacyPath, "utf8"));
 	} catch (error) {
@@ -59356,13 +59451,13 @@ const IS_CASE_INSENSITIVE_PLATFORM = process.platform === "darwin" || process.pl
 function stripTrailingSeparators(input) {
 	const resolved = input.trim();
 	if (resolved.length === 0) return resolved;
-	const root = path.parse(resolved).root;
+	const root = nodePath.parse(resolved).root;
 	let next = resolved;
 	while (next.length > root.length && /[\\/]+$/.test(next)) next = next.slice(0, -1);
 	return next;
 }
 function canonicalizeProjectRoot(input) {
-	const resolved = path.resolve(input.trim());
+	const resolved = nodePath.resolve(input.trim());
 	return stripTrailingSeparators((() => {
 		try {
 			return realpathSync.native(resolved);
@@ -59543,14 +59638,14 @@ let cachedStatus = null;
 function getPathHintEntries() {
 	const homeDir = process.env.HOME ?? process.env.USERPROFILE ?? "";
 	const homeEntries = homeDir ? [
-		path.join(homeDir, ".local", "bin"),
-		path.join(homeDir, ".fnm", "aliases", "default", "bin"),
-		path.join(homeDir, ".fnm", "current", "bin"),
-		path.join(homeDir, ".volta", "bin"),
-		path.join(homeDir, ".asdf", "shims"),
-		path.join(homeDir, ".bun", "bin")
+		nodePath.join(homeDir, ".local", "bin"),
+		nodePath.join(homeDir, ".fnm", "aliases", "default", "bin"),
+		nodePath.join(homeDir, ".fnm", "current", "bin"),
+		nodePath.join(homeDir, ".volta", "bin"),
+		nodePath.join(homeDir, ".asdf", "shims"),
+		nodePath.join(homeDir, ".bun", "bin")
 	] : [];
-	const configuredHints = (process.env.CODEX_PATH_HINTS ?? "").split(path.delimiter).map((entry) => entry.trim()).filter(Boolean);
+	const configuredHints = (process.env.CODEX_PATH_HINTS ?? "").split(nodePath.delimiter).map((entry) => entry.trim()).filter(Boolean);
 	return [
 		"/opt/homebrew/bin",
 		"/usr/local/bin",
@@ -59560,7 +59655,7 @@ function getPathHintEntries() {
 }
 function fileExists$1(candidate) {
 	if (!candidate) return null;
-	const normalized = path.resolve(candidate);
+	const normalized = nodePath.resolve(candidate);
 	try {
 		if (statSync(normalized).isFile()) return normalized;
 	} catch {}
@@ -59577,7 +59672,7 @@ function resolveCodexFromEnv() {
 }
 function resolveCodexFromPath() {
 	const pathValue = process.env.PATH ?? "";
-	const entries = Array.from(new Set([...getPathHintEntries(), ...pathValue.split(path.delimiter).map((entry) => entry.trim()).filter(Boolean)].filter(Boolean)));
+	const entries = Array.from(new Set([...getPathHintEntries(), ...pathValue.split(nodePath.delimiter).map((entry) => entry.trim()).filter(Boolean)].filter(Boolean)));
 	const names = process.platform === "win32" ? [
 		"codex.exe",
 		"codex.cmd",
@@ -59585,16 +59680,16 @@ function resolveCodexFromPath() {
 		"codex"
 	] : ["codex"];
 	for (const entry of entries) for (const name of names) {
-		const candidate = fileExists$1(path.join(entry, name));
+		const candidate = fileExists$1(nodePath.join(entry, name));
 		if (candidate) return candidate;
 	}
 	return null;
 }
 function resolvePackageJsonPath(cliPath) {
-	const normalized = path.resolve(cliPath);
-	const binDir = path.dirname(normalized);
-	const packageDir = path.basename(binDir) === "bin" ? path.dirname(binDir) : path.dirname(normalized);
-	return fileExists$1(path.join(packageDir, "package.json"));
+	const normalized = nodePath.resolve(cliPath);
+	const binDir = nodePath.dirname(normalized);
+	const packageDir = nodePath.basename(binDir) === "bin" ? nodePath.dirname(binDir) : nodePath.dirname(normalized);
+	return fileExists$1(nodePath.join(packageDir, "package.json"));
 }
 function readCodexCliVersion(cliPath) {
 	const packageJsonPath = resolvePackageJsonPath(cliPath);
@@ -59685,17 +59780,17 @@ function resolveNodeRuntime(env) {
 		...env
 	};
 	const homeDir = runtimeEnv.HOME ?? runtimeEnv.USERPROFILE ?? "";
-	const pathHints = (runtimeEnv.CODEX_PATH_HINTS ?? process.env.CODEX_PATH_HINTS ?? "").split(path.delimiter).map((entry) => entry.trim()).filter(Boolean);
+	const pathHints = (runtimeEnv.CODEX_PATH_HINTS ?? process.env.CODEX_PATH_HINTS ?? "").split(nodePath.delimiter).map((entry) => entry.trim()).filter(Boolean);
 	const extraPathEntries = [
 		"/usr/local/bin",
 		"/opt/homebrew/bin",
-		path.join(homeDir, ".local", "bin"),
-		path.join(homeDir, ".fnm", "aliases", "default", "bin"),
-		path.join(homeDir, ".fnm", "current", "bin"),
+		nodePath.join(homeDir, ".local", "bin"),
+		nodePath.join(homeDir, ".fnm", "aliases", "default", "bin"),
+		nodePath.join(homeDir, ".fnm", "current", "bin"),
 		...pathHints
 	].filter(Boolean);
 	const currentPath = runtimeEnv.PATH ?? "";
-	runtimeEnv.PATH = Array.from(new Set([...extraPathEntries, ...currentPath.split(path.delimiter).filter(Boolean)])).join(path.delimiter);
+	runtimeEnv.PATH = Array.from(new Set([...extraPathEntries, ...currentPath.split(nodePath.delimiter).filter(Boolean)])).join(nodePath.delimiter);
 	const candidates = Array.from(new Set([
 		runtimeEnv.CODEX_NODE_RUNTIME?.trim(),
 		runtimeEnv.CODEX_NODE_BIN?.trim(),
@@ -59732,11 +59827,11 @@ function buildCodexCommand$1(binaryPath, args, env) {
 //#endregion
 //#region ../../packages/runtime-codex/src/codex/home.ts
 function resolveHomeDir$1() {
-	return process.env.HOME || process.env.USERPROFILE || os.homedir();
+	return process.env.HOME || process.env.USERPROFILE || nodeOs.homedir();
 }
 function expandHomePrefix(input, homeDir) {
 	if (input === "~") return homeDir;
-	if (input.startsWith("~/") || input.startsWith("~\\")) return path.join(homeDir, input.slice(2));
+	if (input.startsWith("~/") || input.startsWith("~\\")) return nodePath.join(homeDir, input.slice(2));
 	return input;
 }
 function normalizePathCandidate(value) {
@@ -59747,13 +59842,10 @@ function normalizePathCandidate(value) {
 function normalizeCodexHomePath(input) {
 	const configured = normalizePathCandidate(input);
 	if (!configured) return null;
-	return path.resolve(expandHomePrefix(configured, resolveHomeDir$1()));
+	return nodePath.resolve(expandHomePrefix(configured, resolveHomeDir$1()));
 }
 function resolveDefaultCodexHomeDir() {
-	return path.join(resolveHomeDir$1(), ".codex");
-}
-function resolveProfileCodexHomeDir(profileName) {
-	return path.join(getUserDataDir(), "profile-homes", profileName);
+	return nodePath.join(resolveHomeDir$1(), ".codex");
 }
 function resolveCodexHomeDir(options) {
 	return normalizeCodexHomePath(options?.codexHomePath) ?? resolveDefaultCodexHomeDir();
@@ -59765,14 +59857,7 @@ async function resolveCodexRuntimeContext(options) {
 		profileName: null,
 		source: "explicit"
 	};
-	const state = await getAppState();
-	const profileName = normalizePathCandidate(state.app.lastProfileName);
-	if (profileName && state.profilesByName[profileName]) return {
-		codexHomePath: resolveProfileCodexHomeDir(profileName),
-		profileName,
-		source: "profile"
-	};
-	const configured = normalizeCodexHomePath(state.runtimeSettings?.codexHome);
+	const configured = normalizeCodexHomePath((await getAppState()).runtimeSettings?.codexHome);
 	if (configured) return {
 		codexHomePath: configured,
 		profileName: null,
@@ -59849,19 +59934,19 @@ function buildCliEnv(codexPath, overrides = {}) {
 		...overrides
 	};
 	const currentPath = env.PATH ?? "";
-	const codexDir = path$1.dirname(codexPath);
+	const codexDir = path.dirname(codexPath);
 	const homeDir = process.env.HOME ?? "";
-	const extraPathHints = (process.env.CODEX_PATH_HINTS ?? "").split(path$1.delimiter).map((entry) => entry.trim()).filter(Boolean);
+	const extraPathHints = (process.env.CODEX_PATH_HINTS ?? "").split(path.delimiter).map((entry) => entry.trim()).filter(Boolean);
 	const segments = [...[
 		codexDir,
 		"/usr/local/bin",
 		"/opt/homebrew/bin",
-		path$1.join(homeDir, ".local", "bin"),
-		path$1.join(homeDir, ".fnm", "aliases", "default", "bin"),
-		path$1.join(homeDir, ".fnm", "current", "bin"),
+		path.join(homeDir, ".local", "bin"),
+		path.join(homeDir, ".fnm", "aliases", "default", "bin"),
+		path.join(homeDir, ".fnm", "current", "bin"),
 		...extraPathHints
-	].filter(Boolean), ...currentPath.split(path$1.delimiter).filter(Boolean)];
-	env.PATH = Array.from(new Set(segments)).join(path$1.delimiter);
+	].filter(Boolean), ...currentPath.split(path.delimiter).filter(Boolean)];
+	env.PATH = Array.from(new Set(segments)).join(path.delimiter);
 	return env;
 }
 //#endregion
@@ -60818,7 +60903,7 @@ async function getActiveProfileContext() {
 	const profileKey = toProfileStorageKey(profileName);
 	return {
 		profileKey,
-		parityStoreDir: path.join(getUserDataDir(), PROFILE_ROOT_DIR, profileKey, PROFILE_PARITY_DIR)
+		parityStoreDir: nodePath.join(getUserDataDir(), PROFILE_ROOT_DIR, profileKey, PROFILE_PARITY_DIR)
 	};
 }
 async function fileExists(filePath) {
@@ -60830,10 +60915,10 @@ async function fileExists(filePath) {
 	}
 }
 function legacyStorePath() {
-	return path.join(getUserDataDir(), LEGACY_STORE_FILE);
+	return nodePath.join(getUserDataDir(), LEGACY_STORE_FILE);
 }
 function legacyMigrationMarkerPath() {
-	return path.join(getUserDataDir(), LEGACY_MIGRATION_MARKER_FILE);
+	return nodePath.join(getUserDataDir(), LEGACY_MIGRATION_MARKER_FILE);
 }
 async function readLegacyMigrationMarker() {
 	try {
@@ -60852,13 +60937,13 @@ async function migrateLegacyStoreIfNeeded(scopedStorePath) {
 	if (!await fileExists(legacyPath)) return;
 	const marker = await readLegacyMigrationMarker();
 	if (marker?.migratedToProfileKey && marker.migratedToProfileKey !== context.profileKey) return;
-	await fs$1.mkdir(path.dirname(scopedStorePath), { recursive: true });
+	await fs$1.mkdir(nodePath.dirname(scopedStorePath), { recursive: true });
 	await fs$1.copyFile(legacyPath, scopedStorePath);
 }
 async function storePath() {
 	const context = await getActiveProfileContext();
 	await fs$1.mkdir(context.parityStoreDir, { recursive: true });
-	const scopedPath = path.join(context.parityStoreDir, STORE_FILE);
+	const scopedPath = nodePath.join(context.parityStoreDir, STORE_FILE);
 	await migrateLegacyStoreIfNeeded(scopedPath);
 	return scopedPath;
 }
@@ -60869,7 +60954,7 @@ function toWorkspaceName(inputPath) {
 function sanitizeWorkspace(entry) {
 	if (!entry || typeof entry !== "object") return null;
 	const id = typeof entry.id === "string" && entry.id.trim() ? entry.id.trim() : null;
-	const workspacePath = typeof entry.path === "string" && entry.path.trim() ? path.resolve(entry.path) : null;
+	const workspacePath = typeof entry.path === "string" && entry.path.trim() ? nodePath.resolve(entry.path) : null;
 	if (!id || !workspacePath) return null;
 	const name = typeof entry.name === "string" && entry.name.trim() ? entry.name.trim() : toWorkspaceName(workspacePath);
 	const branch = entry.worktree && typeof entry.worktree === "object" && typeof entry.worktree.branch === "string" ? entry.worktree.branch.trim() || "main" : "main";
@@ -60988,7 +61073,7 @@ function ensureThreadEntry(store, threadId) {
 	return created;
 }
 function resolveOverridesDbPath(stateDir) {
-	return path.join(stateDir, "state.sqlite");
+	return nodePath.join(stateDir, "state.sqlite");
 }
 async function readExternalThreadOverrides(stateDir) {
 	return await readDocument(resolveOverridesDbPath(stateDir), EXTERNAL_THREAD_OVERRIDES_DOCUMENT, (value) => {
@@ -61310,7 +61395,7 @@ function collectExternalCodexThreadSyncDirectoryWatchPaths(rootPath) {
 	while (stack.length > 0) {
 		const currentPath = stack.pop();
 		if (!currentPath) continue;
-		const resolvedCurrentPath = path.resolve(currentPath);
+		const resolvedCurrentPath = nodePath.resolve(currentPath);
 		if (seenPaths.has(resolvedCurrentPath)) continue;
 		seenPaths.add(resolvedCurrentPath);
 		let stat;
@@ -61329,7 +61414,7 @@ function collectExternalCodexThreadSyncDirectoryWatchPaths(rootPath) {
 		}
 		for (const entry of entries) {
 			if (!entry.isDirectory()) continue;
-			stack.push(path.join(resolvedCurrentPath, entry.name));
+			stack.push(nodePath.join(resolvedCurrentPath, entry.name));
 		}
 	}
 	return collectedPaths;
@@ -61338,7 +61423,7 @@ function collectExternalCodexThreadSyncWatchTargets(homePath) {
 	const recursive = supportsRecursiveExternalCodexThreadSyncWatcher();
 	const targets = [];
 	for (const relativePath of EXTERNAL_SYNC_WATCH_DIRECTORY_NAMES) {
-		const absolutePath = path.join(homePath, relativePath);
+		const absolutePath = nodePath.join(homePath, relativePath);
 		if (!fs.existsSync(absolutePath)) continue;
 		if (recursive) {
 			targets.push({
@@ -61350,7 +61435,7 @@ function collectExternalCodexThreadSyncWatchTargets(homePath) {
 		}
 		for (const watchPath of collectExternalCodexThreadSyncDirectoryWatchPaths(absolutePath)) targets.push({
 			watchPath,
-			label: path.relative(homePath, watchPath) || ".",
+			label: nodePath.relative(homePath, watchPath) || ".",
 			recursive: false
 		});
 	}
@@ -61362,7 +61447,7 @@ function collectExternalCodexThreadSyncWatchTargets(homePath) {
 	return targets;
 }
 function startExternalCodexThreadSyncWatcher(homePath) {
-	const resolvedHomePath = path.resolve(homePath);
+	const resolvedHomePath = nodePath.resolve(homePath);
 	if (externalCodexThreadSyncWatchers.length > 0 && externalCodexThreadSyncWatcherHomePath === resolvedHomePath) return;
 	closeExternalCodexThreadSyncWatcher();
 	try {
@@ -61393,7 +61478,7 @@ function startExternalCodexThreadSyncWatcher(homePath) {
 	}
 }
 function resolveStateDbPath(stateDir) {
-	return path.join(stateDir, "state.sqlite");
+	return nodePath.join(stateDir, "state.sqlite");
 }
 function asString$6(value) {
 	return typeof value === "string" ? value : value == null ? "" : String(value);
@@ -61680,7 +61765,7 @@ function resolveLegacyFilePath(source) {
 	if (normalized.startsWith("~/")) {
 		const home = process.env.HOME?.trim();
 		if (!home) return null;
-		return path.join(home, normalized.slice(2));
+		return nodePath.join(home, normalized.slice(2));
 	}
 	return normalized;
 }
@@ -61716,7 +61801,7 @@ async function materializeLegacyImageAttachment(input) {
 			mimeType = Mime_default.getType(filePath) ?? "";
 			if (!mimeType.startsWith("image/")) return null;
 			bytes = await fs$1.readFile(filePath);
-			name = path.basename(filePath) || `image${inferImageExtension({ mimeType })}`;
+			name = nodePath.basename(filePath) || `image${inferImageExtension({ mimeType })}`;
 		}
 		if (bytes.byteLength === 0 || bytes.byteLength > 10485760) return null;
 		const attachmentId = createDeterministicLegacyAttachmentId(input.threadId, input.attachmentKey);
@@ -61733,7 +61818,7 @@ async function materializeLegacyImageAttachment(input) {
 			attachment
 		});
 		if (!attachmentPath) return null;
-		await fs$1.mkdir(path.dirname(attachmentPath), { recursive: true });
+		await fs$1.mkdir(nodePath.dirname(attachmentPath), { recursive: true });
 		await fs$1.writeFile(attachmentPath, bytes);
 		return attachment;
 	} catch {
@@ -62052,7 +62137,7 @@ async function readImportMarker(stateDir) {
 		return { version };
 	});
 	if (stored) return stored;
-	const markerPath = path.join(stateDir, EXTERNAL_SYNC_MARKER_FILE);
+	const markerPath = nodePath.join(stateDir, EXTERNAL_SYNC_MARKER_FILE);
 	try {
 		const raw = await fs$1.readFile(markerPath, "utf8");
 		const version = asFiniteNumber(asRecord$3(JSON.parse(raw))?.version);
@@ -62111,7 +62196,7 @@ function shouldReadLegacyThreadForImport(input) {
 }
 async function writeImportMarker(stateDir, payload) {
 	await writeDocument(resolveStateDbPath(stateDir), EXTERNAL_SYNC_MARKER_DOCUMENT, payload);
-	await fs$1.rm(path.join(stateDir, EXTERNAL_SYNC_MARKER_FILE), { force: true }).catch(() => void 0);
+	await fs$1.rm(nodePath.join(stateDir, EXTERNAL_SYNC_MARKER_FILE), { force: true }).catch(() => void 0);
 }
 function resolveLegacyThreadTimestamps(thread) {
 	const createdAtMs = toEpochMs(thread.createdAt ?? thread.updatedAt, Date.now());
@@ -65115,7 +65200,7 @@ var RotatingFileSink = class {
 		this.maxBytes = options.maxBytes;
 		this.maxFiles = options.maxFiles;
 		this.throwOnError = options.throwOnError ?? false;
-		fs.mkdirSync(path.dirname(this.filePath), { recursive: true });
+		fs.mkdirSync(nodePath.dirname(this.filePath), { recursive: true });
 		this.pruneOverflowBackups();
 		this.currentSize = this.readCurrentSize();
 	}
@@ -65150,13 +65235,13 @@ var RotatingFileSink = class {
 	}
 	pruneOverflowBackups() {
 		try {
-			const dir = path.dirname(this.filePath);
-			const baseName = path.basename(this.filePath);
+			const dir = nodePath.dirname(this.filePath);
+			const baseName = nodePath.basename(this.filePath);
 			for (const entry of fs.readdirSync(dir)) {
 				if (!entry.startsWith(`${baseName}.`)) continue;
 				const suffix = Number(entry.slice(baseName.length + 1));
 				if (!Number.isInteger(suffix) || suffix <= this.maxFiles) continue;
-				fs.rmSync(path.join(dir, entry), { force: true });
+				fs.rmSync(nodePath.join(dir, entry), { force: true });
 			}
 		} catch {
 			if (this.throwOnError) throw new Error(`Failed to prune log backups for ${this.filePath}`);
@@ -65296,7 +65381,7 @@ function makeEventNdjsonLogger(filePath, options) {
 		const streamLabel = resolveStreamLabel(options.stream);
 		const directoryReady = yield* sync(() => {
 			try {
-				fs.mkdirSync(path.dirname(filePath), { recursive: true });
+				fs.mkdirSync(nodePath.dirname(filePath), { recursive: true });
 				return true;
 			} catch (error) {
 				return {
@@ -65319,7 +65404,7 @@ function makeEventNdjsonLogger(filePath, options) {
 			const existing = threadWriters.get(threadSegment);
 			if (existing) return existing;
 			const writer = yield* makeThreadWriter({
-				filePath: path.join(path.dirname(filePath), `${threadSegment}.log`),
+				filePath: nodePath.join(nodePath.dirname(filePath), `${threadSegment}.log`),
 				maxBytes,
 				maxFiles,
 				batchWindowMs,
@@ -65536,12 +65621,14 @@ function toUserInputQuestions(payload) {
 		const id = asString$3(question.id)?.trim();
 		const header = asString$3(question.header)?.trim();
 		const prompt = asString$3(question.question)?.trim();
+		const multiSelect = question.multiSelect === true || question.multi_select === true;
 		if (!id || !header || !prompt || !options || options.length === 0) return;
 		return {
 			id,
 			header,
 			question: prompt,
-			options
+			options,
+			multiSelect
 		};
 	}).filter((question) => question !== void 0);
 	return parsedQuestions.length > 0 ? parsedQuestions : void 0;
@@ -66843,7 +66930,7 @@ function normalizeShellCommand(value) {
 }
 function shellCandidateFromCommand(command) {
 	if (!command || command.length === 0) return null;
-	const shellName = path.basename(command).toLowerCase();
+	const shellName = nodePath.basename(command).toLowerCase();
 	if (process.platform !== "win32" && shellName === "zsh") return {
 		shell: command,
 		args: ["-o", "nopromptsp"]
@@ -67025,7 +67112,7 @@ var TerminalManagerRuntime = class extends EventEmitter {
 		this.subprocessPollInFlight = false;
 		this.killEscalationTimers = /* @__PURE__ */ new Map();
 		this.logger = createLogger("terminal");
-		this.logsDir = options.logsDir ?? path.resolve(process.cwd(), ".logs", "terminals");
+		this.logsDir = options.logsDir ?? nodePath.resolve(process.cwd(), ".logs", "terminals");
 		this.historyLineLimit = options.historyLineLimit ?? DEFAULT_HISTORY_LINE_LIMIT;
 		this.ptyAdapter = options.ptyAdapter;
 		this.shellResolver = options.shellResolver ?? defaultShellResolver;
@@ -67605,7 +67692,7 @@ var TerminalManagerRuntime = class extends EventEmitter {
 	async deleteAllHistoryForThread(threadId) {
 		const threadPrefix = `${toSafeThreadId(threadId)}_`;
 		try {
-			const removals = (await fs.promises.readdir(this.logsDir, { withFileTypes: true })).filter((entry) => entry.isFile()).map((entry) => entry.name).filter((name) => name === `${toSafeThreadId(threadId)}.log` || name === `${legacySafeThreadId(threadId)}.log` || name.startsWith(threadPrefix)).map((name) => fs.promises.rm(path.join(this.logsDir, name), { force: true }));
+			const removals = (await fs.promises.readdir(this.logsDir, { withFileTypes: true })).filter((entry) => entry.isFile()).map((entry) => entry.name).filter((name) => name === `${toSafeThreadId(threadId)}.log` || name === `${legacySafeThreadId(threadId)}.log` || name.startsWith(threadPrefix)).map((name) => fs.promises.rm(nodePath.join(this.logsDir, name), { force: true }));
 			await Promise.all(removals);
 		} catch (error) {
 			this.logger.warn("failed to delete terminal histories for thread", {
@@ -67637,11 +67724,11 @@ var TerminalManagerRuntime = class extends EventEmitter {
 	}
 	historyPath(threadId, terminalId) {
 		const threadPart = toSafeThreadId(threadId);
-		if (terminalId === "default") return path.join(this.logsDir, `${threadPart}.log`);
-		return path.join(this.logsDir, `${threadPart}_${toSafeTerminalId(terminalId)}.log`);
+		if (terminalId === "default") return nodePath.join(this.logsDir, `${threadPart}.log`);
+		return nodePath.join(this.logsDir, `${threadPart}_${toSafeTerminalId(terminalId)}.log`);
 	}
 	legacyHistoryPath(threadId) {
-		return path.join(this.logsDir, `${legacySafeThreadId(threadId)}.log`);
+		return nodePath.join(this.logsDir, `${legacySafeThreadId(threadId)}.log`);
 	}
 	async runWithThreadLock(threadId, task) {
 		const previous = this.threadLocks.get(threadId) ?? Promise.resolve();
@@ -70617,8 +70704,8 @@ const NodePtyAdapterLive = effect(PtyAdapter, gen(function* () {
 function makeServerProviderLayer() {
 	return gen(function* () {
 		const { stateDir } = yield* ServerConfig$1;
-		const providerLogsDir = path.join(stateDir, "logs", "provider");
-		const providerEventLogPath = path.join(providerLogsDir, "events.log");
+		const providerLogsDir = nodePath.join(stateDir, "logs", "provider");
+		const providerEventLogPath = nodePath.join(providerLogsDir, "events.log");
 		const nativeEventLogger = yield* makeEventNdjsonLogger(providerEventLogPath, { stream: "native" });
 		const canonicalEventLogger = yield* makeEventNdjsonLogger(providerEventLogPath, { stream: "canonical" });
 		const providerSessionDirectoryLayer = ProviderSessionDirectoryLive.pipe(provide$2(ProviderSessionRuntimeRepositoryLive));
@@ -72762,8 +72849,8 @@ function parseSchemaKeys(schemaRaw) {
 async function readSchemaFromLocal() {
 	const candidates = [
 		process.env.CODEX_CONFIG_SCHEMA_PATH,
-		path.join(process.cwd(), "codex-rs", "core", "config.schema.json"),
-		path.join(process.cwd(), "node_modules", "@openai", "codex", "codex-rs", "core", "config.schema.json")
+		nodePath.join(process.cwd(), "codex-rs", "core", "config.schema.json"),
+		nodePath.join(process.cwd(), "node_modules", "@openai", "codex", "codex-rs", "core", "config.schema.json")
 	].filter((candidate) => Boolean(candidate));
 	for (const candidate of candidates) try {
 		return await readFile(candidate, "utf8");
@@ -72861,21 +72948,6 @@ const DEFAULT_CONFIG_TEMPLATE = [
 	"web_search = \"cached\"",
 	""
 ].join("\n");
-const SUPPORTED_REASONING_EFFORT = new Set([
-	"minimal",
-	"low",
-	"medium",
-	"high",
-	"xhigh",
-	"none"
-]);
-const CLI_SUPPORTED_REASONING_EFFORT = new Set([
-	"minimal",
-	"low",
-	"medium",
-	"high",
-	"none"
-]);
 const YOLO_PRESET = {
 	model: "gpt-5.3-codex",
 	reviewModel: "gpt-5.3-codex",
@@ -72901,10 +72973,10 @@ const YOLO_PRESET = {
 //#endregion
 //#region ../../packages/runtime-codex/src/codex/config-io.ts
 function getConfigPath(options) {
-	return path.join(resolveCodexHomeDir(options), "config.toml");
+	return nodePath.join(resolveCodexHomeDir(options), "config.toml");
 }
 async function ensureConfigDirExists(filePath) {
-	await mkdir(path.dirname(filePath), { recursive: true });
+	await mkdir(nodePath.dirname(filePath), { recursive: true });
 }
 function normalizeLineEndings(content) {
 	return content.replace(/\r\n/g, "\n");
@@ -73168,14 +73240,6 @@ function buildSettingsSummary(data) {
 		}
 	};
 }
-function getUnsupportedReasoningEffort(data, allowed = SUPPORTED_REASONING_EFFORT) {
-	if (!data || !Object.prototype.hasOwnProperty.call(data, "model_reasoning_effort")) return null;
-	const raw = data["model_reasoning_effort"];
-	if (typeof raw !== "string") return String(raw ?? "");
-	const value = raw.trim();
-	if (!value) return null;
-	return allowed.has(value) ? null : value;
-}
 function parseRmcpClientEnabled(data) {
 	const rawFeatures = data && typeof data["features"] === "object" && data["features"] !== null && !Array.isArray(data["features"]) ? data["features"] : null;
 	if (rawFeatures && typeof rawFeatures["rmcp_client"] === "boolean") return rawFeatures["rmcp_client"];
@@ -73479,21 +73543,6 @@ async function updateCodexConfigValues(updates, options) {
 	await writeConfigContent(serialized, options);
 	return buildSnapshot(serialized, true, options);
 }
-async function sanitizeCodexConfigForCli(options) {
-	const { content } = await readConfigContent(options);
-	const parsed = tryParseToml(content);
-	if (!parsed.data) throw new Error(parsed.error ?? "config.toml contains invalid TOML syntax.");
-	if (!getUnsupportedReasoningEffort(parsed.data, CLI_SUPPORTED_REASONING_EFFORT)) return null;
-	const sanitized = { ...parsed.data };
-	delete sanitized["model_reasoning_effort"];
-	await writeConfigContent(ensureTrailingNewline((0, import_toml.stringify)(sanitized)), options);
-	let restored = false;
-	return async () => {
-		if (restored) return;
-		restored = true;
-		await writeConfigContent(ensureTrailingNewline(normalizeLineEndings(content)), options);
-	};
-}
 //#endregion
 //#region ../../packages/contracts/src/profiles/identity.ts
 function normalizeValue(value) {
@@ -73676,10 +73725,10 @@ function parseRateLimitSnapshotFromRpcMessage(message) {
 }
 async function fetchRateLimitsViaRpc(envOverride, options = {}) {
 	const binaryPath = options.codexPath ?? await requireCodexCli();
-	const tempHome = await promises.mkdtemp(path.join(os.tmpdir(), "codex-rpc-"));
-	const tempAuthPath = path.join(tempHome, "auth.json");
+	const tempHome = await promises.mkdtemp(nodePath.join(nodeOs.tmpdir(), "codex-rpc-"));
+	const tempAuthPath = nodePath.join(tempHome, "auth.json");
 	let initialSourceAuth = null;
-	const sourceAuthPath = options.authPath ?? (envOverride?.CODEX_HOME ? path.join(envOverride.CODEX_HOME, "auth.json") : path.join(envOverride?.HOME ?? process.env.HOME ?? process.env.USERPROFILE ?? os.homedir(), ".codex", "auth.json"));
+	const sourceAuthPath = options.authPath ?? (envOverride?.CODEX_HOME ? nodePath.join(envOverride.CODEX_HOME, "auth.json") : nodePath.join(envOverride?.HOME ?? process.env.HOME ?? process.env.USERPROFILE ?? nodeOs.homedir(), ".codex", "auth.json"));
 	try {
 		initialSourceAuth = await promises.readFile(sourceAuthPath, "utf8").catch(() => null);
 		if (!initialSourceAuth) return null;
@@ -73828,21 +73877,6 @@ var ProfileManager = class {
 	isNotFoundError(error) {
 		return Boolean(error && typeof error === "object" && "code" in error && error.code === "ENOENT");
 	}
-	async readPreferredProfileName() {
-		try {
-			return await getLastProfileName();
-		} catch (error) {
-			logWarn("Failed to read preferred profile name:", error);
-			return null;
-		}
-	}
-	async persistPreferredProfileName(name) {
-		try {
-			await persistLastProfileName(name);
-		} catch (error) {
-			logWarn("Failed to persist preferred profile name:", error);
-		}
-	}
 	toStateRecord(record) {
 		return {
 			name: record.name,
@@ -73941,44 +73975,33 @@ var ProfileManager = class {
 			return null;
 		}
 	}
-	async captureActiveAuthSnapshot() {
-		await this.initialize();
+	emptyAuthSnapshot(fingerprint = null) {
+		return {
+			fingerprint,
+			email: null,
+			accountId: null,
+			userId: null,
+			chatgptUserId: null,
+			chatgptAccountUserId: null,
+			workspaceId: null
+		};
+	}
+	async captureAuthSnapshotAtPath(authPath) {
 		let raw;
 		try {
-			raw = await promises$1.readFile(this.activeAuth, "utf8");
+			raw = await promises$1.readFile(authPath, "utf8");
 		} catch (error) {
-			if (this.isNotFoundError(error)) return {
-				fingerprint: null,
-				email: null,
-				accountId: null,
-				userId: null,
-				chatgptUserId: null,
-				workspaceId: null
-			};
+			if (this.isNotFoundError(error)) return this.emptyAuthSnapshot();
 			const message = error instanceof Error ? error.message : "unknown error";
-			const signature = typeof message === "string" ? `${message}:${this.activeAuth}` : this.activeAuth;
+			const signature = typeof message === "string" ? `${message}:${authPath}` : authPath;
 			if (this.lastActiveAuthErrorSignature !== signature) {
-				logWarn("Failed to snapshot active auth file:", error);
+				logWarn("Failed to snapshot auth file:", error);
 				this.lastActiveAuthErrorSignature = signature;
 			}
-			return {
-				fingerprint: null,
-				email: null,
-				accountId: null,
-				userId: null,
-				chatgptUserId: null,
-				workspaceId: null
-			};
+			return this.emptyAuthSnapshot();
 		}
 		const trimmed = raw.trim();
-		if (!trimmed) return {
-			fingerprint: null,
-			email: null,
-			accountId: null,
-			userId: null,
-			chatgptUserId: null,
-			workspaceId: null
-		};
+		if (!trimmed) return this.emptyAuthSnapshot();
 		const fingerprint = createHash("sha256").update(trimmed).digest("hex");
 		try {
 			const parsed = JSON.parse(trimmed);
@@ -73991,19 +74014,25 @@ var ProfileManager = class {
 				accountId: this.getAccountIdFromData(normalized) ?? null,
 				userId: metadata?.userId ?? null,
 				chatgptUserId: metadata?.chatgptUserId ?? null,
+				chatgptAccountUserId: metadata?.chatgptAccountUserId ?? null,
 				workspaceId: workspace.id ?? null
 			};
 		} catch {
-			return {
-				fingerprint,
-				email: null,
-				accountId: null,
-				userId: null,
-				chatgptUserId: null,
-				workspaceId: null
-			};
+			return this.emptyAuthSnapshot(fingerprint);
 		}
 	}
+	async captureAuthSnapshot(authPath) {
+		const targetPath = authPath ?? this.activeAuth;
+		if (targetPath === this.activeAuth) return this.enqueueAuthSwap(async () => {
+			await this.initialize();
+			return this.captureAuthSnapshotAtPath(targetPath);
+		});
+		await this.initialize();
+		return this.captureAuthSnapshotAtPath(targetPath);
+	}
+	async captureActiveAuthSnapshot() {
+		return this.captureAuthSnapshot(this.activeAuth);
+	}
 	/**
 	* Decode a JWT payload into an object without validating the signature.
 	*/
@@ -74264,7 +74293,7 @@ var ProfileManager = class {
 	}
 	async writeAtomic(filePath, contents) {
 		const tempPath = `${filePath}.tmp`;
-		const dir = path$1.dirname(filePath);
+		const dir = path.dirname(filePath);
 		await promises$1.mkdir(dir, { recursive: true });
 		await promises$1.writeFile(tempPath, contents, "utf8");
 		try {
@@ -74319,6 +74348,99 @@ var ProfileManager = class {
 			metadata: record.metadata
 		}) ?? resolveFallbackAccountKey(record.name);
 	}
+	describeActiveAuth(auth) {
+		const normalized = this.normalizeProfileData(auth);
+		if (typeof normalized.auth_method === "string") normalized.auth_method = normalized.auth_method.trim().toLowerCase();
+		normalized.auth_method = normalized.auth_method ?? "codex-cli";
+		const metadata = this.extractProfileMetadata(normalized);
+		const workspace = this.resolveWorkspaceIdentity(normalized, metadata);
+		const workspaceId = workspace.id || DEFAULT_WORKSPACE_ID;
+		const workspaceName = workspace.name ?? null;
+		normalized.workspace_id = normalized.workspace_id ?? workspaceId;
+		if (workspaceName) normalized.workspace_name = normalized.workspace_name ?? workspaceName;
+		const email = this.resolveProfileEmail(normalized, metadata) ?? null;
+		if (email) normalized.email = email;
+		const accountId = this.getAccountIdFromData(normalized) ?? null;
+		return {
+			normalized,
+			metadata,
+			workspaceId,
+			workspaceName,
+			email,
+			accountId,
+			identityKey: this.resolveProfileIdentityFromData(null, normalized, metadata),
+			hasTokenPayload: Boolean(normalized.id_token || normalized.access_token || normalized.refresh_token || accountId || email)
+		};
+	}
+	async findProfileForActiveAuth(identityKey, workspaceId) {
+		return this.getProfileRowByIdentityAndWorkspace(identityKey, workspaceId, { preferAuthMethod: "codex-cli" });
+	}
+	async syncMatchedProfileFromActiveAuth(record, description) {
+		if (!this.hasTokenChanges(record.data, description.normalized)) return;
+		const { profile: merged, metadata } = this.mergeProfileRecords(record.data, description.normalized);
+		delete merged.tokenAlert;
+		await this.persistProfileRecord(record.name, merged, metadata);
+	}
+	async assertActiveAuthMatchesRecord(record, message) {
+		const activeAuth = await this.readActiveAuthFile();
+		if (!activeAuth) throw new Error("Active Codex auth is missing. Refresh profiles and try again.");
+		const activeDescription = this.describeActiveAuth(activeAuth);
+		const targetIdentity = this.resolveProfileIdentityFromRecord(record);
+		const targetWorkspaceId = this.normalizeWorkspaceId(record.workspaceId ?? record.data.workspace_id);
+		if (activeDescription.identityKey !== targetIdentity || this.normalizeWorkspaceId(activeDescription.workspaceId) !== targetWorkspaceId) throw new Error(message);
+	}
+	async writeActiveAuthForRecord(record) {
+		const profileData = record.data;
+		const targetIdentity = this.resolveProfileIdentityFromRecord(record);
+		const targetWorkspaceId = this.normalizeWorkspaceId(record.workspaceId ?? profileData.workspace_id);
+		const codexFormat = this.convertToCodexFormat(profileData);
+		await this.writeAtomic(this.activeAuth, JSON.stringify(codexFormat, null, 2));
+		const written = await this.readActiveAuthFile();
+		if (!written) throw new Error("Codex auth file was not written.");
+		const writtenDescription = this.describeActiveAuth(written);
+		if (writtenDescription.identityKey !== targetIdentity) throw new Error("Codex auth verification failed after profile switch.");
+		if (this.normalizeWorkspaceId(writtenDescription.workspaceId) !== targetWorkspaceId) throw new Error("Codex auth workspace verification failed after profile switch.");
+	}
+	async syncActiveAuthFromProfileIfCurrent(name) {
+		const profileName = this.normalizeProfileName(name);
+		const record = await this.getProfileRowByName(profileName);
+		if (!record) return;
+		const activeAuth = await this.readActiveAuthFile();
+		if (!activeAuth) return;
+		const activeDescription = this.describeActiveAuth(activeAuth);
+		const targetIdentity = this.resolveProfileIdentityFromRecord(record);
+		const targetWorkspaceId = this.normalizeWorkspaceId(record.workspaceId ?? record.data.workspace_id);
+		if (activeDescription.identityKey !== targetIdentity || this.normalizeWorkspaceId(activeDescription.workspaceId) !== targetWorkspaceId) return;
+		await this.writeActiveAuthForRecord(record);
+	}
+	async removeActiveAuthFiles() {
+		await promises$1.rm(this.activeAuth, { force: true });
+		await promises$1.rm(this.activeAuthBackup, { force: true });
+		await promises$1.rm(`${this.activeAuth}.tmp`, { force: true });
+	}
+	resolveAutoImportedProfileName(email, existingRecords) {
+		const base = (email ? email.split("@")[0] : "codex-account").trim().replace(/[^A-Za-z0-9._-]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 48) || "codex-account";
+		const used = new Set(existingRecords.map((record) => record.name));
+		let candidate = this.normalizeProfileName(base);
+		let suffix = 2;
+		while (used.has(candidate)) {
+			candidate = this.normalizeProfileName(`${base}-${suffix}`);
+			suffix += 1;
+		}
+		return candidate;
+	}
+	buildActiveCodexAuthStatus(state, description, options) {
+		return {
+			state,
+			profileName: options?.profileName ?? null,
+			email: description?.email ?? null,
+			accountId: description?.accountId ?? null,
+			workspaceId: description?.workspaceId ?? null,
+			workspaceName: description?.workspaceName ?? null,
+			importedProfileName: options?.importedProfileName ?? null,
+			importBlockedReason: options?.importBlockedReason ?? null
+		};
+	}
 	resolveWorkspaceIdentity(data, metadata) {
 		const directId = "workspace_id" in data && typeof data.workspace_id === "string" ? data.workspace_id.trim() : void 0;
 		const directName = "workspace_name" in data && typeof data.workspace_name === "string" ? data.workspace_name.trim() : void 0;
@@ -74343,15 +74465,6 @@ var ProfileManager = class {
 		const normalized = this.normalizeProfileName(name);
 		return await this.readProfileRecord(normalized) ?? void 0;
 	}
-	async getProfileRowByIdentityKey(identityKey, options) {
-		const matches = (await this.listProfileRecords()).filter((record) => this.resolveProfileIdentityFromRecord(record) === identityKey);
-		if (matches.length === 0) return;
-		const mustMatch = typeof options?.authMethod === "string" ? options.authMethod.trim().toLowerCase() : null;
-		if (mustMatch) return matches.find((record) => this.resolveAuthMethod(record.data) === mustMatch);
-		const prefer = typeof options?.preferAuthMethod === "string" ? options.preferAuthMethod.trim().toLowerCase() : null;
-		if (prefer) return matches.find((record) => this.resolveAuthMethod(record.data) === prefer) ?? matches[0];
-		return matches[0];
-	}
 	async getProfileRowByIdentityAndWorkspace(identityKey, workspaceId, options) {
 		const workspaceKey = workspaceId && workspaceId.trim().length > 0 ? workspaceId.trim() : DEFAULT_WORKSPACE_ID;
 		const matches = (await this.listProfileRecords()).filter((record) => {
@@ -74366,6 +74479,9 @@ var ProfileManager = class {
 		if (prefer) return matches.find((record) => this.resolveAuthMethod(record.data) === prefer) ?? matches[0];
 		return matches[0];
 	}
+	normalizeWorkspaceId(value) {
+		return typeof value === "string" && value.trim().length > 0 ? value.trim() : DEFAULT_WORKSPACE_ID;
+	}
 	async persistProfileRecord(name, data, metadata, options) {
 		const resolvedName = this.normalizeProfileName(name);
 		const existingRecord = await this.readProfileRecord(resolvedName);
@@ -74413,6 +74529,23 @@ var ProfileManager = class {
 			metadata: row.metadata
 		});
 	}
+	async deleteProfileRecordAndHome(record) {
+		const profileName = this.normalizeProfileName(record.name);
+		if (!record.accountId) {
+			const dashboardState = await this.readProfileDashboardState();
+			delete dashboardState.customGroupsByAccountKey[resolveFallbackAccountKey(profileName)];
+			await this.writeProfileDashboardState(dashboardState);
+		}
+		try {
+			await promises$1.rm(this.getProfileHomePath(profileName), {
+				recursive: true,
+				force: true
+			});
+		} catch (error) {
+			if (!this.isNotFoundError(error)) logWarn(`Failed to remove profile home for '${profileName}':`, error);
+		}
+		await this.deleteProfileRecord(profileName);
+	}
 	buildProfileFromData(name, data, fallback) {
 		const metadata = fallback?.metadata ?? this.extractProfileMetadata(data);
 		const workspace = this.resolveWorkspaceIdentity(data, metadata);
@@ -74464,6 +74597,12 @@ var ProfileManager = class {
 			}
 		};
 		if (normalizedLastRefresh) codexAuth.last_refresh = normalizedLastRefresh;
+		const email = typeof data.email === "string" ? data.email.trim() : "";
+		if (email) codexAuth.email = email;
+		const workspaceId = typeof data.workspace_id === "string" ? data.workspace_id.trim() : "";
+		if (workspaceId) codexAuth.workspace_id = workspaceId;
+		const workspaceName = typeof data.workspace_name === "string" ? data.workspace_name.trim() : "";
+		if (workspaceName) codexAuth.workspace_name = workspaceName;
 		return codexAuth;
 	}
 	/**
@@ -74482,7 +74621,12 @@ var ProfileManager = class {
 		const rootLastRefresh = typeof data.last_refresh === "string" ? data.last_refresh.trim() : "";
 		const normalizedLastRefresh = tokenLastRefresh || rootLastRefresh;
 		if (normalizedLastRefresh) profile.last_refresh = normalizedLastRefresh;
-		if (data.email) profile.email = data.email;
+		const email = typeof data.email === "string" ? data.email.trim() : "";
+		if (email) profile.email = email;
+		const workspaceId = typeof data.workspace_id === "string" ? data.workspace_id.trim() : "";
+		if (workspaceId) profile.workspace_id = workspaceId;
+		const workspaceName = typeof data.workspace_name === "string" ? data.workspace_name.trim() : "";
+		if (workspaceName) profile.workspace_name = workspaceName;
 		return profile;
 	}
 	mergeProfileRecords(existing, incoming) {
@@ -74584,6 +74728,10 @@ var ProfileManager = class {
 			logWarn(`Skipped syncing tokens for profile '${profileName}' because Codex auth switched to a different OpenAI identity.`);
 			return;
 		}
+		if (this.normalizeWorkspaceId(existing.workspace_id) !== this.normalizeWorkspaceId(normalized.workspace_id)) {
+			logWarn(`Skipped syncing tokens for profile '${profileName}' because Codex auth switched to a different workspace.`);
+			return;
+		}
 		if (!this.hasTokenChanges(existing, normalized)) return;
 		const { profile: merged, metadata: mergedMetadata } = this.mergeProfileRecords(existing, normalized);
 		try {
@@ -74684,7 +74832,7 @@ var ProfileManager = class {
 		if (profileData.auth_method && profileData.auth_method !== "codex-cli") throw new Error("Unsupported auth method. Codex CLI profiles only.");
 		const codexFormat = this.convertToCodexFormat(profileData);
 		const profileHome = await this.prepareProfileHome(profileName, codexFormat);
-		const authPath = path$1.join(profileHome, "auth.json");
+		const authPath = path.join(profileHome, "auth.json");
 		const envOverrides = {
 			...process.env,
 			HOME: profileHome,
@@ -74738,7 +74886,7 @@ var ProfileManager = class {
 			const profileName = this.normalizeProfileName(name);
 			const record = await this.getProfileRowByName(profileName);
 			if (!record) throw new Error(`Profile '${profileName}' not found!`);
-			const authPath = path$1.join(profileHome ?? this.getProfileHomePath(profileName), "auth.json");
+			const authPath = path.join(profileHome ?? this.getProfileHomePath(profileName), "auth.json");
 			let finalAuthContent = null;
 			try {
 				finalAuthContent = await promises$1.readFile(authPath, "utf8");
@@ -74747,79 +74895,70 @@ var ProfileManager = class {
 			}
 			if (finalAuthContent) {
 				await this.syncProfileTokensFromAuthContent(profileName, record.data, finalAuthContent);
+				await this.syncActiveAuthFromProfileIfCurrent(profileName);
 				return;
 			}
 			await this.syncProfileTokensFromActiveAuth(profileName, record.data, authPath);
+			await this.syncActiveAuthFromProfileIfCurrent(profileName);
 		}));
 	}
 	/**
 	* Create a new profile by running codex login
 	*/
-	async createProfile(name) {
-		await this.initialize();
-		const profileName = this.normalizeProfileName(name);
-		if (await this.getProfileRowByName(profileName)) throw new Error(`Profile '${profileName}' already exists!`);
-		let authData;
+	async readAuthFileForImport(authPath, actionLabel) {
+		let authRaw;
 		try {
-			const authRaw = await promises$1.readFile(this.activeAuth, "utf8");
-			authData = JSON.parse(authRaw);
+			authRaw = await promises$1.readFile(authPath, "utf8");
 		} catch (error) {
-			logError("Error creating profile:", error);
-			throw new Error("Failed to create profile. Make sure Codex CLI is installed and you are logged in.");
+			if (this.isNotFoundError(error)) throw new Error(`Codex CLI did not produce an auth file. Complete the login before ${actionLabel}.`);
+			logError(`Failed to read Codex auth file during ${actionLabel}:`, error);
+			throw new Error("Failed to read Codex auth file. Complete the login and try again.");
 		}
-		const normalizedProfile = this.normalizeProfileData(authData);
-		normalizedProfile.created_at = normalizedProfile.created_at ?? (/* @__PURE__ */ new Date()).toISOString();
-		if (typeof normalizedProfile.auth_method === "string") normalizedProfile.auth_method = normalizedProfile.auth_method.trim().toLowerCase();
-		normalizedProfile.auth_method = normalizedProfile.auth_method ?? "codex-cli";
-		const metadata = this.extractProfileMetadata(normalizedProfile);
-		const workspace = this.resolveWorkspaceIdentity(normalizedProfile, metadata);
-		normalizedProfile.workspace_id = normalizedProfile.workspace_id ?? workspace.id ?? DEFAULT_WORKSPACE_ID;
-		if (workspace.name) normalizedProfile.workspace_name = normalizedProfile.workspace_name ?? workspace.name;
-		const resolvedEmail = this.resolveProfileEmail(normalizedProfile, metadata);
-		if (resolvedEmail) normalizedProfile.email = resolvedEmail;
 		try {
-			await this.persistProfileRecord(profileName, normalizedProfile, metadata);
-			const stored = await this.getProfileRowByName(profileName);
-			return stored ? this.buildProfileFromRow(stored) : null;
+			return JSON.parse(authRaw);
 		} catch (error) {
-			logError("Error creating profile:", error);
-			throw new Error("Failed to create profile. Make sure Codex CLI is installed and you are logged in.");
+			logError(`Failed to parse Codex auth file during ${actionLabel}:`, error);
+			throw new Error("Failed to parse Codex auth file. Complete the login and try again.");
 		}
 	}
-	/**
-	* Switch to a different profile
-	*/
-	async switchToProfile(name) {
-		await this.initialize();
+	async persistNewProfileFromAuth(profileName, authData) {
+		const description = this.describeActiveAuth(authData);
+		const normalizedProfile = description.normalized;
+		normalizedProfile.created_at = normalizedProfile.created_at ?? (/* @__PURE__ */ new Date()).toISOString();
+		await this.persistProfileRecord(profileName, normalizedProfile, description.metadata);
+		const stored = await this.getProfileRowByName(profileName);
+		return stored ? this.buildProfileFromRow(stored) : null;
+	}
+	async createProfile(name) {
 		const profileName = this.normalizeProfileName(name);
-		const record = await this.getProfileRowByName(profileName);
-		if (!record) throw new Error(`Profile '${profileName}' not found!`);
-		try {
-			const profileData = record.data;
-			const codexFormat = this.convertToCodexFormat(profileData);
-			await this.writeAtomic(this.activeAuth, JSON.stringify(codexFormat, null, 2));
-			await this.persistPreferredProfileName(profileName);
-			return true;
-		} catch (error) {
-			logError("Error switching profile:", error);
-			throw new Error("Failed to switch profile");
-		}
+		return this.enqueueProfileOperation(profileName, () => this.enqueueAuthSwap(async () => {
+			await this.initialize();
+			if (await this.getProfileRowByName(profileName)) throw new Error(`Profile '${profileName}' already exists!`);
+			try {
+				const authData = await this.readAuthFileForImport(this.activeAuth, "profile creation");
+				return await this.persistNewProfileFromAuth(profileName, authData);
+			} catch (error) {
+				logError("Error creating profile:", error);
+				throw new Error("Failed to create profile. Make sure Codex CLI is installed and you are logged in.");
+			}
+		}));
 	}
-	async refreshProfileAuth(name) {
-		await this.initialize();
+	async createProfileFromAuthFile(name, authPath) {
 		const profileName = this.normalizeProfileName(name);
-		const record = await this.getProfileRowByName(profileName);
-		if (!record) throw new Error(`Profile '${profileName}' not found!`);
+		return this.enqueueProfileOperation(profileName, async () => {
+			await this.initialize();
+			if (await this.getProfileRowByName(profileName)) throw new Error(`Profile '${profileName}' already exists!`);
+			try {
+				const authData = await this.readAuthFileForImport(authPath, "profile creation");
+				return await this.persistNewProfileFromAuth(profileName, authData);
+			} catch (error) {
+				logError("Error creating profile:", error);
+				throw new Error("Failed to create profile. Make sure Codex CLI is installed and you are logged in.");
+			}
+		});
+	}
+	async refreshProfileAuthWithData(profileName, record, activeAuth) {
 		const existing = record.data;
-		let activeAuth;
-		try {
-			const authContent = await promises$1.readFile(this.activeAuth, "utf8");
-			activeAuth = JSON.parse(authContent);
-		} catch (error) {
-			if (this.isNotFoundError(error)) throw new Error("Codex CLI did not produce an auth file. Complete the login before refreshing this profile.");
-			logError("Failed to read Codex auth file during refresh:", error);
-			throw new Error("Failed to read Codex auth file. Complete the login and try again.");
-		}
 		const normalized = this.normalizeProfileData(activeAuth);
 		const existingMetadata = record.metadata ?? this.extractProfileMetadata(existing);
 		const currentWorkspace = this.resolveWorkspaceIdentity(existing, existingMetadata);
@@ -74852,15 +74991,72 @@ var ProfileManager = class {
 		return profile;
 	}
 	/**
+	* Switch to a different profile
+	*/
+	async switchToProfile(name) {
+		const profileName = this.normalizeProfileName(name);
+		return this.enqueueProfileOperation(profileName, () => this.enqueueAuthSwap(async () => {
+			await this.initialize();
+			const record = await this.getProfileRowByName(profileName);
+			if (!record) throw new Error(`Profile '${profileName}' not found!`);
+			try {
+				await this.writeActiveAuthForRecord(record);
+				return true;
+			} catch (error) {
+				logError("Error switching profile:", error);
+				throw new Error("Failed to switch profile");
+			}
+		}));
+	}
+	async refreshProfileAuth(name) {
+		const profileName = this.normalizeProfileName(name);
+		return this.enqueueProfileOperation(profileName, () => this.enqueueAuthSwap(async () => {
+			await this.initialize();
+			const record = await this.getProfileRowByName(profileName);
+			if (!record) throw new Error(`Profile '${profileName}' not found!`);
+			const activeAuth = await this.readAuthFileForImport(this.activeAuth, "profile refresh");
+			return this.refreshProfileAuthWithData(profileName, record, activeAuth);
+		}));
+	}
+	async refreshProfileAuthFromFile(name, authPath) {
+		const profileName = this.normalizeProfileName(name);
+		return this.enqueueProfileOperation(profileName, async () => {
+			await this.initialize();
+			const record = await this.getProfileRowByName(profileName);
+			if (!record) throw new Error(`Profile '${profileName}' not found!`);
+			const activeAuth = await this.readAuthFileForImport(authPath, "profile refresh");
+			const profile = await this.refreshProfileAuthWithData(profileName, record, activeAuth);
+			await this.enqueueAuthSwap(async () => {
+				await this.syncActiveAuthFromProfileIfCurrent(profileName);
+			});
+			return profile;
+		});
+	}
+	/**
 	* Execute an action with a profile's auth injected.
 	* Creates an isolated CODEX_HOME with the profile's auth/config, invokes the action
 	* with env overrides, then syncs any refreshed tokens back to the profile.
 	*/
 	async runWithProfileAuth(name, action) {
-		return this.enqueueProfileOperation(name, () => this.enqueueAuthSwap(() => this.runWithPreparedProfileHome(name, action, { syncFromActiveAuthBeforeAction: true })));
+		return this.enqueueProfileOperation(name, () => this.enqueueAuthSwap(async () => {
+			try {
+				return await this.runWithPreparedProfileHome(name, action, { syncFromActiveAuthBeforeAction: true });
+			} finally {
+				await this.syncActiveAuthFromProfileIfCurrent(name);
+			}
+		}));
 	}
 	async readLiveRateLimits(name, options = {}) {
-		return this.enqueueProfileOperation(name, () => this.runWithPreparedProfileHome(name, (env) => fetchRateLimitsViaRpc(env, { codexPath: options.codexPath }), { syncFromActiveAuthBeforeAction: false }));
+		const profileName = this.normalizeProfileName(name);
+		try {
+			return await this.enqueueProfileOperation(profileName, () => this.runWithPreparedProfileHome(profileName, (env) => fetchRateLimitsViaRpc(env, { codexPath: options.codexPath }), { syncFromActiveAuthBeforeAction: false }));
+		} finally {
+			await this.enqueueAuthSwap(async () => {
+				await this.syncActiveAuthFromProfileIfCurrent(profileName);
+			}).catch((error) => {
+				logWarn(`Failed to sync active auth after rate-limit probe for '${profileName}':`, error);
+			});
+		}
 	}
 	/**
 	* Rename a profile
@@ -74872,8 +75068,6 @@ var ProfileManager = class {
 		const existing = await this.getProfileRowByName(sourceName);
 		if (!existing) throw new Error(`Profile '${sourceName}' not found!`);
 		if (await this.getProfileRowByName(targetName)) throw new Error(`Profile '${targetName}' already exists!`);
-		const preferred = await this.readPreferredProfileName();
-		if (preferred && preferred === sourceName) await this.persistPreferredProfileName(targetName);
 		const oldHome = this.getProfileHomePath(sourceName);
 		const newHome = this.getProfileHomePath(targetName);
 		try {
@@ -74930,24 +75124,37 @@ var ProfileManager = class {
 		const profileName = this.normalizeProfileName(name);
 		const record = await this.getProfileRowByName(profileName);
 		if (!record) throw new Error(`Profile '${profileName}' not found!`);
-		if (!record.accountId) {
-			const dashboardState = await this.readProfileDashboardState();
-			delete dashboardState.customGroupsByAccountKey[resolveFallbackAccountKey(profileName)];
-			await this.writeProfileDashboardState(dashboardState);
-		}
-		const preferred = await this.readPreferredProfileName();
-		if (preferred && preferred === profileName) await this.persistPreferredProfileName(null);
-		try {
-			await promises$1.rm(this.getProfileHomePath(profileName), {
-				recursive: true,
-				force: true
-			});
-		} catch (error) {
-			if (!this.isNotFoundError(error)) logWarn(`Failed to remove profile home for '${profileName}':`, error);
-		}
-		await this.deleteProfileRecord(profileName);
+		await this.deleteProfileRecordAndHome(record);
 		return true;
 	}
+	async deleteActiveProfileAndSwitch(name, replacementName) {
+		const profileName = this.normalizeProfileName(name);
+		const nextProfileName = this.normalizeProfileName(replacementName);
+		if (profileName === nextProfileName) throw new Error("Replacement profile must be different from the deleted profile.");
+		return this.enqueueAuthSwap(async () => {
+			await this.initialize();
+			const record = await this.getProfileRowByName(profileName);
+			if (!record) throw new Error(`Profile '${profileName}' not found!`);
+			const replacement = await this.getProfileRowByName(nextProfileName);
+			if (!replacement) throw new Error(`Profile '${nextProfileName}' not found!`);
+			await this.assertActiveAuthMatchesRecord(record, "Active Codex login changed before deletion. Refresh profiles and try again.");
+			await this.writeActiveAuthForRecord(replacement);
+			await this.deleteProfileRecordAndHome(record);
+			return true;
+		});
+	}
+	async deleteActiveProfileAndAuth(name) {
+		const profileName = this.normalizeProfileName(name);
+		return this.enqueueAuthSwap(async () => {
+			await this.initialize();
+			const record = await this.getProfileRowByName(profileName);
+			if (!record) throw new Error(`Profile '${profileName}' not found!`);
+			await this.assertActiveAuthMatchesRecord(record, "Active Codex login changed before deletion. Refresh profiles and try again.");
+			await this.removeActiveAuthFiles();
+			await this.deleteProfileRecordAndHome(record);
+			return true;
+		});
+	}
 	/**
 	* Delete every profile that does not appear in the allow-list.
 	* Used to enforce plan limits when local storage was tampered with.
@@ -74977,67 +75184,46 @@ var ProfileManager = class {
 		} catch (error) {
 			if (!this.isNotFoundError(error)) logWarn(`Failed to remove profile '${name}' during plan enforcement:`, error);
 		}
-		const preferred = await this.readPreferredProfileName();
-		if (preferred && removed.includes(preferred)) await this.persistPreferredProfileName(null);
 		return removed;
 	}
+	async getActiveCodexAuthStatus(options = {}) {
+		return this.enqueueAuthSwap(async () => {
+			await this.initialize();
+			const activeAuth = await this.readActiveAuthFile();
+			if (!activeAuth) return this.buildActiveCodexAuthStatus("missing");
+			const description = this.describeActiveAuth(activeAuth);
+			if (!description.hasTokenPayload || !description.identityKey) return this.buildActiveCodexAuthStatus("unknown", description);
+			const matching = await this.findProfileForActiveAuth(description.identityKey, description.workspaceId);
+			if (matching) {
+				const normalized = this.normalizeProfileName(matching.name);
+				await this.syncMatchedProfileFromActiveAuth(matching, description);
+				return this.buildActiveCodexAuthStatus("matched", description, { profileName: normalized });
+			}
+			if (!options.autoImport) return this.buildActiveCodexAuthStatus("unmanaged", description);
+			if (options.canAutoImport === false) return this.buildActiveCodexAuthStatus("unmanaged", description, { importBlockedReason: options.importBlockedReason ?? "Profile limit reached. Upgrade to CodexUse Pro or remove a profile before importing this Codex login." });
+			const records = await this.listProfileRecords();
+			const profileName = this.resolveAutoImportedProfileName(description.email, records);
+			const profileData = {
+				...description.normalized,
+				auth_method: "codex-cli",
+				created_at: description.normalized.created_at ?? (/* @__PURE__ */ new Date()).toISOString()
+			};
+			await this.persistProfileRecord(profileName, profileData, description.metadata, { displayName: description.email ?? profileName });
+			return this.buildActiveCodexAuthStatus("matched", description, {
+				profileName,
+				importedProfileName: profileName
+			});
+		});
+	}
 	/**
-	* Check if the current auth matches a profile (for smart detection)
+	* Check if the real Codex auth file matches a saved profile.
 	*/
 	async getCurrentProfile() {
-		await this.initialize();
-		const preferredName = await this.readPreferredProfileName();
-		if (preferredName) try {
-			const normalizedPreferred = this.normalizeProfileName(preferredName);
-			if (await this.getProfileRowByName(normalizedPreferred)) return {
-				name: normalizedPreferred,
-				trusted: true
-			};
-		} catch {}
-		const activeAuth = await this.readActiveAuthFile();
-		if (activeAuth) {
-			const normalizedAuth = this.normalizeProfileData(activeAuth);
-			const authMetadata = this.extractProfileMetadata(normalizedAuth);
-			const workspace = this.resolveWorkspaceIdentity(normalizedAuth, authMetadata);
-			const activeIdentityKey = this.resolveProfileIdentityFromData(null, normalizedAuth, authMetadata);
-			if (activeIdentityKey) {
-				const scoped = await this.getProfileRowByIdentityAndWorkspace(activeIdentityKey, workspace.id ?? DEFAULT_WORKSPACE_ID, { preferAuthMethod: "codex-cli" });
-				if (scoped) {
-					const normalized = this.normalizeProfileName(scoped.name);
-					await this.persistPreferredProfileName(normalized);
-					return {
-						name: normalized,
-						trusted: true
-					};
-				}
-				const matching = await this.getProfileRowByIdentityKey(activeIdentityKey, { preferAuthMethod: "codex-cli" });
-				if (matching) {
-					const normalized = this.normalizeProfileName(matching.name);
-					await this.persistPreferredProfileName(normalized);
-					return {
-						name: normalized,
-						trusted: true
-					};
-				}
-			}
-		}
-		const preferred = await this.readPreferredProfileName();
-		if (preferred) {
-			try {
-				const normalized = this.normalizeProfileName(preferred);
-				if (await this.getProfileRowByName(normalized)) return {
-					name: normalized,
-					trusted: true
-				};
-			} catch {
-				await this.persistPreferredProfileName(null);
-				return {
-					name: null,
-					trusted: false
-				};
-			}
-			await this.persistPreferredProfileName(null);
-		}
+		const status = await this.getActiveCodexAuthStatus({ autoImport: false });
+		if (status.state === "matched" && status.profileName) return {
+			name: status.profileName,
+			trusted: true
+		};
 		return {
 			name: null,
 			trusted: false
@@ -75129,13 +75315,6 @@ var ProfileManager = class {
 				if (!this.isNotFoundError(error)) logWarn(`Failed to remove profile '${name}' during cloud sync replace:`, error);
 			}
 		}
-		const preferred = await this.readPreferredProfileName();
-		if (preferred) try {
-			const normalizedPreferred = this.normalizeProfileName(preferred);
-			if (!normalized.has(normalizedPreferred)) await this.persistPreferredProfileName(null);
-		} catch {
-			await this.persistPreferredProfileName(null);
-		}
 		return {
 			imported: normalized.size,
 			removed
@@ -75159,6 +75338,58 @@ async function loadCachedRateLimitSnapshots(keys) {
 	return results;
 }
 //#endregion
+//#region ../../packages/runtime-profiles/src/profiles/profile-visibility.ts
+function resolveLicenseVisibleProfiles(args) {
+	const { profiles, license, currentProfile } = args;
+	const licenseWithCounts = licenseService.applyProfileCount(license, profiles.length);
+	const enforceProfileLimit = shouldEnforceProfileLimit(licenseWithCounts);
+	const visibleProfiles = enforceProfileLimit ? resolveVisibleProfiles(profiles, licenseWithCounts, currentProfile) : profiles;
+	return {
+		allProfiles: profiles,
+		profiles: licenseWithCounts.isPro ? profiles : visibleProfiles,
+		license,
+		licenseWithCounts,
+		enforceProfileLimit
+	};
+}
+async function loadLicenseVisibleProfiles(profileManager, options = {}) {
+	await profileManager.initialize();
+	const license = options.freshLicense ? await licenseService.getStatus() : await licenseService.getCachedStatus();
+	return resolveLicenseVisibleProfiles({
+		profiles: await profileManager.listProfiles(),
+		license,
+		currentProfile: options.currentProfile !== void 0 ? options.currentProfile : (await profileManager.getCurrentProfile()).name
+	});
+}
+function resolveVisibleProfiles(profiles, license, currentProfile) {
+	if (license.isPro) return profiles;
+	const limit = typeof license.profileLimit === "number" && license.profileLimit >= 0 ? license.profileLimit : 2;
+	if (profiles.length <= limit) return profiles;
+	const normalizedCurrent = currentProfile ?? null;
+	return profiles.slice().sort((a, b) => compareProfilesForLimit(a, b, normalizedCurrent)).slice(0, limit);
+}
+function compareProfilesForLimit(a, b, currentProfile) {
+	if (currentProfile) {
+		if (a.name === currentProfile && b.name !== currentProfile) return -1;
+		if (b.name === currentProfile && a.name !== currentProfile) return 1;
+	}
+	if (Boolean(a.isValid) !== Boolean(b.isValid)) return a.isValid ? -1 : 1;
+	const aTimestamp = parseTimestamp(a.createdAt ?? null);
+	const bTimestamp = parseTimestamp(b.createdAt ?? null);
+	if (aTimestamp !== null && bTimestamp !== null) {
+		if (aTimestamp === bTimestamp) return a.name.localeCompare(b.name);
+		return bTimestamp - aTimestamp;
+	}
+	if (aTimestamp !== null) return -1;
+	if (bTimestamp !== null) return 1;
+	return a.name.localeCompare(b.name);
+}
+function parseTimestamp(value) {
+	if (typeof value !== "string" || value.trim() === "") return null;
+	const parsed = Date.parse(value);
+	return Number.isNaN(parsed) ? null : parsed;
+}
+//#endregion
 //#region ../../packages/runtime-profiles/src/profiles/rate-limit-probe.ts
 const MIN_REFRESH_INTERVAL_MS = 3 * 6e4;
 const DEFAULT_REFRESH_INTERVAL_MS = 3 * 6e4;
@@ -75552,7 +75783,8 @@ async function executeAccountRefresh(accountId, state, options = {}) {
 async function bootstrapInitialRefresh() {
 	try {
 		await ensureProfileManagerReady();
-		await refreshRateLimitTelemetry(sharedProfileManager, await sharedProfileManager.listProfiles(), /* @__PURE__ */ new Map(), { enqueueAll: true });
+		const { profiles } = await loadLicenseVisibleProfiles(sharedProfileManager);
+		await refreshRateLimitTelemetry(sharedProfileManager, profiles, /* @__PURE__ */ new Map(), { enqueueAll: true });
 		emitRefreshState();
 	} catch (error) {
 		logError("Failed to bootstrap rate-limit refresh queue:", error);
@@ -75589,66 +75821,67 @@ function profileKey(profile) {
 }
 /**
 * Loads profiles and related telemetry for the dashboard.
-* When the user is not on a Pro license and has saved more profiles than allowed,
-* this method prunes unauthorized profiles from disk (best effort; logs errors on failure).
+* When a free user has more saved profiles than allowed, extra profiles are hidden,
+* not deleted.
 */
 async function loadProfilesViewData(options = {}) {
 	const backgroundRefresh = options.backgroundRefresh !== false;
 	await profileManager.initialize();
 	const license = await licenseService.getCachedStatus();
 	if (backgroundRefresh) licenseService.refreshStatusInBackground();
-	const { name: currentProfile, trusted: currentProfileTrusted } = await profileManager.getCurrentProfile();
+	const initialVisible = resolveLicenseVisibleProfiles({
+		profiles: await profileManager.listProfiles(),
+		license,
+		currentProfile: null
+	});
+	const initialLicenseWithCounts = initialVisible.licenseWithCounts;
+	const canAutoImportActiveAuth = !initialVisible.enforceProfileLimit || initialLicenseWithCounts.profilesRemaining === null || initialLicenseWithCounts.profilesRemaining > 0;
+	const activeCodexAuth = await profileManager.getActiveCodexAuthStatus({
+		autoImport: options.autoImportActiveAuth === true,
+		canAutoImport: canAutoImportActiveAuth
+	});
+	const currentProfile = activeCodexAuth.state === "matched" && activeCodexAuth.profileName ? activeCodexAuth.profileName : null;
+	const currentProfileTrusted = Boolean(currentProfile);
 	const profiles = await profileManager.listProfiles();
 	const customGroupsByAccountKey = await profileManager.getCustomGroupsByAccountKey();
-	const licenseWithCounts = licenseService.applyProfileCount(license, profiles.length);
-	const visibleProfiles = (typeof shouldEnforceProfileLimit === "function" ? shouldEnforceProfileLimit(licenseWithCounts) : !licenseWithCounts.isPro && licenseWithCounts.state === "inactive" && !licenseWithCounts.error) ? resolveVisibleProfiles(profiles, licenseWithCounts, currentProfile) : profiles;
-	const effectiveProfiles = licenseWithCounts.isPro ? profiles : visibleProfiles;
-	const rateLimitEnabled = licenseWithCounts.isPro;
-	let refreshStatus = {
-		pendingAccountIds: [],
-		inFlightAccountIds: [],
-		cooldownAccountIds: [],
-		errors: []
-	};
-	let enrichedProfiles = effectiveProfiles;
-	if (rateLimitEnabled) {
-		const rateLimitEligible = effectiveProfiles.filter((profile) => profile.isValid && !profile.tokenStatus?.requiresUserAction);
-		const resolvedSnapshots = await resolveRateLimitSnapshots(rateLimitEligible.map((profile) => profileKey(profile)));
-		if (backgroundRefresh) {
-			ensureRateLimitRefresher();
-			await refreshRateLimitTelemetry(profileManager, rateLimitEligible, resolvedSnapshots);
-		}
-		const refreshState = getRateLimitRefreshState();
-		refreshStatus = {
-			pendingAccountIds: refreshState.queuedAccountIds.slice(),
-			inFlightAccountIds: refreshState.inFlightAccountIds.slice(),
-			cooldownAccountIds: refreshState.cooldownAccountIds.slice(),
-			lastRefreshStartedAt: refreshState.lastRefreshStartedAt ? new Date(refreshState.lastRefreshStartedAt).toISOString() : void 0,
-			lastRefreshCompletedAt: refreshState.lastRefreshCompletedAt ? new Date(refreshState.lastRefreshCompletedAt).toISOString() : void 0,
-			errors: (refreshState.errors ?? []).map((issue) => ({
-				accountId: issue.accountId,
-				profileName: issue.profileName,
-				message: issue.message,
-				code: issue.code,
-				observedAt: issue.observedAt ? new Date(issue.observedAt).toISOString() : void 0
-			}))
-		};
-		const snapshotMap = resolvedSnapshots;
-		enrichedProfiles = effectiveProfiles.map((profile) => ({
-			...profile,
-			rateLimit: snapshotMap.get(profileKey(profile)) ?? null
-		}));
-	} else enrichedProfiles = effectiveProfiles.map((profile) => ({
-		...profile,
-		rateLimit: null
-	}));
+	const visible = resolveLicenseVisibleProfiles({
+		profiles,
+		license,
+		currentProfile
+	});
+	const effectiveProfiles = visible.profiles;
+	const rateLimitEligible = effectiveProfiles.filter((profile) => profile.isValid && !profile.tokenStatus?.requiresUserAction);
+	const resolvedSnapshots = await resolveRateLimitSnapshots(rateLimitEligible.map((profile) => profileKey(profile)));
+	if (backgroundRefresh) {
+		ensureRateLimitRefresher();
+		await refreshRateLimitTelemetry(profileManager, rateLimitEligible, resolvedSnapshots);
+	}
+	const refreshState = getRateLimitRefreshState();
+	const refreshStatus = {
+		pendingAccountIds: refreshState.queuedAccountIds.slice(),
+		inFlightAccountIds: refreshState.inFlightAccountIds.slice(),
+		cooldownAccountIds: refreshState.cooldownAccountIds.slice(),
+		lastRefreshStartedAt: refreshState.lastRefreshStartedAt ? new Date(refreshState.lastRefreshStartedAt).toISOString() : void 0,
+		lastRefreshCompletedAt: refreshState.lastRefreshCompletedAt ? new Date(refreshState.lastRefreshCompletedAt).toISOString() : void 0,
+		errors: (refreshState.errors ?? []).map((issue) => ({
+			accountId: issue.accountId,
+			profileName: issue.profileName,
+			message: issue.message,
+			code: issue.code,
+			observedAt: issue.observedAt ? new Date(issue.observedAt).toISOString() : void 0
+		}))
+	};
 	return {
-		profiles: enrichedProfiles,
+		profiles: effectiveProfiles.map((profile) => ({
+			...profile,
+			rateLimit: resolvedSnapshots.get(profileKey(profile)) ?? null
+		})),
 		currentProfile,
 		currentProfileTrusted,
 		refreshStatus,
-		license: licenseWithCounts,
-		customGroupsByAccountKey
+		license: visible.licenseWithCounts,
+		customGroupsByAccountKey,
+		activeCodexAuth
 	};
 }
 async function resolveRateLimitSnapshots(accountIds) {
@@ -75656,34 +75889,6 @@ async function resolveRateLimitSnapshots(accountIds) {
 	if (uniqueAccountIds.length === 0) return /* @__PURE__ */ new Map();
 	return await loadCachedRateLimitSnapshots(uniqueAccountIds);
 }
-function resolveVisibleProfiles(profiles, license, currentProfile) {
-	if (license.isPro) return profiles;
-	const limit = typeof license.profileLimit === "number" && license.profileLimit >= 0 ? license.profileLimit : 2;
-	if (profiles.length <= limit) return profiles;
-	const normalizedCurrent = currentProfile ?? null;
-	return profiles.slice().sort((a, b) => compareProfilesForLimit(a, b, normalizedCurrent)).slice(0, limit);
-}
-function compareProfilesForLimit(a, b, currentProfile) {
-	if (currentProfile) {
-		if (a.name === currentProfile && b.name !== currentProfile) return -1;
-		if (b.name === currentProfile && a.name !== currentProfile) return 1;
-	}
-	if (Boolean(a.isValid) !== Boolean(b.isValid)) return a.isValid ? -1 : 1;
-	const aTimestamp = parseTimestamp(a.createdAt ?? null);
-	const bTimestamp = parseTimestamp(b.createdAt ?? null);
-	if (aTimestamp !== null && bTimestamp !== null) {
-		if (aTimestamp === bTimestamp) return a.name.localeCompare(b.name);
-		return bTimestamp - aTimestamp;
-	}
-	if (aTimestamp !== null) return -1;
-	if (bTimestamp !== null) return 1;
-	return a.name.localeCompare(b.name);
-}
-function parseTimestamp(value) {
-	if (typeof value !== "string" || value.trim() === "") return null;
-	const parsed = Date.parse(value);
-	return Number.isNaN(parsed) ? null : parsed;
-}
 //#endregion
 //#region src/account-pool/service.ts
 const ACCOUNT_POOL_DOCUMENT = "desktop.account-pool.v2";
@@ -75854,7 +76059,7 @@ function sessionTtlMs(affinityKind) {
 	}
 }
 function toStoreDbPath(stateDir) {
-	return path.join(stateDir, "state.sqlite");
+	return nodePath.join(stateDir, "state.sqlite");
 }
 function createDefaultStore() {
 	return {
@@ -77726,15 +77931,19 @@ var LocalAccountPool = class LocalAccountPool {
 		return map;
 	}
 	async resolveProfiles(settings, store) {
-		const [profilesView, autoRollSettings] = await Promise.all([loadProfilesViewData({ backgroundRefresh: false }), getStoredAutoRollSettings()]);
+		const [profilesView, autoRollSettings] = await Promise.all([loadProfilesViewData({
+			backgroundRefresh: false,
+			autoImportActiveAuth: false
+		}), getStoredAutoRollSettings()]);
 		const selectedProfileNames = settings.accountPoolProfilePool.length > 0 ? settings.accountPoolProfilePool.slice() : profilesView.profiles.map((profile) => profile.name);
 		const selectedSet = new Set(selectedProfileNames);
-		const switchThreshold = autoRollSettings?.switchThreshold ?? 95;
+		const switchRemainingThreshold = autoRollSettings?.switchRemainingThreshold ?? 5;
 		const now = Date.now();
 		const activeSessionCounts = this.buildActiveSessionCountMap(store);
 		const profileViews = profilesView.profiles.map((profile) => {
 			const selected = selectedSet.has(profile.name);
 			const usedPercent = maxRateLimitUsedPercent(profile);
+			const remainingPercent = typeof usedPercent === "number" ? Math.max(0, 100 - usedPercent) : null;
 			const profileState = store.profilesByName[profile.name];
 			const cooldownUntilMs = profileState?.cooldownUntil ? Date.parse(profileState.cooldownUntil) : NaN;
 			let reason = null;
@@ -77742,7 +77951,7 @@ var LocalAccountPool = class LocalAccountPool {
 			else if (!profile.isValid) reason = "Profile auth is invalid.";
 			else if (profile.tokenStatus?.requiresUserAction) reason = profile.tokenStatus.reason ?? "Profile requires re-authentication.";
 			else if (Number.isFinite(cooldownUntilMs) && cooldownUntilMs > now) reason = `Cooling down until ${new Date(cooldownUntilMs).toLocaleTimeString()}.`;
-			else if (typeof usedPercent === "number" && usedPercent >= switchThreshold) reason = `Rate limit usage is ${Math.round(usedPercent)}%.`;
+			else if (remainingPercent !== null && remainingPercent <= switchRemainingThreshold) reason = `Rate limit remaining is ${Math.round(remainingPercent)}%.`;
 			return {
 				name: profile.name,
 				displayName: profile.displayName ?? null,
@@ -78213,14 +78422,14 @@ function extractIconHref(source) {
 }
 function resolveIconHref(projectCwd, href) {
 	const clean = href.replace(/^\//, "");
-	return [path.join(projectCwd, "public", clean), path.join(projectCwd, clean)];
+	return [nodePath.join(projectCwd, "public", clean), nodePath.join(projectCwd, clean)];
 }
 function isPathWithinProject(projectCwd, candidatePath) {
-	const relative = path.relative(path.resolve(projectCwd), path.resolve(candidatePath));
-	return relative === "" || !relative.startsWith("..") && !path.isAbsolute(relative);
+	const relative = nodePath.relative(nodePath.resolve(projectCwd), nodePath.resolve(candidatePath));
+	return relative === "" || !relative.startsWith("..") && !nodePath.isAbsolute(relative);
 }
 function serveFaviconFile(filePath, res) {
-	const contentType = FAVICON_MIME_TYPES[path.extname(filePath).toLowerCase()] ?? "application/octet-stream";
+	const contentType = FAVICON_MIME_TYPES[nodePath.extname(filePath).toLowerCase()] ?? "application/octet-stream";
 	fs.readFile(filePath, (readErr, data) => {
 		if (readErr) {
 			res.writeHead(500, { "Content-Type": "text/plain" });
@@ -78272,7 +78481,7 @@ function tryHandleProjectFaviconRequest(url, res) {
 			serveFallbackFavicon(res);
 			return;
 		}
-		const sourceFile = path.join(projectCwd, ICON_SOURCE_FILES[index]);
+		const sourceFile = nodePath.join(projectCwd, ICON_SOURCE_FILES[index]);
 		fs.readFile(sourceFile, "utf8", (err, content) => {
 			if (err) {
 				trySourceFiles(index + 1);
@@ -78291,7 +78500,7 @@ function tryHandleProjectFaviconRequest(url, res) {
 			trySourceFiles(0);
 			return;
 		}
-		const candidate = path.join(projectCwd, FAVICON_CANDIDATES[index]);
+		const candidate = nodePath.join(projectCwd, FAVICON_CANDIDATES[index]);
 		if (!isPathWithinProject(projectCwd, candidate)) {
 			tryCandidates(index + 1);
 			return;
@@ -78458,18 +78667,18 @@ const REGISTRY_TIMEOUT_MS = 1e4;
 let freshnessCache = null;
 function buildEnv() {
 	const env = { ...process.env };
-	const homeDir = env.HOME ?? env.USERPROFILE ?? os.homedir();
+	const homeDir = env.HOME ?? env.USERPROFILE ?? nodeOs.homedir();
 	const extra = [
 		"/opt/homebrew/bin",
 		"/usr/local/bin",
-		path.join(homeDir, ".local", "bin"),
-		path.join(homeDir, ".fnm", "aliases", "default", "bin"),
-		path.join(homeDir, ".fnm", "current", "bin"),
-		path.join(homeDir, ".volta", "bin"),
-		path.join(homeDir, ".asdf", "shims")
+		nodePath.join(homeDir, ".local", "bin"),
+		nodePath.join(homeDir, ".fnm", "aliases", "default", "bin"),
+		nodePath.join(homeDir, ".fnm", "current", "bin"),
+		nodePath.join(homeDir, ".volta", "bin"),
+		nodePath.join(homeDir, ".asdf", "shims")
 	];
-	const segments = [...(env.PATH ?? "").split(path.delimiter).filter(Boolean), ...extra];
-	env.PATH = Array.from(new Set(segments)).join(path.delimiter);
+	const segments = [...(env.PATH ?? "").split(nodePath.delimiter).filter(Boolean), ...extra];
+	env.PATH = Array.from(new Set(segments)).join(nodePath.delimiter);
 	return env;
 }
 function runCommand$2(command, args, env) {
@@ -78481,7 +78690,7 @@ function runCommand$2(command, args, env) {
 function resolveRunnableCommand(command, env, shellInfo) {
 	const resolved = resolveCommandPath(command, env, shellInfo)?.trim();
 	if (!resolved) return command;
-	if (resolved.includes(path.sep) || resolved.includes("/")) return resolved;
+	if (resolved.includes(nodePath.sep) || resolved.includes("/")) return resolved;
 	return command;
 }
 function resolveShell() {
@@ -78811,15 +79020,15 @@ function isMissingPathError(error) {
 	return error.code === "ENOENT";
 }
 function resolveHomeDir() {
-	const home = process.env.HOME || process.env.USERPROFILE || os.homedir();
+	const home = process.env.HOME || process.env.USERPROFILE || nodeOs.homedir();
 	if (!home) throw new Error("HOME is not set.");
 	return home;
 }
 function resolveCodexDir() {
-	return path.join(resolveHomeDir(), ".codex");
+	return nodePath.join(resolveHomeDir(), ".codex");
 }
 function resolveLegacyPath(...segments) {
-	return path.join(resolveCodexDir(), ...segments);
+	return nodePath.join(resolveCodexDir(), ...segments);
 }
 function pickAutoRoll(raw) {
 	if (!raw) return null;
@@ -78888,9 +79097,13 @@ function mergeLegacyLocalStoragePatch(payload) {
 	if (autoRoll) {
 		patch.autoRoll = {
 			enabled: autoRoll.enabled,
-			warningThreshold: autoRoll.warningThreshold,
-			switchThreshold: autoRoll.switchThreshold,
-			restartOfficialCodexOnAutoRoll: autoRoll.restartOfficialCodexOnAutoRoll
+			rearmRemainingThreshold: autoRoll.rearmRemainingThreshold,
+			switchRemainingThreshold: autoRoll.switchRemainingThreshold,
+			restartOfficialCodexOnAutoRoll: autoRoll.restartOfficialCodexOnAutoRoll,
+			launchOfficialCodexWhenClosedOnAutoRoll: autoRoll.launchOfficialCodexWhenClosedOnAutoRoll,
+			priorityOrder: autoRoll.priorityOrder,
+			lowRemainingNotificationEnabled: autoRoll.lowRemainingNotificationEnabled,
+			lowRemainingNotificationThreshold: autoRoll.lowRemainingNotificationThreshold
 		};
 		markSkippedIfPresent("codex:auto-roll-settings", true);
 	} else markSkippedIfPresent("codex:auto-roll-settings", false);
@@ -78909,8 +79122,8 @@ async function removeIfExists(target) {
 async function cleanupLegacyCanonicalSources() {
 	const homeDir = resolveHomeDir();
 	await removeIfExists(resolveLegacyAppStatePath());
-	await removeIfExists(path.join(getUserDataDir(), LEGACY_APP_SETTINGS_PARITY_FILE));
-	await removeIfExists(path.join(homeDir, SQLITE_STORAGE_DIR));
+	await removeIfExists(nodePath.join(getUserDataDir(), LEGACY_APP_SETTINGS_PARITY_FILE));
+	await removeIfExists(nodePath.join(homeDir, SQLITE_STORAGE_DIR));
 	await removeIfExists(resolveLegacyPath(LEGACY_SETTINGS_FILE));
 	await removeIfExists(resolveLegacyPath(LEGACY_SETTINGS_BACKUP_FILE));
 	await removeIfExists(resolveLegacyPath(LEGACY_SYNC_STATE_FILE));
@@ -78921,7 +79134,7 @@ async function cleanupLegacyCanonicalSources() {
 		const profileHomes = await promises.readdir(profileHomesRoot, { withFileTypes: true });
 		for (const profileHome of profileHomes) {
 			if (!profileHome.isDirectory()) continue;
-			const profileDir = path.join(profileHomesRoot, profileHome.name);
+			const profileDir = nodePath.join(profileHomesRoot, profileHome.name);
 			let files = [];
 			try {
 				files = await promises.readdir(profileDir);
@@ -78930,7 +79143,7 @@ async function cleanupLegacyCanonicalSources() {
 			}
 			for (const file of files) {
 				if (!file.startsWith("profile.json")) continue;
-				await removeIfExists(path.join(profileDir, file));
+				await removeIfExists(nodePath.join(profileDir, file));
 			}
 		}
 	} catch (error) {
@@ -78944,7 +79157,7 @@ async function cleanupLegacyCanonicalSources() {
 		const skillDirs = await promises.readdir(skillsRoot, { withFileTypes: true });
 		for (const entry of skillDirs) {
 			if (!entry.isDirectory() || entry.name.startsWith(".")) continue;
-			await removeIfExists(path.join(skillsRoot, entry.name, LEGACY_SKILL_MANIFEST));
+			await removeIfExists(nodePath.join(skillsRoot, entry.name, LEGACY_SKILL_MANIFEST));
 		}
 	} catch (error) {
 		if (!isMissingPathError(error)) logWarn("Failed cleaning legacy skills metadata:", {
@@ -79025,19 +79238,19 @@ async function importLegacyLocalStorageOnce(payload) {
 //#region ../../packages/runtime-integrations/src/agents/service.ts
 const AGENTS_FILENAME = "AGENTS.md";
 function resolveGlobalPath(options) {
-	return path.join(resolveCodexHomeDir(options), AGENTS_FILENAME);
+	return nodePath.join(resolveCodexHomeDir(options), AGENTS_FILENAME);
 }
 function getCodexDir(options) {
 	return resolveCodexHomeDir(options);
 }
 function isPathSafe(normalizedPath, options) {
-	if (path.basename(normalizedPath) !== AGENTS_FILENAME) return false;
+	if (nodePath.basename(normalizedPath) !== AGENTS_FILENAME) return false;
 	const codexDir = getCodexDir(options);
 	const homeDir = resolveHomeDir$1();
-	if (normalizedPath === path.join(codexDir, AGENTS_FILENAME)) return true;
-	const parentDir = path.dirname(normalizedPath);
-	if (!parentDir.startsWith(homeDir + path.sep) && parentDir !== homeDir) return false;
-	if (parentDir.startsWith(codexDir + path.sep) || parentDir === codexDir) return false;
+	if (normalizedPath === nodePath.join(codexDir, AGENTS_FILENAME)) return true;
+	const parentDir = nodePath.dirname(normalizedPath);
+	if (!parentDir.startsWith(homeDir + nodePath.sep) && parentDir !== homeDir) return false;
+	if (parentDir.startsWith(codexDir + nodePath.sep) || parentDir === codexDir) return false;
 	return true;
 }
 async function statFile(target) {
@@ -79060,7 +79273,7 @@ async function readFileContent(target) {
 	}
 }
 async function ensureDirForFile(target) {
-	const dir = path.dirname(target);
+	const dir = nodePath.dirname(target);
 	await promises.mkdir(dir, { recursive: true });
 }
 async function saveFileContent(target, content) {
@@ -79075,7 +79288,7 @@ function normalizeProjectPath(candidate) {
 	if (!candidate || typeof candidate !== "string") return null;
 	const trimmed = candidate.trim();
 	if (!trimmed) return null;
-	return path.resolve(trimmed);
+	return nodePath.resolve(trimmed);
 }
 async function buildDescriptor(params) {
 	const stats = await statFile(params.path);
@@ -79101,7 +79314,7 @@ async function readPreferredContent(entries) {
 async function getAgentsSnapshot(projectPath, options) {
 	const normalizedProject = normalizeProjectPath(projectPath);
 	const globalPath = resolveGlobalPath(options);
-	const projectPathFile = normalizedProject ? path.join(normalizedProject, AGENTS_FILENAME) : null;
+	const projectPathFile = normalizedProject ? nodePath.join(normalizedProject, AGENTS_FILENAME) : null;
 	const globalEntry = await buildDescriptor({
 		path: globalPath,
 		type: "global",
@@ -79123,7 +79336,7 @@ async function getAgentsSnapshot(projectPath, options) {
 	};
 }
 async function readAgentsFile(target, options) {
-	const normalized = path.resolve(target);
+	const normalized = nodePath.resolve(target);
 	if (!isPathSafe(normalized, options)) throw new Error("Access denied: path outside allowed directories");
 	const content = await readFileContent(normalized);
 	return {
@@ -79133,7 +79346,7 @@ async function readAgentsFile(target, options) {
 	};
 }
 async function saveAgentsFile(target, content, options) {
-	const normalized = path.resolve(target);
+	const normalized = nodePath.resolve(target);
 	if (!isPathSafe(normalized, options)) throw new Error("Access denied: path outside allowed directories");
 	await saveFileContent(normalized, content ?? "");
 	return readAgentsFile(normalized, options);
@@ -79333,7 +79546,7 @@ function formatMegabytes(bytes) {
 	return (bytes / MB_DIVISOR).toFixed(2);
 }
 function resolveSyncBackupsDir() {
-	return path.join(getUserDataDir(), SYNC_BACKUP_DIR);
+	return nodePath.join(getUserDataDir(), SYNC_BACKUP_DIR);
 }
 function toSafeIsoForFileName(iso) {
 	return iso.replace(/:/g, "-");
@@ -79341,14 +79554,14 @@ function toSafeIsoForFileName(iso) {
 async function pruneOldPrePullBackups(backupsDir) {
 	const files = (await promises.readdir(backupsDir, { withFileTypes: true })).filter((entry) => entry.isFile() && entry.name.startsWith(PRE_PULL_BACKUP_PREFIX) && entry.name.endsWith(PRE_PULL_BACKUP_SUFFIX)).map((entry) => entry.name).sort((a, b) => b.localeCompare(a));
 	if (files.length <= PRE_PULL_BACKUP_KEEP_COUNT) return;
-	for (const stale of files.slice(PRE_PULL_BACKUP_KEEP_COUNT)) await promises.rm(path.join(backupsDir, stale), { force: true });
+	for (const stale of files.slice(PRE_PULL_BACKUP_KEEP_COUNT)) await promises.rm(nodePath.join(backupsDir, stale), { force: true });
 }
 async function createPrePullBackup(profileManager) {
 	const snapshot = await buildLocalSnapshot(profileManager, { enforcePushGuards: false });
 	const backupsDir = resolveSyncBackupsDir();
 	await promises.mkdir(backupsDir, { recursive: true });
 	const timestamp = toSafeIsoForFileName((/* @__PURE__ */ new Date()).toISOString());
-	const backupPath = path.join(backupsDir, `${PRE_PULL_BACKUP_PREFIX}${timestamp}${PRE_PULL_BACKUP_SUFFIX}`);
+	const backupPath = nodePath.join(backupsDir, `${PRE_PULL_BACKUP_PREFIX}${timestamp}${PRE_PULL_BACKUP_SUFFIX}`);
 	await promises.writeFile(backupPath, `${JSON.stringify(snapshot, null, 2)}\n`, "utf8");
 	await pruneOldPrePullBackups(backupsDir);
 	logInfo("[cloud-sync] created pre-pull backup", { backupPath });
@@ -79582,17 +79795,17 @@ function buildRuntimeEnv(codexHomePath) {
 		...process.env,
 		...codexHomePath?.trim() ? { CODEX_HOME: codexHomePath.trim() } : {}
 	};
-	const homeDir = env.HOME ?? env.USERPROFILE ?? os.homedir();
+	const homeDir = env.HOME ?? env.USERPROFILE ?? nodeOs.homedir();
 	const extraPaths = [
 		"/opt/homebrew/bin",
 		"/usr/local/bin",
-		path.join(homeDir, ".local", "bin"),
-		path.join(homeDir, ".fnm", "aliases", "default", "bin"),
-		path.join(homeDir, ".fnm", "current", "bin"),
-		path.join(homeDir, ".volta", "bin"),
-		path.join(homeDir, ".asdf", "shims")
+		nodePath.join(homeDir, ".local", "bin"),
+		nodePath.join(homeDir, ".fnm", "aliases", "default", "bin"),
+		nodePath.join(homeDir, ".fnm", "current", "bin"),
+		nodePath.join(homeDir, ".volta", "bin"),
+		nodePath.join(homeDir, ".asdf", "shims")
 	];
-	env.PATH = Array.from(new Set([...(env.PATH ?? "").split(path.delimiter), ...extraPaths].filter(Boolean))).join(path.delimiter);
+	env.PATH = Array.from(new Set([...(env.PATH ?? "").split(nodePath.delimiter), ...extraPaths].filter(Boolean))).join(nodePath.delimiter);
 	return env;
 }
 function createTimeoutError(command, args) {
@@ -79986,6 +80199,7 @@ const AUTO_ROLL_ATTEMPT_TTL_MS = 3e4;
 const EMPTY_USAGE_SUMMARY = {
 	windowKey: null,
 	usagePercent: 0,
+	remainingPercent: 100,
 	hasUsage: false,
 	resetsInSeconds: null,
 	windowMinutes: null
@@ -80018,12 +80232,14 @@ function summarizeRateLimitSnapshot(snapshot) {
 		const rawUsedPercent = finiteNumberOrNull(window.usedPercent);
 		const hasUsage = rawUsedPercent !== null;
 		const usagePercent = hasUsage ? Math.max(0, Math.min(100, rawUsedPercent)) : 0;
+		const remainingPercent = 100 - usagePercent;
 		const resetsInSeconds = resolveResetsInSeconds(window);
 		const windowMinutes = finiteNumberOrNull(window.windowMinutes);
 		if (!summary.windowKey) {
 			summary = {
 				windowKey: entry.key,
 				usagePercent,
+				remainingPercent,
 				hasUsage,
 				resetsInSeconds,
 				windowMinutes
@@ -80034,6 +80250,7 @@ function summarizeRateLimitSnapshot(snapshot) {
 			summary = {
 				windowKey: entry.key,
 				usagePercent,
+				remainingPercent,
 				hasUsage,
 				resetsInSeconds,
 				windowMinutes
@@ -80044,6 +80261,7 @@ function summarizeRateLimitSnapshot(snapshot) {
 			summary = {
 				windowKey: entry.key,
 				usagePercent,
+				remainingPercent,
 				hasUsage,
 				resetsInSeconds,
 				windowMinutes
@@ -80054,6 +80272,7 @@ function summarizeRateLimitSnapshot(snapshot) {
 			if (resetsInSeconds !== null && resetsInSeconds < summary.resetsInSeconds) summary = {
 				windowKey: entry.key,
 				usagePercent,
+				remainingPercent,
 				hasUsage,
 				resetsInSeconds,
 				windowMinutes
@@ -80063,6 +80282,7 @@ function summarizeRateLimitSnapshot(snapshot) {
 		if (!hasUsage && !summary.hasUsage && summary.resetsInSeconds === null && resetsInSeconds !== null) summary = {
 			windowKey: entry.key,
 			usagePercent,
+			remainingPercent,
 			hasUsage,
 			resetsInSeconds,
 			windowMinutes
@@ -80070,26 +80290,42 @@ function summarizeRateLimitSnapshot(snapshot) {
 	}
 	return summary;
 }
-function compareAutoRollCandidates(a, b) {
-	if (a.usageSummary.usagePercent !== b.usageSummary.usagePercent) return a.usageSummary.usagePercent - b.usageSummary.usagePercent;
+function buildPriorityRanks(priorityOrder) {
+	const ranks = /* @__PURE__ */ new Map();
+	for (const [index, key] of priorityOrder.entries()) {
+		const normalized = typeof key === "string" ? key.trim() : "";
+		if (!normalized || ranks.has(normalized)) continue;
+		ranks.set(normalized, index);
+	}
+	return ranks;
+}
+function compareAutoRollCandidates(a, b, priorityRanks) {
+	const aRank = priorityRanks.get(resolveProfileIdentityKeyFromProfile(a.profile));
+	const bRank = priorityRanks.get(resolveProfileIdentityKeyFromProfile(b.profile));
+	if (aRank !== void 0 || bRank !== void 0) {
+		if (aRank === void 0) return 1;
+		if (bRank === void 0) return -1;
+		if (aRank !== bRank) return aRank - bRank;
+	}
+	if (a.usageSummary.remainingPercent !== b.usageSummary.remainingPercent) return b.usageSummary.remainingPercent - a.usageSummary.remainingPercent;
 	const aReset = a.usageSummary.resetsInSeconds ?? Number.POSITIVE_INFINITY;
 	const bReset = b.usageSummary.resetsInSeconds ?? Number.POSITIVE_INFINITY;
 	if (aReset !== bReset) return aReset - bReset;
 	return a.profile.name.localeCompare(b.profile.name);
 }
-function computeAutoRollCandidate(profiles, usageSummaries, currentProfileName, currentSummary, switchThreshold) {
-	const candidates = profiles.filter((profile) => profile.name !== currentProfileName && profile.isValid && !profile.tokenStatus?.requiresUserAction).map((profile) => ({
+function computeAutoRollCandidate(profiles, usageSummaries, currentProfileName, currentSummary, switchRemainingThreshold, priorityOrder = [], blockedProfileNames = /* @__PURE__ */ new Set()) {
+	const priorityRanks = buildPriorityRanks(priorityOrder);
+	const candidates = profiles.filter((profile) => profile.name !== currentProfileName && !blockedProfileNames.has(profile.name) && profile.isValid && !profile.tokenStatus?.requiresUserAction).map((profile) => ({
 		profile,
 		usageSummary: usageSummaries.get(profile.name) ?? summarizeRateLimitSnapshot(profile.rateLimit ?? null)
 	}));
 	if (candidates.length === 0) return null;
-	let selected = candidates.filter((candidate) => candidate.usageSummary.hasUsage && candidate.usageSummary.usagePercent < switchThreshold).sort(compareAutoRollCandidates)[0] ?? null;
-	if (!selected) selected = candidates.filter((candidate) => candidate.usageSummary.hasUsage).sort(compareAutoRollCandidates)[0] ?? null;
-	if (!selected) selected = candidates.filter((candidate) => !candidate.usageSummary.hasUsage).sort(compareAutoRollCandidates)[0] ?? null;
+	let selected = candidates.filter((candidate) => candidate.usageSummary.hasUsage && candidate.usageSummary.remainingPercent > switchRemainingThreshold).sort((a, b) => compareAutoRollCandidates(a, b, priorityRanks))[0] ?? null;
+	if (!selected) selected = candidates.filter((candidate) => !candidate.usageSummary.hasUsage).sort((a, b) => compareAutoRollCandidates(a, b, priorityRanks))[0] ?? null;
 	if (!selected) return null;
 	if (selected.usageSummary.hasUsage && currentSummary.hasUsage) {
-		if (selected.usageSummary.usagePercent > currentSummary.usagePercent) return null;
-		if (selected.usageSummary.usagePercent === currentSummary.usagePercent) {
+		if (selected.usageSummary.remainingPercent < currentSummary.remainingPercent) return null;
+		if (selected.usageSummary.remainingPercent === currentSummary.remainingPercent) {
 			if ((selected.usageSummary.resetsInSeconds ?? Number.POSITIVE_INFINITY) >= (currentSummary.resetsInSeconds ?? Number.POSITIVE_INFINITY)) return null;
 		}
 	}
@@ -81812,12 +82048,12 @@ var TelegramBridge = class {
 	}
 	buildRuntimeLockPath(token) {
 		const tokenHash = createHash("sha1").update(token).digest("hex").slice(0, 16);
-		return path.join(getUserDataDir(), `${TELEGRAM_BRIDGE_LOCK_FILE_PREFIX}-${tokenHash}.lock`);
+		return nodePath.join(getUserDataDir(), `${TELEGRAM_BRIDGE_LOCK_FILE_PREFIX}-${tokenHash}.lock`);
 	}
 	async acquireRuntimeLock(token) {
 		if (this.runtimeLockPath) return;
 		const lockPath = this.buildRuntimeLockPath(token);
-		await fs$1.mkdir(path.dirname(lockPath), { recursive: true });
+		await fs$1.mkdir(nodePath.dirname(lockPath), { recursive: true });
 		const payload = JSON.stringify({
 			pid: process.pid,
 			parentPid: process.ppid > 0 ? process.ppid : null,
@@ -82037,13 +82273,26 @@ function createTelegramBridge(options) {
 	return new TelegramBridge(options);
 }
 //#endregion
-//#region src/codex/officialAppRestart.ts
+//#region ../../packages/runtime-codex/src/codex/officialAppRestart.ts
 const RESTART_COOLDOWN_MS = 6e4;
 const COMMAND_TIMEOUT_MS = 3e3;
-const QUIT_WAIT_MS = 1e4;
+const EXIT_WAIT_MS = 1e4;
+const LAUNCH_WAIT_MS = 15e3;
 const POLL_INTERVAL_MS = 250;
+const APP_DISCOVERY_CACHE_TTL_MS = 6e4;
+const APP_DISCOVERY_MISS_CACHE_TTL_MS = 5e3;
 let restartPromise = null;
 let lastRestartStartedAt = 0;
+let profileActionLock = Promise.resolve();
+let appDiscoveryCache = null;
+function logOfficialCodexRestart(level, message, context) {
+	const logger = level === "warn" ? console.warn : level === "error" ? console.error : console.info;
+	if (context && Object.keys(context).length > 0) {
+		logger(`[official-codex-restart] ${message}`, context);
+		return;
+	}
+	logger(`[official-codex-restart] ${message}`);
+}
 function runCommand(command, args, timeoutMs = COMMAND_TIMEOUT_MS) {
 	return new Promise((resolve) => {
 		const child = spawn(command, args, { stdio: [
@@ -82084,15 +82333,252 @@ function runCommand(command, args, timeoutMs = COMMAND_TIMEOUT_MS) {
 		});
 	});
 }
-function appleScriptString(value) {
-	return value.replace(/\\/g, "\\\\").replace(/"/g, "\\\"");
+function enqueueProfileAction(work) {
+	const run = profileActionLock.then(work, work);
+	profileActionLock = run.then(() => void 0, () => void 0);
+	return run;
+}
+async function readProcessRows() {
+	const result = await runCommand("/bin/ps", ["-axo", "pid=,ppid=,lstart=,args="], 2e3);
+	if (result.code !== 0) return [];
+	return result.stdout.split(/\r?\n/).flatMap((line) => {
+		const match = line.match(/^\s*(\d+)\s+(\d+)\s+([A-Z][a-z]{2}\s+[A-Z][a-z]{2}\s+\d+\s+\d+:\d+:\d+\s+\d{4})\s+(.+)$/);
+		if (!match) return [];
+		const pid = Number(match[1]);
+		const ppid = Number(match[2]);
+		const parsedStartedAt = Date.parse(match[3] ?? "");
+		const startedAt = Number.isFinite(parsedStartedAt) ? parsedStartedAt : null;
+		const args = match[4] ?? "";
+		if (!Number.isInteger(pid) || !Number.isInteger(ppid) || !args) return [];
+		return [{
+			pid,
+			ppid,
+			startedAt,
+			args
+		}];
+	});
+}
+function getMainExecutablePath(candidate) {
+	return nodePath.join(candidate.appPath, "Contents", "MacOS", candidate.executableName);
+}
+function isMainProcessRow(row, candidate) {
+	return row.args.includes(getMainExecutablePath(candidate));
+}
+function findAppServerPid(rows, mainPid) {
+	return rows.find((row) => row.ppid === mainPid && row.args.includes("/Contents/Resources/codex app-server"))?.pid ?? null;
+}
+async function processMatchesProfileHome(pid, profileHome) {
+	const result = await runCommand("/bin/ps", [
+		"eww",
+		"-p",
+		String(pid),
+		"-o",
+		"command="
+	], 2e3);
+	if (result.code !== 0) return false;
+	return result.stdout.includes(`CODEX_HOME=${profileHome}`) || result.stdout.includes(profileHome);
+}
+async function findAppServerPidForProfile(rows, mainPid, profileHome) {
+	const candidates = rows.filter((row) => row.ppid === mainPid && row.args.includes("/Contents/Resources/codex app-server"));
+	for (const row of candidates) if (row.args.includes(profileHome) || await processMatchesProfileHome(row.pid, profileHome)) return row.pid;
+	return null;
+}
+async function describeUnmanagedProfileHint(appServerPid) {
+	if (!appServerPid) return {};
+	const result = await runCommand("/bin/ps", [
+		"eww",
+		"-p",
+		String(appServerPid),
+		"-o",
+		"command="
+	], 2e3);
+	if (result.code !== 0) return {};
+	const telemetryMatch = result.stdout.match(/CODEX_TELEMETRY_LABEL=codexuse-profile-([^\s]+)/);
+	if (telemetryMatch?.[1]) {
+		const encodedProfileName = telemetryMatch[1];
+		let profileName = encodedProfileName;
+		try {
+			profileName = decodeURIComponent(encodedProfileName);
+		} catch {
+			profileName = encodedProfileName;
+		}
+		return {
+			profileName,
+			profileMatchSource: "telemetry-label"
+		};
+	}
+	const profileHomeMatch = result.stdout.match(/profile-homes\/([^\s]+)/);
+	if (profileHomeMatch?.[1]) return {
+		profileName: profileHomeMatch[1],
+		profileMatchSource: "profile-home"
+	};
+	return {};
+}
+function getDescendantPids(rootPid, rows) {
+	const descendants = [];
+	const queue = [rootPid];
+	const seen = /* @__PURE__ */ new Set();
+	while (queue.length > 0) {
+		const current = queue.shift();
+		if (seen.has(current)) continue;
+		seen.add(current);
+		for (const row of rows) {
+			if (row.ppid !== current || seen.has(row.pid)) continue;
+			descendants.push(row.pid);
+			queue.push(row.pid);
+		}
+	}
+	return descendants;
+}
+async function waitForNewMainPid(candidate, previousPids) {
+	const deadline = Date.now() + LAUNCH_WAIT_MS;
+	while (Date.now() < deadline) {
+		const pid = (await readProcessRows()).find((row) => isMainProcessRow(row, candidate) && !previousPids.has(row.pid))?.pid ?? null;
+		if (pid !== null) return pid;
+		await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL_MS));
+	}
+	return null;
+}
+async function waitForMainPid(candidate, pid, timeoutMs) {
+	const deadline = Date.now() + timeoutMs;
+	while (Date.now() < deadline) {
+		if ((await readProcessRows()).some((row) => row.pid === pid && isMainProcessRow(row, candidate))) return true;
+		await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL_MS));
+	}
+	return false;
+}
+async function waitForAppServerPid(mainPid, profileHome) {
+	const deadline = Date.now() + LAUNCH_WAIT_MS;
+	while (Date.now() < deadline) {
+		const pid = await findAppServerPidForProfile(await readProcessRows(), mainPid, profileHome);
+		if (pid !== null) return pid;
+		await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL_MS));
+	}
+	return null;
+}
+async function waitForMainPidExit(pid, timeoutMs) {
+	const deadline = Date.now() + timeoutMs;
+	while (Date.now() < deadline) {
+		if (!(await readProcessRows()).some((row) => row.pid === pid)) return true;
+		await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL_MS));
+	}
+	return false;
+}
+async function focusMainPid(pid) {
+	return (await runCommand("/usr/bin/osascript", [
+		"-e",
+		`tell application "System Events" to repeat with proc in (processes whose unix id is ${pid})`,
+		"-e",
+		"set frontmost of proc to true",
+		"-e",
+		"end repeat"
+	], 5e3)).code === 0;
+}
+function managedInstanceToPayload(instance, running, appServerPid = instance.appServerPid, startedAt = null) {
+	const runningStartedAt = startedAt ?? instance.launchedAt;
+	return {
+		profileName: instance.profileName,
+		profileKey: instance.profileKey,
+		appPath: instance.appPath,
+		bundleId: instance.bundleId,
+		pid: running ? instance.pid : null,
+		appServerPid: running ? appServerPid : null,
+		running,
+		startedAt: running ? toIso(runningStartedAt) : null,
+		uptimeMs: running && typeof runningStartedAt === "number" ? Math.max(0, Date.now() - runningStartedAt) : null,
+		launchedAt: toIso(instance.launchedAt),
+		lastVerifiedAt: toIso(instance.lastVerifiedAt),
+		lastStatus: instance.lastStatus,
+		lastError: instance.lastError
+	};
+}
+async function patchManagedInstance(instance) {
+	await patchAppState({ officialCodex: { instancesByProfileName: { [instance.profileName]: instance } } });
+}
+async function readManagedInstance(profileName) {
+	return (await getAppState()).officialCodex.instancesByProfileName[profileName] ?? null;
+}
+async function resolveInstanceRuntimeState(args) {
+	const pid = args.instance.pid;
+	if (!pid) return {
+		running: false,
+		appServerPid: null,
+		startedAt: null
+	};
+	const mainRow = args.rows.find((row) => row.pid === pid);
+	if (!mainRow || !isMainProcessRow(mainRow, args.candidate)) return {
+		running: false,
+		appServerPid: null,
+		startedAt: null
+	};
+	const appServerPid = args.instance.profileHome ? await findAppServerPidForProfile(args.rows, pid, args.instance.profileHome) : findAppServerPid(args.rows, pid);
+	if (args.instance.profileHome && appServerPid === null) return {
+		running: false,
+		appServerPid: null,
+		startedAt: null
+	};
+	return {
+		running: true,
+		appServerPid,
+		startedAt: mainRow.startedAt
+	};
+}
+async function openCodexWithProfileHome(candidate, profileHome, profileName, previousPids) {
+	const executablePath = getMainExecutablePath(candidate);
+	if (!existsSync(executablePath)) return {
+		opened: false,
+		pid: null
+	};
+	const telemetryLabel = `codexuse-profile-${encodeURIComponent(profileName)}`;
+	let child;
+	try {
+		child = spawn(executablePath, [], {
+			detached: true,
+			env: {
+				...process.env,
+				CODEX_HOME: profileHome,
+				CODEX_TELEMETRY_LABEL: telemetryLabel
+			},
+			stdio: "ignore"
+		});
+	} catch {
+		return {
+			opened: false,
+			pid: null
+		};
+	}
+	const childPid = child.pid ?? null;
+	child.unref();
+	if (await new Promise((resolve) => {
+		let settled = false;
+		const settle = (failed) => {
+			if (settled) return;
+			settled = true;
+			resolve(failed);
+		};
+		child.once("error", () => settle(true));
+		setTimeout(() => settle(false), POLL_INTERVAL_MS);
+	})) return {
+		opened: false,
+		pid: null
+	};
+	if (childPid !== null) {
+		if (await waitForMainPid(candidate, childPid, 2e3)) return {
+			opened: true,
+			pid: childPid
+		};
+	}
+	return {
+		opened: true,
+		pid: await waitForNewMainPid(candidate, previousPids)
+	};
 }
-async function readBundleIdentifier(appPath) {
-	const plistPath = path.join(appPath, "Contents", "Info.plist");
+async function readBundleString(appPath, key) {
+	const plistPath = nodePath.join(appPath, "Contents", "Info.plist");
 	if (!existsSync(plistPath)) return null;
 	const result = await runCommand("/usr/bin/plutil", [
 		"-extract",
-		"CFBundleIdentifier",
+		key,
 		"raw",
 		"-o",
 		"-",
@@ -82103,11 +82589,13 @@ async function readBundleIdentifier(appPath) {
 	return bundleId.length > 0 ? bundleId : null;
 }
 async function discoverCodexAppCandidates() {
+	const now = Date.now();
+	const envPath = process.env.CODEXUSE_OFFICIAL_CODEX_APP_PATH?.trim() || null;
+	if (appDiscoveryCache && appDiscoveryCache.envPath === envPath && appDiscoveryCache.expiresAt > now) return appDiscoveryCache.candidates;
 	const rawPaths = /* @__PURE__ */ new Set();
-	const envPath = process.env.CODEXUSE_OFFICIAL_CODEX_APP_PATH?.trim();
 	if (envPath) rawPaths.add(envPath);
 	rawPaths.add("/Applications/Codex.app");
-	rawPaths.add(path.join(homedir(), "Applications", "Codex.app"));
+	rawPaths.add(nodePath.join(homedir(), "Applications", "Codex.app"));
 	const mdfind = await runCommand("/usr/bin/mdfind", ["kMDItemFSName == 'Codex.app'"], 1500);
 	if (mdfind.code === 0) for (const line of mdfind.stdout.split(/\r?\n/)) {
 		const trimmed = line.trim();
@@ -82115,85 +82603,716 @@ async function discoverCodexAppCandidates() {
 	}
 	const candidates = [];
 	for (const appPath of rawPaths) {
-		if (!existsSync(appPath) || path.basename(appPath) !== "Codex.app") continue;
-		const bundleId = await readBundleIdentifier(appPath);
+		if (!existsSync(appPath) || nodePath.basename(appPath) !== "Codex.app") continue;
+		const bundleId = await readBundleString(appPath, "CFBundleIdentifier");
 		if (!bundleId || bundleId.toLowerCase().includes("codexuse")) continue;
 		candidates.push({
 			appPath,
-			bundleId
+			bundleId,
+			version: await readBundleString(appPath, "CFBundleShortVersionString"),
+			executableName: await readBundleString(appPath, "CFBundleExecutable") ?? "Codex"
 		});
 	}
-	return candidates.sort((a, b) => a.appPath.localeCompare(b.appPath));
+	const sorted = candidates.sort((a, b) => a.appPath.localeCompare(b.appPath));
+	appDiscoveryCache = {
+		envPath,
+		expiresAt: now + (sorted.length > 0 ? APP_DISCOVERY_CACHE_TTL_MS : APP_DISCOVERY_MISS_CACHE_TTL_MS),
+		candidates: sorted
+	};
+	return sorted;
 }
 async function getRunningCodexPids(candidate) {
 	const result = await runCommand("/bin/ps", ["-axo", "pid=,args="], 2e3);
 	const pids = /* @__PURE__ */ new Set();
-	const executableRoot = path.join(candidate.appPath, "Contents", "MacOS");
+	const appContentsRoot = `${nodePath.join(candidate.appPath, "Contents")}${nodePath.sep}`;
+	if (result.code === 0) for (const line of result.stdout.split(/\r?\n/)) {
+		const match = line.match(/^\s*(\d+)\s+(.+)$/);
+		if (!match) continue;
+		const pid = Number(match[1]);
+		const args = match[2] ?? "";
+		if (Number.isInteger(pid) && args.includes(appContentsRoot)) pids.add(pid);
+	}
+	return Array.from(pids).sort((a, b) => a - b);
+}
+async function getRunningCodexMainPids(candidate) {
+	const result = await runCommand("/bin/ps", ["-axo", "pid=,args="], 2e3);
+	const pids = /* @__PURE__ */ new Set();
+	const executablePath = nodePath.join(candidate.appPath, "Contents", "MacOS", candidate.executableName);
 	if (result.code === 0) for (const line of result.stdout.split(/\r?\n/)) {
 		const match = line.match(/^\s*(\d+)\s+(.+)$/);
 		if (!match) continue;
 		const pid = Number(match[1]);
 		const args = match[2] ?? "";
-		if (Number.isInteger(pid) && args.includes(executableRoot)) pids.add(pid);
+		if (Number.isInteger(pid) && args.includes(executablePath)) pids.add(pid);
 	}
-	return Array.from(pids);
+	return Array.from(pids).sort((a, b) => a - b);
 }
-async function waitForCodexExit(candidate) {
-	const deadline = Date.now() + QUIT_WAIT_MS;
+async function resolveCodexAppTarget() {
+	const candidates = await discoverCodexAppCandidates();
+	const fallback = candidates[0] ?? null;
+	if (!fallback) return {
+		candidate: null,
+		runningPids: [],
+		mainPids: []
+	};
+	for (const candidate of candidates) {
+		const [runningPids, mainPids] = await Promise.all([getRunningCodexPids(candidate), getRunningCodexMainPids(candidate)]);
+		if (mainPids.length > 0) return {
+			candidate,
+			runningPids,
+			mainPids
+		};
+	}
+	const [runningPids, mainPids] = await Promise.all([getRunningCodexPids(fallback), getRunningCodexMainPids(fallback)]);
+	return {
+		candidate: fallback,
+		runningPids,
+		mainPids
+	};
+}
+async function waitForCodexExit(candidate, timeoutMs) {
+	const deadline = Date.now() + timeoutMs;
 	while (Date.now() < deadline) {
 		if ((await getRunningCodexPids(candidate)).length === 0) return true;
 		await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL_MS));
 	}
 	return false;
 }
-async function requestCodexQuit(candidate) {
-	await runCommand("/usr/bin/osascript", ["-e", `tell application id "${appleScriptString(candidate.bundleId)}" to quit`]);
+async function signalPids(pids, signal) {
+	const signaled = [];
+	for (const pid of pids) try {
+		process.kill(pid, signal);
+		signaled.push(pid);
+	} catch {}
+	return signaled;
 }
 async function openCodex(candidate) {
 	if ((await runCommand("/usr/bin/open", ["-b", candidate.bundleId])).code === 0) return true;
 	return (await runCommand("/usr/bin/open", [candidate.appPath])).code === 0;
 }
-async function restartOfficialCodexAppOnce() {
-	if (process.platform !== "darwin") return {
-		status: "skipped",
-		reason: "unsupported-platform"
+async function waitForCodexLaunch(candidate) {
+	const deadline = Date.now() + LAUNCH_WAIT_MS;
+	while (Date.now() < deadline) {
+		const pid = (await getRunningCodexMainPids(candidate))[0] ?? null;
+		if (pid !== null) return pid;
+		await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL_MS));
+	}
+	return null;
+}
+function toIso(value) {
+	return typeof value === "number" && Number.isFinite(value) ? new Date(value).toISOString() : null;
+}
+async function rememberProfileSwitch(profileKey) {
+	await patchAppState({ officialCodex: {
+		lastProfileSwitchAt: Date.now(),
+		lastProfileSwitchProfileKey: profileKey
+	} });
+}
+async function rememberRestartResult(args) {
+	const now = Date.now();
+	const verified = args.status === "restarted" || args.status === "started";
+	await patchAppState({ officialCodex: {
+		lastVerifiedLaunchAt: verified ? now : void 0,
+		lastVerifiedLaunchProfileKey: verified ? args.profileKey ?? null : void 0,
+		lastObservedPid: verified ? args.pid ?? null : void 0,
+		lastRestartStatus: args.status,
+		lastRestartReason: args.reason ?? null
+	} });
+}
+async function restartOfficialCodexAppOnce(options) {
+	if (process.platform !== "darwin") {
+		await rememberRestartResult({
+			status: "skipped",
+			reason: "unsupported-platform"
+		});
+		return {
+			status: "skipped",
+			reason: "unsupported-platform"
+		};
+	}
+	const now = Date.now();
+	if (options.source !== "manual" && lastRestartStartedAt > 0 && now - lastRestartStartedAt < RESTART_COOLDOWN_MS) {
+		await rememberRestartResult({
+			status: "skipped",
+			reason: "cooldown",
+			profileKey: options.currentProfileKey
+		});
+		return {
+			status: "skipped",
+			reason: "cooldown"
+		};
+	}
+	const { candidate, runningPids, mainPids } = await resolveCodexAppTarget();
+	if (!candidate) {
+		await rememberRestartResult({
+			status: "skipped",
+			reason: "official-codex-app-not-found",
+			profileKey: options.currentProfileKey
+		});
+		return {
+			status: "skipped",
+			reason: "official-codex-app-not-found"
+		};
+	}
+	const appIsRunning = mainPids.length > 0;
+	if (!appIsRunning && !options.launchIfNotRunning) {
+		await rememberRestartResult({
+			status: "skipped",
+			reason: "official-codex-app-not-running",
+			profileKey: options.currentProfileKey
+		});
+		return {
+			status: "skipped",
+			reason: "official-codex-app-not-running"
+		};
+	}
+	if (options.source !== "manual") lastRestartStartedAt = Date.now();
+	if (appIsRunning) {
+		logOfficialCodexRestart("warn", "Force killing official Codex before relaunch.", {
+			appPath: candidate.appPath,
+			bundleId: candidate.bundleId,
+			source: options.source,
+			runningPids,
+			mainPids
+		});
+		const killedPids = await signalPids(runningPids, "SIGKILL");
+		logOfficialCodexRestart("warn", "Sent SIGKILL to official Codex pids.", {
+			appPath: candidate.appPath,
+			bundleId: candidate.bundleId,
+			source: options.source,
+			killedPids
+		});
+		if (!await waitForCodexExit(candidate, EXIT_WAIT_MS)) {
+			const remainingPids = await getRunningCodexPids(candidate);
+			logOfficialCodexRestart("error", "Official Codex pids remained after force kill.", {
+				appPath: candidate.appPath,
+				bundleId: candidate.bundleId,
+				source: options.source,
+				remainingPids
+			});
+			const failed = {
+				status: "failed",
+				appPath: candidate.appPath,
+				bundleId: candidate.bundleId,
+				reason: "force-quit-timeout",
+				phase: "quit"
+			};
+			await rememberRestartResult({
+				status: failed.status,
+				reason: failed.reason,
+				profileKey: options.currentProfileKey
+			});
+			return failed;
+		}
+		logOfficialCodexRestart("info", "Official Codex exited after force kill.", {
+			appPath: candidate.appPath,
+			bundleId: candidate.bundleId,
+			source: options.source
+		});
+	}
+	if (!await openCodex(candidate)) {
+		const failed = {
+			status: "failed",
+			appPath: candidate.appPath,
+			bundleId: candidate.bundleId,
+			reason: "open-failed",
+			phase: "launch"
+		};
+		await rememberRestartResult({
+			status: failed.status,
+			reason: failed.reason,
+			profileKey: options.currentProfileKey
+		});
+		return failed;
+	}
+	const launchedPid = await waitForCodexLaunch(candidate);
+	if (launchedPid === null) {
+		logOfficialCodexRestart("error", "Official Codex launch was not verified.", {
+			appPath: candidate.appPath,
+			bundleId: candidate.bundleId,
+			source: options.source
+		});
+		const failed = {
+			status: "failed",
+			appPath: candidate.appPath,
+			bundleId: candidate.bundleId,
+			reason: "launch-timeout",
+			phase: "launch"
+		};
+		await rememberRestartResult({
+			status: failed.status,
+			reason: failed.reason,
+			profileKey: options.currentProfileKey
+		});
+		return failed;
+	}
+	const status = appIsRunning ? "restarted" : "started";
+	logOfficialCodexRestart("info", "Official Codex launch verified.", {
+		appPath: candidate.appPath,
+		bundleId: candidate.bundleId,
+		source: options.source,
+		status,
+		pid: launchedPid
+	});
+	await rememberRestartResult({
+		status,
+		profileKey: options.currentProfileKey,
+		pid: launchedPid
+	});
+	return {
+		status,
+		appPath: candidate.appPath,
+		bundleId: candidate.bundleId,
+		pid: launchedPid
 	};
-	if (lastRestartStartedAt > 0 && Date.now() - lastRestartStartedAt < RESTART_COOLDOWN_MS) return {
-		status: "skipped",
-		reason: "cooldown"
+}
+async function getOfficialCodexSyncStatus(currentProfileKey) {
+	const stored = (await getAppState()).officialCodex;
+	const base = {
+		runningPids: [],
+		lastProfileSwitchAt: toIso(stored.lastProfileSwitchAt),
+		lastVerifiedLaunchAt: toIso(stored.lastVerifiedLaunchAt),
+		lastRestartStatus: stored.lastRestartStatus,
+		lastRestartReason: stored.lastRestartReason
 	};
-	const candidate = (await discoverCodexAppCandidates())[0] ?? null;
-	if (!candidate) return {
-		status: "skipped",
-		reason: "official-codex-app-not-found"
+	if (process.platform !== "darwin") return {
+		...base,
+		state: "unsupported"
 	};
-	if ((await getRunningCodexPids(candidate)).length === 0) return {
-		status: "skipped",
-		reason: "official-codex-app-not-running"
+	const { candidate, mainPids } = await resolveCodexAppTarget();
+	if (!candidate) return {
+		...base,
+		state: "not-found"
 	};
-	lastRestartStartedAt = Date.now();
-	await requestCodexQuit(candidate);
-	if (!await waitForCodexExit(candidate)) return {
-		status: "failed",
+	if (mainPids.length === 0) return {
+		...base,
+		state: "not-running",
 		appPath: candidate.appPath,
 		bundleId: candidate.bundleId,
-		reason: "quit-timeout"
+		runningPids: mainPids
 	};
-	if (!await openCodex(candidate)) return {
-		status: "failed",
+	const lastSwitchAt = stored.lastProfileSwitchAt;
+	const lastLaunchAt = stored.lastVerifiedLaunchAt;
+	const lastLaunchProfileKey = stored.lastVerifiedLaunchProfileKey;
+	const stale = Boolean(currentProfileKey && lastSwitchAt && (!lastLaunchAt || lastLaunchAt < lastSwitchAt || lastLaunchProfileKey !== currentProfileKey));
+	return {
+		...base,
+		state: stale ? "stale" : currentProfileKey && lastLaunchProfileKey === currentProfileKey ? "synced" : "unknown",
 		appPath: candidate.appPath,
 		bundleId: candidate.bundleId,
-		reason: "reopen-failed"
+		runningPids: mainPids
 	};
+}
+function recordOfficialCodexProfileSwitch(profileKey) {
+	return rememberProfileSwitch(profileKey);
+}
+async function getOfficialCodexProfileInstances() {
+	if (process.platform !== "darwin") return {
+		state: "unsupported",
+		appPath: null,
+		bundleId: null,
+		version: null,
+		instances: [],
+		unmanaged: []
+	};
+	const { candidate, mainPids } = await resolveCodexAppTarget();
+	if (!candidate) return {
+		state: "not-found",
+		appPath: null,
+		bundleId: null,
+		version: null,
+		instances: [],
+		unmanaged: []
+	};
+	const [state, rows] = await Promise.all([getAppState(), readProcessRows()]);
+	const managed = [];
+	for (const instance of Object.values(state.officialCodex.instancesByProfileName)) {
+		const runtime = await resolveInstanceRuntimeState({
+			instance,
+			candidate,
+			rows
+		});
+		managed.push(managedInstanceToPayload(instance, runtime.running, runtime.appServerPid, runtime.startedAt));
+	}
+	managed.sort((a, b) => a.profileName.localeCompare(b.profileName));
+	const managedPids = new Set(managed.flatMap((entry) => entry.running && entry.pid ? [entry.pid] : []));
+	const unmanaged = [];
+	for (const pid of mainPids.filter((entry) => !managedPids.has(entry))) {
+		const appServerPid = findAppServerPid(rows, pid);
+		const startedAt = rows.find((row) => row.pid === pid)?.startedAt ?? null;
+		unmanaged.push({
+			pid,
+			appServerPid,
+			startedAt: toIso(startedAt),
+			uptimeMs: typeof startedAt === "number" ? Math.max(0, Date.now() - startedAt) : null,
+			...await describeUnmanagedProfileHint(appServerPid)
+		});
+	}
 	return {
-		status: "restarted",
+		state: "found",
 		appPath: candidate.appPath,
-		bundleId: candidate.bundleId
+		bundleId: candidate.bundleId,
+		version: candidate.version,
+		instances: managed,
+		unmanaged
 	};
 }
-function restartOfficialCodexApp() {
+function launchOfficialCodexProfileInstance(options) {
+	return enqueueProfileAction(async () => {
+		if (process.platform !== "darwin") return {
+			status: "skipped",
+			profileName: options.profileName,
+			instance: null,
+			reason: "unsupported-platform"
+		};
+		const { candidate, mainPids } = await resolveCodexAppTarget();
+		if (!candidate) return {
+			status: "skipped",
+			profileName: options.profileName,
+			instance: null,
+			reason: "official-codex-app-not-found"
+		};
+		const existing = await readManagedInstance(options.profileName);
+		if (existing) {
+			const runtime = await resolveInstanceRuntimeState({
+				instance: existing,
+				candidate,
+				rows: await readProcessRows()
+			});
+			if (runtime.running) {
+				const verified = {
+					...existing,
+					profileHome: existing.profileHome ?? options.profileHome,
+					appServerPid: runtime.appServerPid,
+					lastVerifiedAt: Date.now(),
+					lastStatus: "already-running",
+					lastError: null
+				};
+				await patchManagedInstance(verified);
+				return {
+					status: "already-running",
+					profileName: options.profileName,
+					instance: managedInstanceToPayload(verified, true, runtime.appServerPid, runtime.startedAt),
+					reason: null
+				};
+			}
+		}
+		const launch = await openCodexWithProfileHome(candidate, options.profileHome, options.profileName, new Set(mainPids));
+		if (!launch.opened) {
+			const failed = {
+				profileName: options.profileName,
+				profileKey: options.profileKey,
+				profileHome: options.profileHome,
+				appPath: candidate.appPath,
+				bundleId: candidate.bundleId,
+				pid: null,
+				appServerPid: null,
+				launchedAt: null,
+				lastVerifiedAt: null,
+				lastStatus: "failed",
+				lastError: "open-failed"
+			};
+			await patchManagedInstance(failed);
+			return {
+				status: "failed",
+				profileName: options.profileName,
+				instance: managedInstanceToPayload(failed, false),
+				reason: "open-failed"
+			};
+		}
+		const launchedPid = launch.pid;
+		if (launchedPid === null) {
+			const failed = {
+				profileName: options.profileName,
+				profileKey: options.profileKey,
+				profileHome: options.profileHome,
+				appPath: candidate.appPath,
+				bundleId: candidate.bundleId,
+				pid: null,
+				appServerPid: null,
+				launchedAt: null,
+				lastVerifiedAt: null,
+				lastStatus: "failed",
+				lastError: "launch-timeout"
+			};
+			await patchManagedInstance(failed);
+			return {
+				status: "failed",
+				profileName: options.profileName,
+				instance: managedInstanceToPayload(failed, false),
+				reason: "launch-timeout"
+			};
+		}
+		const appServerPid = await waitForAppServerPid(launchedPid, options.profileHome);
+		if (appServerPid === null) {
+			const failed = {
+				profileName: options.profileName,
+				profileKey: options.profileKey,
+				profileHome: options.profileHome,
+				appPath: candidate.appPath,
+				bundleId: candidate.bundleId,
+				pid: null,
+				appServerPid: null,
+				launchedAt: null,
+				lastVerifiedAt: Date.now(),
+				lastStatus: "failed",
+				lastError: "app-server-not-verified"
+			};
+			await patchManagedInstance(failed);
+			return {
+				status: "failed",
+				profileName: options.profileName,
+				instance: managedInstanceToPayload(failed, false),
+				reason: "app-server-not-verified"
+			};
+		}
+		const now = Date.now();
+		const instance = {
+			profileName: options.profileName,
+			profileKey: options.profileKey,
+			profileHome: options.profileHome,
+			appPath: candidate.appPath,
+			bundleId: candidate.bundleId,
+			pid: launchedPid,
+			appServerPid,
+			launchedAt: now,
+			lastVerifiedAt: now,
+			lastStatus: "started",
+			lastError: null
+		};
+		await patchManagedInstance(instance);
+		return {
+			status: "started",
+			profileName: options.profileName,
+			instance: managedInstanceToPayload(instance, true, appServerPid),
+			reason: null
+		};
+	});
+}
+function stopOfficialCodexProfileInstance(profileName) {
+	return enqueueProfileAction(async () => {
+		const existing = await readManagedInstance(profileName);
+		if (!existing) return {
+			status: "not-running",
+			profileName,
+			instance: null,
+			reason: "not-managed"
+		};
+		const { candidate } = await resolveCodexAppTarget();
+		if (!candidate) {
+			const stopped = {
+				...existing,
+				pid: null,
+				appServerPid: null,
+				lastVerifiedAt: Date.now(),
+				lastStatus: "not-running",
+				lastError: "official-codex-app-not-found"
+			};
+			await patchManagedInstance(stopped);
+			return {
+				status: "not-running",
+				profileName,
+				instance: managedInstanceToPayload(stopped, false),
+				reason: "official-codex-app-not-found"
+			};
+		}
+		const rows = await readProcessRows();
+		const runtime = await resolveInstanceRuntimeState({
+			instance: existing,
+			candidate,
+			rows
+		});
+		if (!runtime.running || !existing.pid) {
+			const stopped = {
+				...existing,
+				pid: null,
+				appServerPid: null,
+				lastVerifiedAt: Date.now(),
+				lastStatus: "not-running",
+				lastError: null
+			};
+			await patchManagedInstance(stopped);
+			return {
+				status: "not-running",
+				profileName,
+				instance: managedInstanceToPayload(stopped, false),
+				reason: null
+			};
+		}
+		const tree = [existing.pid, ...getDescendantPids(existing.pid, rows)].filter((pid, index, all) => all.indexOf(pid) === index).sort((a, b) => b - a);
+		await signalPids(tree, "SIGTERM");
+		if (!await waitForMainPidExit(existing.pid, 5e3)) {
+			await signalPids(tree, "SIGKILL");
+			await waitForMainPidExit(existing.pid, EXIT_WAIT_MS);
+		}
+		const stillRunning = (await readProcessRows()).some((row) => row.pid === existing.pid);
+		const stopped = {
+			...existing,
+			pid: stillRunning ? existing.pid : null,
+			appServerPid: stillRunning ? runtime.appServerPid : null,
+			lastVerifiedAt: Date.now(),
+			lastStatus: stillRunning ? "failed" : "stopped",
+			lastError: stillRunning ? "stop-timeout" : null
+		};
+		await patchManagedInstance(stopped);
+		return {
+			status: stillRunning ? "failed" : "stopped",
+			profileName,
+			instance: managedInstanceToPayload(stopped, stillRunning, stopped.appServerPid, runtime.startedAt),
+			reason: stillRunning ? "stop-timeout" : null
+		};
+	});
+}
+function focusOfficialCodexProfileInstance(profileName) {
+	return enqueueProfileAction(async () => {
+		const existing = await readManagedInstance(profileName);
+		if (!existing) return {
+			status: "not-running",
+			profileName,
+			instance: null,
+			reason: "not-managed"
+		};
+		const { candidate } = await resolveCodexAppTarget();
+		if (!candidate) return {
+			status: "not-running",
+			profileName,
+			instance: managedInstanceToPayload(existing, false),
+			reason: "official-codex-app-not-found"
+		};
+		const runtime = await resolveInstanceRuntimeState({
+			instance: existing,
+			candidate,
+			rows: await readProcessRows()
+		});
+		if (!runtime.running || !existing.pid) return {
+			status: "not-running",
+			profileName,
+			instance: managedInstanceToPayload(existing, false),
+			reason: null
+		};
+		const focused = await focusMainPid(existing.pid);
+		const verified = {
+			...existing,
+			appServerPid: runtime.appServerPid,
+			lastVerifiedAt: Date.now(),
+			lastStatus: focused ? "focused" : "focus-unknown",
+			lastError: focused ? null : "focus-unknown"
+		};
+		await patchManagedInstance(verified);
+		return {
+			status: focused ? "focused" : "focus-unknown",
+			profileName,
+			instance: managedInstanceToPayload(verified, true, runtime.appServerPid, runtime.startedAt),
+			reason: focused ? null : "focus-unknown"
+		};
+	});
+}
+function focusOfficialCodexObservedProfileInstance(profileName, pid, appServerPid) {
+	return enqueueProfileAction(async () => {
+		const { candidate } = await resolveCodexAppTarget();
+		if (!candidate) return {
+			status: "not-running",
+			profileName,
+			instance: null,
+			reason: "official-codex-app-not-found"
+		};
+		const rows = await readProcessRows();
+		const mainRow = rows.find((row) => row.pid === pid);
+		if (!mainRow || !isMainProcessRow(mainRow, candidate)) return {
+			status: "not-running",
+			profileName,
+			instance: null,
+			reason: null
+		};
+		const runtimeAppServerPid = findAppServerPid(rows, pid) ?? appServerPid;
+		const focused = await focusMainPid(pid);
+		const instance = {
+			profileName,
+			profileKey: null,
+			appPath: candidate.appPath,
+			bundleId: candidate.bundleId,
+			pid,
+			appServerPid: runtimeAppServerPid,
+			running: true,
+			startedAt: toIso(mainRow.startedAt),
+			uptimeMs: typeof mainRow.startedAt === "number" ? Math.max(0, Date.now() - mainRow.startedAt) : null,
+			launchedAt: null,
+			lastVerifiedAt: (/* @__PURE__ */ new Date()).toISOString(),
+			lastStatus: focused ? "focused" : "focus-unknown",
+			lastError: focused ? null : "focus-unknown"
+		};
+		return {
+			status: focused ? "focused" : "focus-unknown",
+			profileName,
+			instance,
+			reason: focused ? null : "focus-unknown"
+		};
+	});
+}
+function stopOfficialCodexObservedProfileInstance(profileName, pid, appServerPid) {
+	return enqueueProfileAction(async () => {
+		const { candidate } = await resolveCodexAppTarget();
+		if (!candidate) return {
+			status: "not-running",
+			profileName,
+			instance: null,
+			reason: "official-codex-app-not-found"
+		};
+		const rows = await readProcessRows();
+		const mainRow = rows.find((row) => row.pid === pid);
+		if (!mainRow || !isMainProcessRow(mainRow, candidate)) return {
+			status: "not-running",
+			profileName,
+			instance: null,
+			reason: null
+		};
+		const runtimeAppServerPid = findAppServerPid(rows, pid) ?? appServerPid;
+		const tree = [pid, ...getDescendantPids(pid, rows)].filter((entry, index, all) => all.indexOf(entry) === index).sort((a, b) => b - a);
+		await signalPids(tree, "SIGTERM");
+		if (!await waitForMainPidExit(pid, 5e3)) {
+			await signalPids(tree, "SIGKILL");
+			await waitForMainPidExit(pid, EXIT_WAIT_MS);
+		}
+		const stillRunning = (await readProcessRows()).some((row) => row.pid === pid);
+		const instance = {
+			profileName,
+			profileKey: null,
+			appPath: candidate.appPath,
+			bundleId: candidate.bundleId,
+			pid: stillRunning ? pid : null,
+			appServerPid: stillRunning ? runtimeAppServerPid : null,
+			running: stillRunning,
+			startedAt: stillRunning ? toIso(mainRow.startedAt) : null,
+			uptimeMs: stillRunning && typeof mainRow.startedAt === "number" ? Math.max(0, Date.now() - mainRow.startedAt) : null,
+			launchedAt: null,
+			lastVerifiedAt: (/* @__PURE__ */ new Date()).toISOString(),
+			lastStatus: stillRunning ? "failed" : "stopped",
+			lastError: stillRunning ? "stop-timeout" : null
+		};
+		return {
+			status: stillRunning ? "failed" : "stopped",
+			profileName,
+			instance,
+			reason: stillRunning ? "stop-timeout" : null
+		};
+	});
+}
+async function restartOfficialCodexProfileInstance(options) {
+	const stopped = await stopOfficialCodexProfileInstance(options.profileName);
+	if (stopped.status === "failed") return stopped;
+	const launched = await launchOfficialCodexProfileInstance(options);
+	return {
+		...launched,
+		status: launched.status === "started" ? "restarted" : launched.status
+	};
+}
+function restartOfficialCodexApp(options = {}) {
 	if (restartPromise) return restartPromise;
-	restartPromise = restartOfficialCodexAppOnce().finally(() => {
+	restartPromise = restartOfficialCodexAppOnce({
+		source: options.source ?? "manual",
+		currentProfileKey: options.currentProfileKey ?? null,
+		launchIfNotRunning: options.launchIfNotRunning ?? (options.source ?? "manual") === "manual"
+	}).finally(() => {
 		restartPromise = null;
 	});
 	return restartPromise;
@@ -82304,6 +83423,37 @@ function describeActiveAuthOwner(snapshot) {
 	if (!snapshot) return null;
 	return snapshot.email ?? snapshot.userId ?? snapshot.chatgptUserId ?? snapshot.accountId ?? null;
 }
+async function createIsolatedCodexLoginHome() {
+	const home = await promises.mkdtemp(nodePath.join(nodeOs.tmpdir(), "codexuse-login-"));
+	let cleaned = false;
+	return {
+		home,
+		authPath: nodePath.join(home, "auth.json"),
+		cleanup: async () => {
+			if (cleaned) return;
+			cleaned = true;
+			await promises.rm(home, {
+				recursive: true,
+				force: true
+			});
+		}
+	};
+}
+async function cleanupProfileAuthSession(session) {
+	const tasks = [];
+	if (session.restoreConfig) {
+		const restore = session.restoreConfig;
+		session.restoreConfig = void 0;
+		tasks.push(Promise.resolve().then(restore));
+	}
+	if (session.cleanupAuthHome) {
+		const cleanup = session.cleanupAuthHome;
+		session.cleanupAuthHome = void 0;
+		tasks.push(Promise.resolve().then(cleanup));
+	}
+	const results = await Promise.allSettled(tasks);
+	for (const result of results) if (result.status === "rejected") console.warn("Failed to clean up profile auth session:", result.reason);
+}
 async function resolveCodexBinaryOrThrow(context) {
 	try {
 		return await requireCodexCli();
@@ -82311,7 +83461,7 @@ async function resolveCodexBinaryOrThrow(context) {
 		if (error instanceof CodexCliMissingError) {
 			const reason = error.status.reason ?? "Codex CLI not found. Install @openai/codex or set CODEX_BINARY.";
 			const message = context ? `${context} ${reason}` : reason;
-			throw new Error(message);
+			throw new Error(message, { cause: error });
 		}
 		throw error;
 	}
@@ -83018,6 +84168,61 @@ const createServer = fn(function* () {
 			properties
 		});
 	};
+	const lowRemainingNotifications = /* @__PURE__ */ new Map();
+	const finitePercent = (value) => typeof value === "number" && Number.isFinite(value) ? Math.max(0, Math.min(100, value)) : null;
+	const formatLowRemainingPercent = (value) => {
+		const rounded = Math.round(value * 10) / 10;
+		return (Number.isInteger(rounded) ? rounded.toFixed(0) : rounded.toFixed(1)).replace(/\.0$/, "");
+	};
+	const buildRateLimitResetKey = (window) => {
+		if (typeof window.resetsAt === "string" && window.resetsAt.trim()) return `at:${window.resetsAt.trim()}`;
+		if (typeof window.windowMinutes === "number" && Number.isFinite(window.windowMinutes)) return `window:${window.windowMinutes}`;
+		return "unknown";
+	};
+	const maybeSendLowRemainingNotification = async (payload) => {
+		const settings = normalizeAutoRollSettings(await getStoredAutoRollSettings());
+		if (!settings.lowRemainingNotificationEnabled) return;
+		if (!payload.snapshot) return;
+		const windows = [{
+			key: "primary",
+			window: payload.snapshot.primary
+		}, {
+			key: "secondary",
+			window: payload.snapshot.secondary
+		}];
+		for (const entry of windows) {
+			if (!entry.window) continue;
+			const usedPercent = finitePercent(entry.window.usedPercent);
+			if (usedPercent === null) continue;
+			const remainingPercent = Math.max(0, 100 - usedPercent);
+			const stateKey = `${payload.accountId}:${entry.key}`;
+			if (remainingPercent > settings.lowRemainingNotificationThreshold) {
+				lowRemainingNotifications.delete(stateKey);
+				continue;
+			}
+			const resetKey = buildRateLimitResetKey(entry.window);
+			const previous = lowRemainingNotifications.get(stateKey);
+			if (previous && previous.resetKey === resetKey && previous.threshold === settings.lowRemainingNotificationThreshold) continue;
+			const remainingText = formatLowRemainingPercent(remainingPercent);
+			const switchText = settings.enabled ? `Auto-roll will switch at or below ${settings.switchRemainingThreshold}% left.` : "Auto-roll is currently off.";
+			sendDesktopParentMessage$1({
+				type: "t3-server:show-notification",
+				title: "Codex usage low",
+				body: `${payload.profileName} has ${remainingText}% left. ${switchText}`
+			});
+			lowRemainingNotifications.set(stateKey, {
+				resetKey,
+				threshold: settings.lowRemainingNotificationThreshold
+			});
+			trackAnalyticsEvent("low_remaining_notification_sent", {
+				profileName: payload.profileName,
+				accountId: payload.accountId,
+				windowKey: entry.key,
+				remainingPercent,
+				threshold: settings.lowRemainingNotificationThreshold
+			});
+		}
+	};
 	const publishProfileSwitched = (payload) => {
 		refreshTray();
 		return runPromise$2(pushBus.publishAll(WS_CHANNELS.profilesSwitched, payload));
@@ -83025,6 +84230,7 @@ const createServer = fn(function* () {
 	const publishCliStatusUpdated = (payload) => runPromise$2(pushBus.publishAll(WS_CHANNELS.cliStatusUpdated, payload));
 	let backgroundAutoRollInFlight = false;
 	let lastAutoRollAttempt = null;
+	const autoRollRearmBlockedProfiles = /* @__PURE__ */ new Set();
 	const rememberAutoRollAttempt = (source, target) => {
 		if (!source || !target) return;
 		lastAutoRollAttempt = {
@@ -83037,29 +84243,177 @@ const createServer = fn(function* () {
 		if (!lastAutoRollAttempt) return false;
 		return lastAutoRollAttempt.source === source && lastAutoRollAttempt.target === target && Date.now() - lastAutoRollAttempt.timestamp < 3e4;
 	};
-	const maybeRestartOfficialCodexAfterAutoRoll = (targetProfileName) => {
-		(async () => {
-			if (!normalizeAutoRollSettings(await getStoredAutoRollSettings()).restartOfficialCodexOnAutoRoll) return;
-			const result = await restartOfficialCodexApp();
+	const blockAutoRollUntilRearm = (profileName) => {
+		if (!profileName) return;
+		autoRollRearmBlockedProfiles.add(profileName);
+	};
+	const unblockAutoRollRearm = (profileName) => {
+		if (!profileName) return;
+		autoRollRearmBlockedProfiles.delete(profileName);
+	};
+	const isAutoRollBlockedUntilRearm = (profileName, summary, rearmRemainingThreshold) => {
+		if (!autoRollRearmBlockedProfiles.has(profileName)) return false;
+		if (summary.hasUsage && summary.remainingPercent > rearmRemainingThreshold) {
+			autoRollRearmBlockedProfiles.delete(profileName);
+			return false;
+		}
+		return true;
+	};
+	const rearmAutoRollBlockedProfiles = (usageSummaries, rearmRemainingThreshold) => {
+		for (const profileName of Array.from(autoRollRearmBlockedProfiles)) {
+			const summary = usageSummaries.get(profileName);
+			if (!summary || !summary.hasUsage || summary.remainingPercent > rearmRemainingThreshold) autoRollRearmBlockedProfiles.delete(profileName);
+		}
+	};
+	const resolveProfileIdentityKeyByName = async (profileName) => {
+		if (!profileName) return null;
+		const profile = (await profileManager.listProfiles()).find((entry) => entry.name === profileName);
+		return profile ? resolveProfileIdentityKeyFromProfile(profile) : null;
+	};
+	const prepareOfficialCodexProfileLaunch = async (profileName) => {
+		const profile = (await profileManager.listProfiles()).find((entry) => entry.name === profileName);
+		if (!profile) throw new Error(`Profile '${profileName}' was not found.`);
+		if (!profile.isValid || profile.tokenStatus?.requiresUserAction) throw new Error(`Profile '${profileName}' needs auth refresh before launch.`);
+		const runtime = await profileManager.prepareProfileRuntime(profileName);
+		return {
+			profileName,
+			profileKey: resolveProfileIdentityKeyFromProfile(profile),
+			profileHome: runtime.profileHome
+		};
+	};
+	const resolveOfficialCodexProfileAccess = async () => {
+		const visible = await loadLicenseVisibleProfiles(profileManager, { freshLicense: true });
+		return {
+			allProfileNames: new Set(visible.allProfiles.map((profile) => profile.name)),
+			allowedProfileNames: new Set(visible.profiles.map((profile) => profile.name))
+		};
+	};
+	const assertOfficialCodexProfileAccess = (profileName, access) => {
+		if (!access.allProfileNames.has(profileName) || access.allowedProfileNames.has(profileName)) return;
+		throw new Error("CodexUse Free supports Codex Apps for the 2 visible profiles. Upgrade to CodexUse Pro for unlimited profile windows.");
+	};
+	const toOfficialCodexProfileAccessRouteError = (error) => new RouteRequestError({ message: formatUserFacingError(error, { fallback: "Could not verify Codex App profile access." }) });
+	const mapDefaultCodexAuthToProfile = async () => {
+		const [snapshot, profiles] = await Promise.all([profileManager.captureActiveAuthSnapshot(), profileManager.listProfiles()]);
+		const candidateKeys = new Set([
+			resolveProfileIdentityKey({
+				email: snapshot.email,
+				accountId: snapshot.accountId,
+				workspaceId: snapshot.workspaceId,
+				metadata: {
+					userId: snapshot.userId ?? void 0,
+					chatgptUserId: snapshot.chatgptUserId ?? void 0,
+					chatgptAccountUserId: snapshot.chatgptAccountUserId ?? void 0
+				}
+			}),
+			snapshot.accountId,
+			snapshot.email && snapshot.workspaceId ? resolveProfileIdentityKey({
+				email: snapshot.email,
+				workspaceId: snapshot.workspaceId
+			}) : null,
+			snapshot.email ? resolveProfileIdentityKey({ email: snapshot.email }) : null
+		].filter((key) => Boolean(key)));
+		if (candidateKeys.size === 0) return null;
+		for (const profile of profiles) {
+			const matchedKey = [
+				resolveProfileIdentityKeyFromProfile(profile),
+				resolveLegacyProfileAccountKey(profile),
+				profile.accountId ?? null,
+				profile.email ? resolveProfileIdentityKey({ email: profile.email }) : null,
+				profile.email && profile.workspaceId ? resolveProfileIdentityKey({
+					email: profile.email,
+					workspaceId: profile.workspaceId
+				}) : null
+			].filter((key) => Boolean(key)).find((key) => candidateKeys.has(key)) ?? null;
+			if (matchedKey) return {
+				name: profile.name,
+				key: matchedKey
+			};
+		}
+		return null;
+	};
+	const enrichOfficialCodexInstances = async (payload) => {
+		if (payload.unmanaged.length === 0) return payload;
+		const defaultProfile = await mapDefaultCodexAuthToProfile();
+		if (!defaultProfile) return payload;
+		return {
+			...payload,
+			unmanaged: payload.unmanaged.map((instance) => instance.profileName || !instance.appServerPid ? instance : {
+				...instance,
+				profileName: defaultProfile.name,
+				profileKey: defaultProfile.key,
+				profileMatchSource: "default-auth"
+			})
+		};
+	};
+	const findObservedOfficialCodexProfileInstance = async (profileName) => {
+		const instances = await enrichOfficialCodexInstances(await getOfficialCodexProfileInstances());
+		if (instances.instances.some((instance) => instance.profileName === profileName && instance.running)) return null;
+		const observed = instances.unmanaged.find((instance) => instance.profileName === profileName) ?? null;
+		return observed ? {
+			...observed,
+			appPath: instances.appPath,
+			bundleId: instances.bundleId
+		} : null;
+	};
+	const resolveAutoRollRearmActionAfterManualSwitch = async (profileName) => {
+		const settings = normalizeAutoRollSettings(await getStoredAutoRollSettings());
+		if (!settings.enabled) return "none";
+		const profile = (await profileManager.listProfiles()).find((entry) => entry.name === profileName);
+		if (!profile) return "none";
+		const accountId = resolveProfileIdentityKeyFromProfile(profile);
+		const summary = summarizeRateLimitSnapshot((await loadCachedRateLimitSnapshots([accountId])).get(accountId) ?? profile.rateLimit ?? null);
+		if (!summary.hasUsage) return "unblock";
+		return summary.remainingPercent <= settings.switchRemainingThreshold ? "block" : "unblock";
+	};
+	const maybeRestartOfficialCodexAfterAutoRoll = async (targetProfileName, targetProfileKey) => {
+		try {
+			const settings = normalizeAutoRollSettings(await getStoredAutoRollSettings());
+			if (!settings.restartOfficialCodexOnAutoRoll) return;
+			const result = await restartOfficialCodexApp({
+				source: "auto-roll",
+				currentProfileKey: targetProfileKey,
+				launchIfNotRunning: settings.launchOfficialCodexWhenClosedOnAutoRoll
+			});
 			trackAnalyticsEvent("official_codex_restart_after_auto_roll", {
 				status: result.status,
 				reason: result.status === "skipped" || result.status === "failed" ? result.reason : void 0,
 				targetProfileName
 			});
 			if (result.status === "failed") logger.warn("Official Codex restart after auto-roll failed", result);
-			else if (result.status === "restarted") logger.info("Official Codex restarted after auto-roll", result);
-		})().catch((error) => {
+			else if (result.status === "restarted" || result.status === "started") logger.info("Official Codex restarted after auto-roll", result);
+		} catch (error) {
 			logger.warn("Official Codex restart after auto-roll threw", { error });
-		});
+		}
 	};
 	const handleProfileSwitch = async (name, source = "app") => {
 		if (!name) throw new Error("Profile name is required");
 		const previousProfile = source === "auto-roll" ? (await profileManager.getCurrentProfile()).name ?? null : null;
 		await profileManager.switchToProfile(name);
+		let targetProfileKey = null;
+		try {
+			targetProfileKey = await resolveProfileIdentityKeyByName(name);
+			await recordOfficialCodexProfileSwitch(targetProfileKey);
+		} catch (error) {
+			logger.warn("Failed to record Official Codex profile switch", {
+				error,
+				profileName: name
+			});
+		}
 		if (source === "auto-roll") rememberAutoRollAttempt(previousProfile, name);
+		else try {
+			const rearmAction = await resolveAutoRollRearmActionAfterManualSwitch(name);
+			if (rearmAction === "block") blockAutoRollUntilRearm(name);
+			else if (rearmAction === "unblock") unblockAutoRollRearm(name);
+		} catch (error) {
+			logger.warn("Failed to evaluate auto-roll rearm block after manual switch", {
+				error,
+				profileName: name
+			});
+		}
 		await publishProfileSwitched({ name });
 		trackAnalyticsEvent("profile_switched", { source });
-		if (source === "auto-roll") maybeRestartOfficialCodexAfterAutoRoll(name);
+		if (source === "auto-roll") await maybeRestartOfficialCodexAfterAutoRoll(name, targetProfileKey);
 	};
 	const maybeRunBackgroundAutoRoll = async () => {
 		if (backgroundAutoRollInFlight) return;
@@ -83083,14 +84437,17 @@ const createServer = fn(function* () {
 					rateLimit: snapshot
 				};
 			});
+			rearmAutoRollBlockedProfiles(usageSummaries, settings.rearmRemainingThreshold);
 			const currentProfile = profilesWithSnapshots.find((profile) => profile.name === currentProfileName);
 			if (!currentProfile) return;
 			const currentSummary = usageSummaries.get(currentProfileName) ?? summarizeRateLimitSnapshot(currentProfile.rateLimit ?? null);
-			if (!currentSummary.hasUsage || currentSummary.usagePercent < settings.switchThreshold) return;
-			const candidate = computeAutoRollCandidate(profilesWithSnapshots, usageSummaries, currentProfileName, currentSummary, settings.switchThreshold);
+			if (!currentSummary.hasUsage) return;
+			if (isAutoRollBlockedUntilRearm(currentProfileName, currentSummary, settings.rearmRemainingThreshold)) return;
+			if (currentSummary.remainingPercent > settings.switchRemainingThreshold) return;
+			const candidate = computeAutoRollCandidate(profilesWithSnapshots, usageSummaries, currentProfileName, currentSummary, settings.switchRemainingThreshold, settings.priorityOrder, autoRollRearmBlockedProfiles);
 			if (!candidate || isRecentAutoRollAttempt(currentProfileName, candidate.profile.name)) return;
-			rememberAutoRollAttempt(currentProfileName, candidate.profile.name);
 			await handleProfileSwitch(candidate.profile.name, "auto-roll");
+			blockAutoRollUntilRearm(currentProfileName);
 		} catch (error) {
 			logger.warn("Background auto-roll failed", { error });
 		} finally {
@@ -83123,6 +84480,9 @@ const createServer = fn(function* () {
 			profileName: payload.profileName,
 			snapshot: payload.snapshot ?? null
 		}));
+		maybeSendLowRemainingNotification(payload).catch((error) => {
+			logger.warn("Low remaining notification failed", { error });
+		});
 		maybeRunBackgroundAutoRoll();
 	};
 	const handleRateLimitStateChanged = (payload) => {
@@ -83531,9 +84891,15 @@ const createServer = fn(function* () {
 				return yield* promise(() => telegramBridge.testToken(body.token));
 			}
 			case WS_METHODS.profilesFetch: {
-				const data = yield* promise(() => loadProfilesViewData());
+				const data = yield* promise(() => loadProfilesViewData({ autoImportActiveAuth: true }));
+				const currentProfile = data.currentProfile ? data.profiles.find((profile) => profile.name === data.currentProfile) ?? null : null;
+				const currentProfileKey = currentProfile ? resolveProfileIdentityKeyFromProfile(currentProfile) : null;
+				const officialCodexStatus = yield* promise(() => getOfficialCodexSyncStatus(currentProfileKey));
 				refreshTray();
-				return data;
+				return {
+					...data,
+					officialCodexStatus
+				};
 			}
 			case WS_METHODS.profilesStartAuth: {
 				const body = stripRequestTag(request.body);
@@ -83545,30 +84911,23 @@ const createServer = fn(function* () {
 					if (yield* promise(() => profileManager.profileExists(name))) return yield* new RouteRequestError({ message: `Profile '${name}' already exists! Choose a different name.` });
 				} else if (!(yield* promise(() => profileManager.profileExists(name)))) return yield* new RouteRequestError({ message: `Profile '${name}' not found!` });
 				const existingSession = authSessions.get(name);
-				if (existingSession && !existingSession.completed) {
-					existingSession.process.kill();
+				if (existingSession) {
+					if (!existingSession.completed) existingSession.process.kill();
 					if (existingSession.timeout) clearTimeout(existingSession.timeout);
-					if (existingSession.restoreConfig) existingSession.restoreConfig();
+					cleanupProfileAuthSession(existingSession);
 					authSessions.delete(name);
 				}
 				const startedAt = Date.now();
-				const initialAuthSnapshot = yield* promise(() => profileManager.captureActiveAuthSnapshot());
-				let cleanupConfig = null;
-				const restoreConfig = async () => {
-					if (!cleanupConfig) return;
-					const restore = cleanupConfig;
-					cleanupConfig = null;
-					try {
-						await restore();
-					} catch (error) {
-						console.warn("Failed to restore Codex config after login attempt:", error);
-					}
-				};
+				const loginHome = yield* promise(() => createIsolatedCodexLoginHome());
+				const initialAuthSnapshot = yield* promise(() => profileManager.captureAuthSnapshot(loginHome.authPath));
 				try {
-					const storageOptions = yield* promise(() => resolveCodexHomeStorageOptions());
-					cleanupConfig = yield* promise(() => sanitizeCodexConfigForCli(storageOptions));
 					const codexPath = yield* promise(() => resolveCodexBinaryOrThrow("Codex CLI is required to start authentication."));
-					const loginEnv = buildCliEnv(codexPath, { ELECTRON_RUN_AS_NODE: "1" });
+					const loginEnv = buildCliEnv(codexPath, {
+						ELECTRON_RUN_AS_NODE: "1",
+						HOME: loginHome.home,
+						USERPROFILE: loginHome.home,
+						CODEX_HOME: loginHome.home
+					});
 					const command = buildCodexCommand$1(codexPath, ["login"], loginEnv);
 					const loginProcess = spawn(command.command, command.args, {
 						stdio: [
@@ -83588,7 +84947,8 @@ const createServer = fn(function* () {
 						mode,
 						startedAt,
 						initialAuthSnapshot,
-						restoreConfig
+						authPath: loginHome.authPath,
+						cleanupAuthHome: loginHome.cleanup
 					};
 					authSessions.set(name, session);
 					loginProcess.stdout?.on("data", (chunk) => {
@@ -83608,7 +84968,6 @@ const createServer = fn(function* () {
 						session.completed = true;
 						session.exitCode = code;
 						if (session.timeout) clearTimeout(session.timeout);
-						restoreConfig();
 					});
 					loginProcess.on("error", (error) => {
 						session.error = compactErrorText(error instanceof Error ? error.message : String(error)) || "Authentication failed.";
@@ -83618,7 +84977,6 @@ const createServer = fn(function* () {
 							clearTimeout(session.timeout);
 							session.timeout = void 0;
 						}
-						restoreConfig();
 					});
 					session.timeout = setTimeout(() => {
 						if (!session.completed) {
@@ -83632,7 +84990,7 @@ const createServer = fn(function* () {
 					return;
 				} catch (error) {
 					trackAnalyticsEvent("profile_auth_start_failed", { mode });
-					yield* promise(() => restoreConfig());
+					yield* promise(() => loginHome.cleanup());
 					throw error;
 				}
 			}
@@ -83657,38 +85015,41 @@ const createServer = fn(function* () {
 				const session = authSessions.get(body.name);
 				if (!session) return yield* new RouteRequestError({ message: "No authentication session found" });
 				if (!session.completed) return yield* new RouteRequestError({ message: "Authentication not yet completed" });
-				if (session.exitCode !== 0) {
-					authSessions.delete(body.name);
-					trackAnalyticsEvent("profile_auth_failed", { mode: session.mode });
-					return yield* new RouteRequestError({ message: formatUserFacingError(session.error ?? `Authentication failed with code ${session.exitCode}`, { fallback: "Authentication failed. Try again." }) });
-				}
-				if (session.mode === "create") {
-					const currentAuthSnapshot = yield* promise(() => profileManager.captureActiveAuthSnapshot());
-					if (currentAuthSnapshot.fingerprint === (session.initialAuthSnapshot?.fingerprint ?? null)) {
-						authSessions.delete(body.name);
+				try {
+					if (session.exitCode !== 0) {
+						trackAnalyticsEvent("profile_auth_failed", { mode: session.mode });
+						return yield* new RouteRequestError({ message: formatUserFacingError(session.error ?? `Authentication failed with code ${session.exitCode}`, { fallback: "Authentication failed. Try again." }) });
+					}
+					if (!session.authPath) {
 						trackAnalyticsEvent("profile_auth_complete_failed", { mode: session.mode });
-						const activeOwner = describeActiveAuthOwner(currentAuthSnapshot);
-						const ownerText = activeOwner ? ` The active auth still belongs to '${activeOwner}'.` : "";
-						return yield* new RouteRequestError({ message: `Codex login finished without updating the active auth for '${body.name}'.${ownerText} Finish the browser login for the new account and try again.` });
+						return yield* new RouteRequestError({ message: "Authentication session is missing its isolated auth file." });
+					}
+					if (session.mode === "create") {
+						const currentAuthSnapshot = yield* promise(() => profileManager.captureAuthSnapshot(session.authPath ?? void 0));
+						if (currentAuthSnapshot.fingerprint === (session.initialAuthSnapshot?.fingerprint ?? null)) {
+							trackAnalyticsEvent("profile_auth_complete_failed", { mode: session.mode });
+							const activeOwner = describeActiveAuthOwner(currentAuthSnapshot);
+							const ownerText = activeOwner ? ` Isolated auth still belongs to '${activeOwner}'.` : "";
+							return yield* new RouteRequestError({ message: `Codex login finished without producing new auth for '${body.name}'.${ownerText} Finish the browser login for the new account and try again.` });
+						}
 					}
-				}
-				try {
 					if (session.mode === "refresh") {
-						yield* promise(() => profileManager.refreshProfileAuth(body.name));
+						yield* promise(() => profileManager.refreshProfileAuthFromFile(body.name, session.authPath));
 						trackAnalyticsEvent("profile_tokens_refreshed", { mode: session.mode });
 					} else {
 						yield* promise(() => assertProfileCreationAllowed(profileManager));
-						yield* promise(() => profileManager.createProfile(body.name));
+						yield* promise(() => profileManager.createProfileFromAuthFile(body.name, session.authPath));
 						trackAnalyticsEvent("profile_created", { mode: session.mode });
 					}
 					trackAnalyticsEvent("profile_auth_completed", { mode: session.mode });
-					authSessions.delete(body.name);
 					refreshTray();
 					return;
 				} catch (error) {
 					trackAnalyticsEvent("profile_auth_complete_failed", { mode: session.mode });
-					authSessions.delete(body.name);
 					throw error;
+				} finally {
+					authSessions.delete(body.name);
+					yield* promise(() => cleanupProfileAuthSession(session));
 				}
 			}
 			case WS_METHODS.profilesSwitch: {
@@ -83712,13 +85073,39 @@ const createServer = fn(function* () {
 			}
 			case WS_METHODS.profilesDelete: {
 				const body = stripRequestTag(request.body);
-				if (!body.name?.trim()) return yield* new RouteRequestError({ message: "Profile name is required" });
-				yield* promise(() => profileManager.deleteProfile(body.name));
-				trackAnalyticsEvent("profile_deleted");
-				const currentProfile = yield* promise(() => profileManager.getCurrentProfile());
+				const name = body.name?.trim() ?? "";
+				if (!name) return yield* new RouteRequestError({ message: "Profile name is required" });
+				const replacementProfileName = typeof body.replacementProfileName === "string" && body.replacementProfileName.trim().length > 0 ? body.replacementProfileName.trim() : null;
+				const removeActiveAuth = body.removeActiveAuth === true;
+				if (replacementProfileName && removeActiveAuth) return yield* new RouteRequestError({ message: "Choose either a replacement profile or active auth removal." });
+				if (replacementProfileName) {
+					yield* promise(() => profileManager.deleteActiveProfileAndSwitch(name, replacementProfileName));
+					let targetProfileKey = null;
+					try {
+						targetProfileKey = yield* promise(() => resolveProfileIdentityKeyByName(replacementProfileName));
+						yield* promise(() => recordOfficialCodexProfileSwitch(targetProfileKey));
+					} catch (error) {
+						logger.warn("Failed to record Official Codex profile switch after deletion", {
+							error,
+							profileName: replacementProfileName
+						});
+					}
+					yield* promise(() => publishProfileSwitched({ name: replacementProfileName }));
+					trackAnalyticsEvent("profile_switched", { source: "app" });
+					trackAnalyticsEvent("profile_deleted", { mode: "delete-and-switch" });
+					refreshTray();
+					return;
+				}
+				if (removeActiveAuth) {
+					yield* promise(() => profileManager.deleteActiveProfileAndAuth(name));
+					trackAnalyticsEvent("profile_deleted", { mode: "delete-and-sign-out" });
+					refreshTray();
+					return;
+				}
+				if ((yield* promise(() => profileManager.getCurrentProfile())).name === name) return yield* new RouteRequestError({ message: "This profile is the active Codex CLI login. Switch to another profile or confirm signing out before deleting it." });
+				yield* promise(() => profileManager.deleteProfile(name));
+				trackAnalyticsEvent("profile_deleted", { mode: "profile-only" });
 				refreshTray();
-				const currentProfileName = typeof currentProfile.name === "string" && currentProfile.name.length > 0 ? currentProfile.name : null;
-				if (currentProfileName) yield* promise(() => publishProfileSwitched({ name: currentProfileName }));
 				return;
 			}
 			case WS_METHODS.profilesExport: {
@@ -83739,12 +85126,12 @@ const createServer = fn(function* () {
 					clearTimeout(session.timeout);
 					session.timeout = void 0;
 				}
-				if (session.restoreConfig) session.restoreConfig();
+				yield* promise(() => cleanupProfileAuthSession(session));
 				authSessions.delete(body.name);
 				return;
 			}
 			case WS_METHODS.rateLimitsRefreshNow: {
-				const profiles = yield* promise(() => profileManager.listProfiles());
+				const { profiles } = yield* promise(() => loadLicenseVisibleProfiles(profileManager));
 				const profileNames = Array.from(new Set(profiles.filter((profile) => profile.isValid).map((profile) => profile.name).filter(Boolean)));
 				return { enqueued: (yield* promise(() => enqueueAccountsRefreshNow(profileNames))).enqueuedAccountIds.length };
 			}
@@ -83783,15 +85170,197 @@ const createServer = fn(function* () {
 			case WS_METHODS.autoRollSaveSettings: {
 				const normalized = normalizeAutoRollSettings(stripRequestTag(request.body).settings);
 				yield* promise(() => persistAutoRollSettings(normalized));
+				maybeRunBackgroundAutoRoll();
 				trackAnalyticsEvent("auto_roll_settings_saved", {
 					enabled: normalized.enabled,
-					warningThreshold: normalized.warningThreshold,
-					switchThreshold: normalized.switchThreshold,
-					restartOfficialCodexOnAutoRoll: normalized.restartOfficialCodexOnAutoRoll
+					rearmRemainingThreshold: normalized.rearmRemainingThreshold,
+					switchRemainingThreshold: normalized.switchRemainingThreshold,
+					restartOfficialCodexOnAutoRoll: normalized.restartOfficialCodexOnAutoRoll,
+					launchOfficialCodexWhenClosedOnAutoRoll: normalized.launchOfficialCodexWhenClosedOnAutoRoll,
+					priorityCount: normalized.priorityOrder.length,
+					lowRemainingNotificationEnabled: normalized.lowRemainingNotificationEnabled,
+					lowRemainingNotificationThreshold: normalized.lowRemainingNotificationThreshold
 				});
 				return normalized;
 			}
-			case WS_METHODS.officialCodexRestart: return yield* promise(() => restartOfficialCodexApp());
+			case WS_METHODS.officialCodexRestart: return yield* promise(async () => {
+				return restartOfficialCodexApp({
+					source: "manual",
+					currentProfileKey: await resolveProfileIdentityKeyByName((await profileManager.getCurrentProfile()).name ?? null)
+				});
+			});
+			case WS_METHODS.officialCodexInstances: return yield* promise(async () => enrichOfficialCodexInstances(await getOfficialCodexProfileInstances()));
+			case WS_METHODS.officialCodexLaunchProfile: {
+				const name = stripRequestTag(request.body).name?.trim() ?? "";
+				const access = yield* tryPromise({
+					try: () => resolveOfficialCodexProfileAccess(),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				yield* try_({
+					try: () => assertOfficialCodexProfileAccess(name, access),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				const observed = yield* promise(() => findObservedOfficialCodexProfileInstance(name));
+				if (observed) return {
+					status: "already-running",
+					profileName: name,
+					instance: {
+						profileName: name,
+						profileKey: observed.profileKey ?? null,
+						appPath: observed.appPath,
+						bundleId: observed.bundleId,
+						pid: observed.pid,
+						appServerPid: observed.appServerPid,
+						running: true,
+						startedAt: observed.startedAt ?? null,
+						uptimeMs: observed.uptimeMs ?? null,
+						launchedAt: null,
+						lastVerifiedAt: (/* @__PURE__ */ new Date()).toISOString(),
+						lastStatus: "running",
+						lastError: null
+					},
+					reason: null
+				};
+				const options = yield* tryPromise({
+					try: () => prepareOfficialCodexProfileLaunch(name),
+					catch: (error) => new RouteRequestError({ message: formatUserFacingError(error, { fallback: "Could not prepare Codex App profile." }) })
+				});
+				trackAnalyticsEvent("official_codex_profile_launch_requested");
+				return yield* promise(() => launchOfficialCodexProfileInstance(options));
+			}
+			case WS_METHODS.officialCodexFocusProfile: {
+				const name = stripRequestTag(request.body).name?.trim() ?? "";
+				const access = yield* tryPromise({
+					try: () => resolveOfficialCodexProfileAccess(),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				yield* try_({
+					try: () => assertOfficialCodexProfileAccess(name, access),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				return yield* promise(async () => {
+					const observed = await findObservedOfficialCodexProfileInstance(name);
+					if (observed) return focusOfficialCodexObservedProfileInstance(name, observed.pid, observed.appServerPid);
+					return focusOfficialCodexProfileInstance(name);
+				});
+			}
+			case WS_METHODS.officialCodexStopProfile: {
+				const name = stripRequestTag(request.body).name?.trim() ?? "";
+				const access = yield* tryPromise({
+					try: () => resolveOfficialCodexProfileAccess(),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				yield* try_({
+					try: () => assertOfficialCodexProfileAccess(name, access),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				return yield* promise(async () => {
+					const observed = await findObservedOfficialCodexProfileInstance(name);
+					if (observed) return stopOfficialCodexObservedProfileInstance(name, observed.pid, observed.appServerPid);
+					return stopOfficialCodexProfileInstance(name);
+				});
+			}
+			case WS_METHODS.officialCodexRestartProfile: {
+				const name = stripRequestTag(request.body).name?.trim() ?? "";
+				const access = yield* tryPromise({
+					try: () => resolveOfficialCodexProfileAccess(),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				yield* try_({
+					try: () => assertOfficialCodexProfileAccess(name, access),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				const options = yield* tryPromise({
+					try: () => prepareOfficialCodexProfileLaunch(name),
+					catch: (error) => new RouteRequestError({ message: formatUserFacingError(error, { fallback: "Could not prepare Codex App profile." }) })
+				});
+				trackAnalyticsEvent("official_codex_profile_restart_requested");
+				return yield* promise(async () => {
+					const observed = await findObservedOfficialCodexProfileInstance(name);
+					if (observed) {
+						const stopped = await stopOfficialCodexObservedProfileInstance(name, observed.pid, observed.appServerPid);
+						if (stopped.status === "failed") return stopped;
+						const launched = await launchOfficialCodexProfileInstance(options);
+						return {
+							...launched,
+							status: launched.status === "started" ? "restarted" : launched.status
+						};
+					}
+					return restartOfficialCodexProfileInstance(options);
+				});
+			}
+			case WS_METHODS.officialCodexLaunchProfiles: {
+				const body = stripRequestTag(request.body);
+				const rawNames = Array.isArray(body.names) ? body.names : [];
+				const names = Array.from(new Set(rawNames.map((name) => typeof name === "string" ? name.trim() : "").filter(Boolean)));
+				const access = yield* tryPromise({
+					try: () => resolveOfficialCodexProfileAccess(),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				yield* try_({
+					try: () => {
+						for (const name of names) assertOfficialCodexProfileAccess(name, access);
+					},
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				const results = [];
+				for (const name of names) {
+					const observed = yield* promise(() => findObservedOfficialCodexProfileInstance(name));
+					if (observed) {
+						results.push({
+							status: "already-running",
+							profileName: name,
+							instance: {
+								profileName: name,
+								profileKey: observed.profileKey ?? null,
+								appPath: observed.appPath,
+								bundleId: observed.bundleId,
+								pid: observed.pid,
+								appServerPid: observed.appServerPid,
+								running: true,
+								startedAt: observed.startedAt ?? null,
+								uptimeMs: observed.uptimeMs ?? null,
+								launchedAt: null,
+								lastVerifiedAt: (/* @__PURE__ */ new Date()).toISOString(),
+								lastStatus: "running",
+								lastError: null
+							},
+							reason: null
+						});
+						continue;
+					}
+					const options = yield* tryPromise({
+						try: () => prepareOfficialCodexProfileLaunch(name),
+						catch: (error) => new RouteRequestError({ message: formatUserFacingError(error, { fallback: `Could not prepare Codex App profile '${name}'.` }) })
+					});
+					results.push(yield* promise(() => launchOfficialCodexProfileInstance(options)));
+				}
+				trackAnalyticsEvent("official_codex_profiles_launch_requested", { count: results.length });
+				return { results };
+			}
+			case WS_METHODS.officialCodexStopProfiles: {
+				const body = stripRequestTag(request.body);
+				const rawNames = Array.isArray(body.names) ? body.names : [];
+				const names = Array.from(new Set(rawNames.map((name) => typeof name === "string" ? name.trim() : "").filter(Boolean)));
+				const access = yield* tryPromise({
+					try: () => resolveOfficialCodexProfileAccess(),
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				yield* try_({
+					try: () => {
+						for (const name of names) assertOfficialCodexProfileAccess(name, access);
+					},
+					catch: toOfficialCodexProfileAccessRouteError
+				});
+				const results = [];
+				for (const name of names) results.push(yield* promise(async () => {
+					const observed = await findObservedOfficialCodexProfileInstance(name);
+					if (observed) return stopOfficialCodexObservedProfileInstance(name, observed.pid, observed.appServerPid);
+					return stopOfficialCodexProfileInstance(name);
+				}));
+				trackAnalyticsEvent("official_codex_profiles_stop_requested", { count: results.length });
+				return { results };
+			}
 			case WS_METHODS.cliInfo: return yield* promise(() => getCodexCliInfo());
 			case WS_METHODS.cliStatus: return yield* promise(() => getCliInstallStatusWithFreshness());
 			case WS_METHODS.cliCheckFreshness: {
@@ -83871,8 +85440,8 @@ const ServerLive = succeed$3(Server, {
 //#region src/serverLogger.ts
 const ServerLoggerLive = gen(function* () {
 	const config = yield* ServerConfig$1;
-	const logDir = path.join(config.stateDir, "logs");
-	const logPath = path.join(logDir, "server.log");
+	const logDir = nodePath.join(config.stateDir, "logs");
+	const logPath = nodePath.join(logDir, "server.log");
 	yield* sync(() => {
 		fs.mkdirSync(logDir, { recursive: true });
 	});