oh-my-codex 0.17.2 → 0.18.0

package/crates/omx-sparkshell/src/codex_bridge.rs

@@ -2,12 +2,13 @@ use crate::error::SparkshellError;
 use crate::exec::CommandOutput;
 use crate::prompt::build_summary_prompt;
 use std::env;
+use std::fs;
 use std::io::{Read, Write};
-use std::process::{Command, Stdio};
-use std::thread;
-use std::time::{Duration, Instant};
+use std::net::{IpAddr, TcpStream, ToSocketAddrs};
+use std::time::Duration;
 
 pub const DEFAULT_SUMMARY_TIMEOUT_MS: u64 = 60_000;
+pub const DEFAULT_API_BASE_URL: &str = "http://127.0.0.1:14510";
 pub const DEFAULT_SPARK_MODEL: &str = "gpt-5.3-codex-spark";
 pub const DEFAULT_STANDARD_MODEL: &str = "gpt-5.4-mini";
 
@@ -63,43 +64,32 @@ pub fn summarize_output(
     let model = resolve_model();
     let fallback_model = resolve_fallback_model();
     let timeout_ms = read_summary_timeout_ms();
-    let (stdout, stderr, status_ok) = run_codex_exec(&prompt, &model, timeout_ms)?;
-    if !status_ok {
-        let should_retry = fallback_model != model && should_retry_with_fallback(&stderr);
-        if should_retry {
-            let (fallback_stdout, fallback_stderr, fallback_ok) =
-                run_codex_exec(&prompt, &fallback_model, timeout_ms)?;
-            if !fallback_ok {
-                let primary_message = if stderr.trim().is_empty() {
-                    "codex exec exited unsuccessfully".to_string()
-                } else {
-                    stderr.trim().to_string()
-                };
-                let fallback_message = if fallback_stderr.trim().is_empty() {
-                    "codex exec exited unsuccessfully".to_string()
-                } else {
-                    fallback_stderr.trim().to_string()
-                };
-                return Err(SparkshellError::SummaryBridge(format!(
-                    "codex exec failed for primary model `{model}` ({primary_message}) and fallback model `{fallback_model}` ({fallback_message})"
-                )));
+    match request_summary(&prompt, &model, timeout_ms) {
+        Ok(stdout) => normalize_summary(&stdout).ok_or_else(|| {
+            SparkshellError::SummaryBridge(
+                "local API returned no valid summary sections".to_string(),
+            )
+        }),
+        Err(primary_error) => {
+            let primary_message = primary_error.to_string();
+            if fallback_model != model && should_retry_with_fallback(&primary_message) {
+                match request_summary(&prompt, &fallback_model, timeout_ms) {
+                    Ok(fallback_stdout) => normalize_summary(&fallback_stdout).ok_or_else(|| {
+                        SparkshellError::SummaryBridge(
+                            "local API fallback returned no valid summary sections".to_string(),
+                        )
+                    }),
+                    Err(fallback_error) => Err(SparkshellError::SummaryBridge(format!(
+                        "local API failed for primary model `{model}` ({primary_message}) and fallback model `{fallback_model}` ({fallback_error})"
+                    ))),
+                }
+            } else {
+                Err(SparkshellError::SummaryBridge(format!(
+                    "local API summary request failed: {primary_message}"
+                )))
             }
-            return normalize_summary(&fallback_stdout).ok_or_else(|| {
-                SparkshellError::SummaryBridge(
-                    "codex exec fallback returned no valid summary sections".to_string(),
-                )
-            });
-        }
-        let message = if stderr.trim().is_empty() {
-            "codex exec exited unsuccessfully".to_string()
-        } else {
-            format!("codex exec exited unsuccessfully: {}", stderr.trim())
-        };
-        return Err(SparkshellError::SummaryBridge(message));
+        }
     }
-    normalize_summary(&stdout).ok_or_else(|| {
-        SparkshellError::SummaryBridge("codex exec returned no valid summary sections".to_string())
-    })
 }
 
 fn should_retry_with_fallback(stderr: &str) -> bool {
@@ -119,93 +109,371 @@ fn should_retry_with_fallback(stderr: &str) -> bool {
     .any(|needle| normalized.contains(needle))
 }
 
-fn run_codex_exec(
-    prompt: &str,
-    model: &str,
+fn request_summary(prompt: &str, model: &str, timeout_ms: u64) -> Result<String, SparkshellError> {
+    let api_base_url = resolve_api_base_url();
+    let endpoint = join_api_path(&api_base_url, "/v1/responses");
+    let request = build_responses_request(prompt, model)?;
+    let response_body = post_json(&endpoint, &request, timeout_ms, resolve_api_bearer())?;
+    extract_output_text(&response_body).ok_or_else(|| {
+        SparkshellError::SummaryBridge("local API response did not include output_text".to_string())
+    })
+}
+
+fn resolve_api_base_url() -> String {
+    env::var("OMX_API_BASE_URL")
+        .ok()
+        .map(|value| value.trim().trim_end_matches('/').to_string())
+        .filter(|value| !value.is_empty())
+        .or_else(|| {
+            env::var("OMX_API_PORT")
+                .ok()
+                .map(|value| value.trim().to_string())
+                .filter(|value| !value.is_empty())
+                .map(|port| format!("http://127.0.0.1:{port}"))
+        })
+        .unwrap_or_else(|| DEFAULT_API_BASE_URL.to_string())
+}
+
+fn resolve_api_bearer() -> Option<String> {
+    env::var("OMX_API_LOCAL_BEARER")
+        .ok()
+        .map(|value| value.trim().to_string())
+        .filter(|value| !value.is_empty())
+        .or_else(|| {
+            let path = env::var("OMX_API_STATE_FILE")
+                .ok()
+                .filter(|value| !value.trim().is_empty())
+                .unwrap_or_else(|| {
+                    env::temp_dir()
+                        .join("omx-api-daemon.json")
+                        .display()
+                        .to_string()
+                });
+            fs::read_to_string(path)
+                .ok()
+                .and_then(|state| extract_json_string_field(&state, "local_bearer_token_file"))
+                .and_then(|token_file| fs::read_to_string(token_file).ok())
+                .map(|token| token.trim().to_string())
+                .filter(|token| !token.is_empty())
+        })
+}
+
+fn build_responses_request(prompt: &str, model: &str) -> Result<String, SparkshellError> {
+    let mut fields = vec![
+        format!("\"model\":{}", json_string(model)),
+        format!("\"input\":{}", json_string(prompt)),
+        "\"reasoning\":{\"effort\":\"low\"}".to_string(),
+        "\"stream\":false".to_string(),
+    ];
+
+    if let Some(path) = resolve_instructions_file() {
+        let instructions = fs::read_to_string(&path).map_err(|error| {
+            SparkshellError::SummaryBridge(format!(
+                "failed to read summary instructions file `{path}`: {error}"
+            ))
+        })?;
+        fields.push(format!("\"instructions\":{}", json_string(&instructions)));
+    }
+
+    Ok(format!("{{{}}}", fields.join(",")))
+}
+
+fn join_api_path(base_url: &str, path: &str) -> String {
+    format!(
+        "{}{}{}",
+        base_url.trim_end_matches('/'),
+        if path.starts_with('/') { "" } else { "/" },
+        path
+    )
+}
+
+fn post_json(
+    url: &str,
+    body: &str,
     timeout_ms: u64,
-) -> Result<(String, String, bool), SparkshellError> {
-    let mut child = Command::new("codex")
-        .arg("exec")
-        .arg("--model")
-        .arg(model)
-        .arg("--sandbox")
-        .arg("read-only")
-        .arg("-c")
-        .arg("model_reasoning_effort=\"low\"")
-        .args(resolve_instructions_file().into_iter().flat_map(|path| {
-            [
-                "-c".to_string(),
-                format!("model_instructions_file=\"{}\"", escape_toml_string(&path)),
-            ]
-        }))
-        .arg("--skip-git-repo-check")
-        .arg("--color")
-        .arg("never")
-        .arg("-")
-        .stdin(Stdio::piped())
-        .stdout(Stdio::piped())
-        .stderr(Stdio::piped())
-        .spawn()?;
-
-    let mut stdin = child
-        .stdin
-        .take()
-        .ok_or_else(|| SparkshellError::SummaryBridge("failed to open codex stdin".to_string()))?;
-    let mut stdout = child
-        .stdout
-        .take()
-        .ok_or_else(|| SparkshellError::SummaryBridge("failed to open codex stdout".to_string()))?;
-    let mut stderr = child
-        .stderr
-        .take()
-        .ok_or_else(|| SparkshellError::SummaryBridge("failed to open codex stderr".to_string()))?;
-
-    let prompt_owned = prompt.to_string();
-    let stdin_writer = thread::spawn(move || stdin.write_all(prompt_owned.as_bytes()));
-    let stdout_reader = thread::spawn(move || {
-        let mut buffer = Vec::new();
-        let _ = stdout.read_to_end(&mut buffer);
-        buffer
-    });
-    let stderr_reader = thread::spawn(move || {
-        let mut buffer = Vec::new();
-        let _ = stderr.read_to_end(&mut buffer);
-        buffer
-    });
-
-    let deadline = Instant::now() + Duration::from_millis(timeout_ms);
-    let status = loop {
-        if let Some(status) = child.try_wait()? {
-            break status;
-        }
-        if Instant::now() >= deadline {
-            let _ = child.kill();
-            let _ = child.wait();
-            let _ = stdin_writer.join();
-            let _ = stdout_reader.join();
-            let _ = stderr_reader.join();
-            return Err(SparkshellError::SummaryTimeout(timeout_ms));
-        }
-        thread::sleep(Duration::from_millis(25));
+    bearer: Option<String>,
+) -> Result<String, SparkshellError> {
+    let parsed = parse_http_url(url)?;
+    let timeout = Duration::from_millis(timeout_ms);
+    let mut addrs = (parsed.host.as_str(), parsed.port)
+        .to_socket_addrs()
+        .map_err(|error| {
+            SparkshellError::SummaryBridge(format!(
+                "failed to resolve local API host `{}`: {error}",
+                parsed.host
+            ))
+        })?;
+    let addr = addrs.next().ok_or_else(|| {
+        SparkshellError::SummaryBridge(format!(
+            "failed to resolve local API host `{}`",
+            parsed.host
+        ))
+    })?;
+    let mut stream = TcpStream::connect_timeout(&addr, timeout)
+        .map_err(|error| map_api_io_error(error, timeout_ms, "local API connection failed"))?;
+    stream.set_read_timeout(Some(timeout)).map_err(|error| {
+        map_api_io_error(error, timeout_ms, "local API read timeout setup failed")
+    })?;
+    stream.set_write_timeout(Some(timeout)).map_err(|error| {
+        map_api_io_error(error, timeout_ms, "local API write timeout setup failed")
+    })?;
+
+    let host_header = if parsed.explicit_port {
+        format!("{}:{}", parsed.host, parsed.port)
+    } else {
+        parsed.host.clone()
     };
+    let auth_header = bearer
+        .as_deref()
+        .map(|token| format!("Authorization: Bearer {token}\r\n"))
+        .unwrap_or_default();
+    let request = format!(
+        "POST {} HTTP/1.1\r\nHost: {}\r\nContent-Type: application/json\r\nAccept: application/json\r\n{}Connection: close\r\nContent-Length: {}\r\n\r\n{}",
+        parsed.path, host_header, auth_header, body.len(), body
+    );
+    stream
+        .write_all(request.as_bytes())
+        .map_err(|error| map_api_io_error(error, timeout_ms, "local API write failed"))?;
+    stream
+        .flush()
+        .map_err(|error| map_api_io_error(error, timeout_ms, "local API flush failed"))?;
+
+    let mut raw = Vec::new();
+    stream
+        .read_to_end(&mut raw)
+        .map_err(|error| map_api_io_error(error, timeout_ms, "local API read failed"))?;
+    let response = String::from_utf8_lossy(&raw);
+    let (head, response_body) = response.split_once("\r\n\r\n").ok_or_else(|| {
+        SparkshellError::SummaryBridge("local API returned malformed HTTP response".to_string())
+    })?;
+    let status_line = head.lines().next().unwrap_or_default();
+    let status_code = status_line
+        .split_whitespace()
+        .nth(1)
+        .and_then(|value| value.parse::<u16>().ok())
+        .ok_or_else(|| {
+            SparkshellError::SummaryBridge("local API returned malformed HTTP status".to_string())
+        })?;
+    if !(200..300).contains(&status_code) {
+        return Err(SparkshellError::SummaryBridge(format!(
+            "local API returned HTTP {status_code}: {}",
+            response_body.trim()
+        )));
+    }
+    Ok(response_body.to_string())
+}
+
+fn map_api_io_error(error: std::io::Error, timeout_ms: u64, context: &str) -> SparkshellError {
+    if matches!(
+        error.kind(),
+        std::io::ErrorKind::TimedOut | std::io::ErrorKind::WouldBlock
+    ) {
+        SparkshellError::SummaryTimeout(timeout_ms)
+    } else {
+        SparkshellError::SummaryBridge(format!("{context}: {error}"))
+    }
+}
+
+#[derive(Debug)]
+struct HttpUrl {
+    host: String,
+    port: u16,
+    path: String,
+    explicit_port: bool,
+}
+
+fn parse_http_url(url: &str) -> Result<HttpUrl, SparkshellError> {
+    let rest = url.strip_prefix("http://").ok_or_else(|| {
+        SparkshellError::SummaryBridge(format!("local API URL must use http://, got `{url}`"))
+    })?;
+    let (authority, path) = match rest.split_once('/') {
+        Some((authority, path)) => (authority, format!("/{path}")),
+        None => (rest, "/".to_string()),
+    };
+    let (host, port, explicit_port) = if let Some((host, port)) = authority.rsplit_once(':') {
+        let port = port.parse::<u16>().map_err(|_| {
+            SparkshellError::SummaryBridge(format!("local API URL has invalid port in `{url}`"))
+        })?;
+        (host.to_string(), port, true)
+    } else {
+        (authority.to_string(), 80, false)
+    };
+    if host.is_empty() {
+        return Err(SparkshellError::SummaryBridge(format!(
+            "local API URL has empty host in `{url}`"
+        )));
+    }
+    if !is_loopback_host(&host) && std::env::var_os("OMX_API_ALLOW_UNSAFE_BASE_URL").is_none() {
+        return Err(SparkshellError::SummaryBridge(format!(
+            "local API URL host `{host}` is not loopback; set OMX_API_ALLOW_UNSAFE_BASE_URL=1 only for trusted development"
+        )));
+    }
+    Ok(HttpUrl {
+        host,
+        port,
+        path,
+        explicit_port,
+    })
+}
+
+fn is_loopback_host(host: &str) -> bool {
+    if host == "localhost" {
+        return true;
+    }
+    let trimmed = host.trim_matches(['[', ']']);
+    trimmed
+        .parse::<IpAddr>()
+        .map(|addr| addr.is_loopback())
+        .unwrap_or(false)
+}
+
+fn json_string(value: &str) -> String {
+    let mut rendered = String::from("\"");
+    for ch in value.chars() {
+        match ch {
+            '\\' => rendered.push_str("\\\\"),
+            '"' => rendered.push_str("\\\""),
+            '\n' => rendered.push_str("\\n"),
+            '\r' => rendered.push_str("\\r"),
+            '\t' => rendered.push_str("\\t"),
+            ch if ch.is_control() => rendered.push_str(&format!("\\u{:04x}", ch as u32)),
+            ch => rendered.push(ch),
+        }
+    }
+    rendered.push('"');
+    rendered
+}
+
+fn extract_output_text(body: &str) -> Option<String> {
+    extract_json_string_field(body, "output_text").or_else(|| extract_response_output_text(body))
+}
+
+fn extract_response_output_text(body: &str) -> Option<String> {
+    let bytes = body.as_bytes();
+    let type_pattern = "\"type\"";
+    let mut search_start = 0;
+    let mut parts = Vec::new();
+
+    while let Some(relative_index) = body[search_start..].find(type_pattern) {
+        let type_index = search_start + relative_index;
+        let Some((value, value_end)) = extract_json_string_field_at(body, type_index, "type")
+        else {
+            search_start = type_index + type_pattern.len();
+            continue;
+        };
+        if value != "output_text" {
+            search_start = value_end;
+            continue;
+        }
 
-    let _ = stdin_writer.join();
-    let stdout_bytes = stdout_reader
-        .join()
-        .map_err(|_| SparkshellError::SummaryBridge("failed reading codex stdout".to_string()))?;
-    let stderr_bytes = stderr_reader
-        .join()
-        .map_err(|_| SparkshellError::SummaryBridge("failed reading codex stderr".to_string()))?;
-
-    Ok((
-        String::from_utf8_lossy(&stdout_bytes).into_owned(),
-        String::from_utf8_lossy(&stderr_bytes).into_owned(),
-        status.success(),
-    ))
+        let next_type = body[value_end..]
+            .find(type_pattern)
+            .map(|index| value_end + index)
+            .unwrap_or(bytes.len());
+        if let Some((text, text_end)) =
+            extract_json_string_field_before(body, value_end, next_type, "text")
+        {
+            parts.push(text);
+            search_start = text_end;
+        } else {
+            search_start = value_end;
+        }
+    }
+
+    if parts.is_empty() {
+        None
+    } else {
+        Some(parts.join(""))
+    }
+}
+
+fn extract_json_string_field(body: &str, field: &str) -> Option<String> {
+    extract_json_string_field_at(body, 0, field).map(|(value, _)| value)
+}
+
+fn extract_json_string_field_before(
+    body: &str,
+    start: usize,
+    end: usize,
+    field: &str,
+) -> Option<(String, usize)> {
+    extract_json_string_field_in_range(body, start, end.min(body.len()), field)
+}
+
+fn extract_json_string_field_at(body: &str, start: usize, field: &str) -> Option<(String, usize)> {
+    extract_json_string_field_in_range(body, start, body.len(), field)
+}
+
+fn extract_json_string_field_in_range(
+    body: &str,
+    start: usize,
+    end: usize,
+    field: &str,
+) -> Option<(String, usize)> {
+    let bytes = body.as_bytes();
+    let field_pattern = format!("\"{field}\"");
+    let mut search_start = start.min(body.len());
+    let search_end = end.min(body.len());
+    while search_start < search_end {
+        let Some(relative_index) = body[search_start..search_end].find(&field_pattern) else {
+            break;
+        };
+        let mut index = search_start + relative_index + field_pattern.len();
+        while matches!(bytes.get(index), Some(b' ' | b'\n' | b'\r' | b'\t')) {
+            index += 1;
+        }
+        if index >= search_end {
+            break;
+        }
+        if bytes.get(index) != Some(&b':') {
+            search_start = index;
+            continue;
+        }
+        index += 1;
+        while matches!(bytes.get(index), Some(b' ' | b'\n' | b'\r' | b'\t')) {
+            index += 1;
+        }
+        if index >= search_end {
+            break;
+        }
+        if bytes.get(index) != Some(&b'"') {
+            search_start = index;
+            continue;
+        }
+        return parse_json_string_at(body, index);
+    }
+    None
 }
 
-fn escape_toml_string(value: &str) -> String {
-    value.replace('\\', "\\\\").replace('"', "\\\"")
+fn parse_json_string_at(body: &str, quote_index: usize) -> Option<(String, usize)> {
+    let mut chars = body[quote_index + 1..].char_indices();
+    let mut rendered = String::new();
+    while let Some((offset, ch)) = chars.next() {
+        match ch {
+            '"' => return Some((rendered, quote_index + 1 + offset + ch.len_utf8())),
+            '\\' => match chars.next()?.1 {
+                '"' => rendered.push('"'),
+                '\\' => rendered.push('\\'),
+                '/' => rendered.push('/'),
+                'b' => rendered.push('\u{0008}'),
+                'f' => rendered.push('\u{000c}'),
+                'n' => rendered.push('\n'),
+                'r' => rendered.push('\r'),
+                't' => rendered.push('\t'),
+                'u' => {
+                    let mut hex = String::new();
+                    for _ in 0..4 {
+                        hex.push(chars.next()?.1);
+                    }
+                    let value = u16::from_str_radix(&hex, 16).ok()?;
+                    rendered.push(char::from_u32(value as u32)?);
+                }
+                _ => return None,
+            },
+            ch => rendered.push(ch),
+        }
+    }
+    None
 }
 
 fn normalize_summary(raw: &str) -> Option<String> {
@@ -289,9 +557,9 @@ fn render_section(name: &str, entries: &[String]) -> String {
 #[allow(unused_unsafe)]
 mod tests {
     use super::{
-        normalize_summary, read_summary_timeout_ms, resolve_fallback_model,
-        resolve_instructions_file, resolve_model, DEFAULT_SPARK_MODEL, DEFAULT_STANDARD_MODEL,
-        DEFAULT_SUMMARY_TIMEOUT_MS,
+        extract_output_text, normalize_summary, parse_http_url, read_summary_timeout_ms,
+        resolve_fallback_model, resolve_instructions_file, resolve_model, DEFAULT_SPARK_MODEL,
+        DEFAULT_STANDARD_MODEL, DEFAULT_SUMMARY_TIMEOUT_MS,
     };
     use crate::test_support::env_lock;
     use std::env;
@@ -413,6 +681,33 @@ mod tests {
         }
     }
 
+    #[test]
+    fn output_text_extraction_prefers_compat_top_level_field() {
+        let body = r#"{"output_text":"summary: legacy\nwarnings: none","output":[{"type":"message","content":[{"type":"output_text","text":"summary: nested"}]}]}"#;
+        assert_eq!(
+            extract_output_text(body),
+            Some("summary: legacy\nwarnings: none".to_string())
+        );
+    }
+
+    #[test]
+    fn output_text_extraction_supports_responses_output_content_shape() {
+        let body = r#"{
+            "id":"resp_123",
+            "output":[
+                {"type":"reasoning","summary":[]},
+                {"type":"message","content":[
+                    {"type":"output_text","annotations":[],"text":"summary: ok\n"},
+                    {"type":"output_text","text":"warnings: none"}
+                ]}
+            ]
+        }"#;
+        assert_eq!(
+            extract_output_text(body),
+            Some("summary: ok\nwarnings: none".to_string())
+        );
+    }
+
     #[test]
     fn normalizes_allowed_sections_only() {
         let summary = normalize_summary(
@@ -451,4 +746,23 @@ notes: nope"
         )
         .is_none());
     }
+
+    #[test]
+    fn api_base_url_parser_rejects_non_loopback_hosts_by_default() {
+        let _guard = env_lock();
+        unsafe {
+            env::remove_var("OMX_API_ALLOW_UNSAFE_BASE_URL");
+        }
+
+        assert!(parse_http_url("http://127.0.0.1:14510/v1/responses").is_ok());
+        assert!(parse_http_url("http://localhost:14510/v1/responses").is_ok());
+        assert!(parse_http_url("http://example.com:14510/v1/responses")
+            .expect_err("non-loopback host should be rejected")
+            .to_string()
+            .contains("not loopback"));
+        assert!(parse_http_url("http://127.0.0.1.evil:14510/v1/responses")
+            .expect_err("prefix spoof host should be rejected")
+            .to_string()
+            .contains("not loopback"));
+    }
 }

package/crates/omx-sparkshell/src/exec.rs

@@ -26,6 +26,10 @@ impl CommandOutput {
     }
 }
 
+pub fn execute_shell_command(script: &str) -> Result<CommandOutput, SparkshellError> {
+    execute_command(&["bash".to_string(), "-lc".to_string(), script.to_string()])
+}
+
 pub fn execute_command(argv: &[String]) -> Result<CommandOutput, SparkshellError> {
     if argv.is_empty() {
         return Err(SparkshellError::InvalidArgs(