feat: add official Codex ChatGPT support#79
Conversation
Use the official Codex CLI auth flow with Windows login fixes. Refresh Codex models and fix packaged asset paths for desktop builds.
hqhq1025
added
bot-rerun
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Findings
-
[Major] Codex mode bypasses Open Cowork's WSL/Lima isolation.
processPrompt()now skipsensureSandboxInitialized()forcodex_chatgpt, while the new runner only launches Codex with its host-sideworkspace-writesandbox. Evidence:src/main/session/session-manager.ts:632,src/main/codex/codex-cli.ts:150.
Suggested fix:// Codex still needs the app-level WSL/Lima bootstrap. await this.ensureSandboxInitialized(session);
-
[Major] Existing sessions can switch backends after a provider change.
getActiveRunner()is resolved from the current global config, so continuing a session after saving a different provider can route the next turn through the wrong backend and breakclaudeSessionId/openaiThreadIdcontinuity. Evidence:src/main/session/session-manager.ts:156,src/main/session/session-manager.ts:697.
Suggested fix:private getRunnerForSession(session: Session): AgentRunner { if (session.openaiThreadId && !session.claudeSessionId) return this.codexRunner; if (session.claudeSessionId && !session.openaiThreadId) return this.agentRunner; return configStore.get('provider') === 'codex_chatgpt' ? this.codexRunner : this.agentRunner; } await this.getRunnerForSession(session).run(session, enhancedPrompt, messagesForContext);
Summary
Review mode: initial. Found 2 issues in the Codex integration: one security regression around sandbox isolation and one session-continuity regression when the active provider changes.
Testing
Not run (automation)
Open Cowork Bot
| logCtx('[SessionManager] Enhanced prompt with file info:', enhancedPrompt); | ||
| // Ensure sandbox is initialized for this workspace unless the active | ||
| // provider manages its own execution sandboxing. | ||
| if (configStore.get('provider') !== 'codex_chatgpt') { |
There was a problem hiding this comment.
[MAJOR] Skipping ensureSandboxInitialized() here drops Codex requests out of the existing WSL/Lima flow entirely. The new runner only launches Codex with its own host-side workspace-write sandbox (src/main/codex/codex-cli.ts:150), so switching to Codex weakens the app's documented VM-level isolation.
Suggested fix:
// Codex still needs the app-level WSL/Lima bootstrap.
await this.ensureSandboxInitialized(session);| } | ||
|
|
||
| // Run the agent | ||
| await this.getActiveRunner().run(session, enhancedPrompt, messagesForContext); |
There was a problem hiding this comment.
[MAJOR] This backend choice is global, not session-bound. If a user starts a Claude session, saves settings to Codex (or the reverse), and then continues the old conversation, the next turn will run through the wrong runner and lose the existing claudeSessionId / openaiThreadId continuity.
Suggested fix:
private getRunnerForSession(session: Session): AgentRunner {
if (session.openaiThreadId && !session.claudeSessionId) return this.codexRunner;
if (session.claudeSessionId && !session.openaiThreadId) return this.agentRunner;
return configStore.get('provider') === 'codex_chatgpt' ? this.codexRunner : this.agentRunner;
}
await this.getRunnerForSession(session).run(session, enhancedPrompt, messagesForContext);2 participants
Summary
codex_chatgptprovider flow that uses the Codex CLI login status and shared ChatGPT auth instead of API keys or unofficial session scraping.cmdlaunch correctly, and surfacing browser, device-auth, and logout guidance in the settings UITesting