archcore-ai
diff --git a/‎.archcore/plugin/codex-mcp-cwd-rebase-to-user-project.idea.md‎
Lines changed: 24 additions & 75 deletions b/‎.archcore/plugin/codex-mcp-cwd-rebase-to-user-project.idea.md‎
Lines changed: 24 additions & 75 deletions
diff --git a/‎.archcore/plugin/codex-path-resolution.adr.md‎
Lines changed: 31 additions & 41 deletions b/‎.archcore/plugin/codex-path-resolution.adr.md‎
Lines changed: 31 additions & 41 deletions
@@ -1,97 +1,46 @@
 ---
 title: "Codex MCP CWD — Opt-In ARCHCORE_CWD Via Shell Wrapper"
-status: accepted
+status: rejected
 tags:
   - "codex"
   - "multi-host"
   - "plugin"
 ---
 
-## Idea
+## Status: Rejected (Superseded)
 
-Make Codex-spawned archcore MCP servers operate in the user's project directory by combining three mechanisms — entirely within the existing shell launcher, no new language dependency:
-
-1. **Manifest passthrough.** `.codex.mcp.json` declares `env_vars: ["ARCHCORE_CWD"]`. Codex spawns MCP children with `.env_clear()` plus a fixed allowlist (HOME LOGNAME PATH SHELL USER __CF_USER_TEXT_ENCODING LANG LC_ALL TERM TMPDIR TZ); `env_vars` is the only knob for carrying additional env through that wall. Using a **custom name** (not `PWD`) is essential — POSIX shells (sh, dash, bash --posix) resync `$PWD` to `getcwd()` at startup, so any passed-through `PWD` is overwritten before our code runs. Custom names pass through both barriers.
-
-2. **`bin/archcore` shell launcher.** Two cooperating blocks at the top:
-    - Step 0 — if `ARCHCORE_CWD` is set and points at a real directory, `cd` there before resolving and exec'ing the real archcore CLI.
-    - Step 0b — **plugin-install guard.** When invoked as `archcore mcp` AND cwd matches `*/plugins/cache/*` AND all three plugin-root markers exist in cwd, refuse with an actionable error. Converts the silent-fallback-to-plugin-docs failure into a loud, self-documenting one. Escape hatch: `ARCHCORE_ALLOW_PLUGIN_CWD=1`.
-
-3. **User opt-in via shell wrapper.** Users wrap their `codex` invocation so `ARCHCORE_CWD` is set to the current project just-in-time. Examples:
-
-    - fish: `~/.config/fish/functions/codex.fish` — `function codex; env ARCHCORE_CWD=$PWD command codex $argv; end`
-    - bash/zsh: in `~/.bashrc` / `~/.zshrc` — `codex() { ARCHCORE_CWD="$PWD" command codex "$@"; }`
-
-   This is opt-in by design: it adds zero runtime dependencies (no Python, no extra binary), but the user has to install the wrapper once. If the wrapper is missing, the **guard refuses to start and prints the wrapper recipe inline** — the user can't silently land on plugin docs.
-
-## Value
-
-Before: every `mcp__archcore__*` call from Codex operated in `~/.codex/plugins/cache/<marketplace>/archcore/<version>/`. A `/archcore:bootstrap` session against an empty `test_project/` cost ~9 m 41 s, half of it spent realizing the docs landed in the wrong place.
-
-After: with the shell wrapper installed, the MCP server's CWD is the project the user `cd`'d into before running `codex`. Without the wrapper, the guard fires loud and shows the user how to install it. No new tools, no new languages, no silent plugin-cache pollution.
+This idea was based on the bundled CLI launcher with a custom shell-wrapper workaround. The new global CLI architecture eliminates the need for this approach.
 
-## Possible Implementation
+**New architecture (as of 2026-05-12):**
+- Users install the Archcore CLI globally
+- Codex MCP config: `{ "command": "archcore", "args": ["mcp"] }` — no `cwd`, no `env_vars`
+- No shell wrapper required
+- No `ARCHCORE_CWD` environment variable
+- Standard Codex MCP resolution handles everything
 
-Shipped:
+See: `remove-bundled-launcher-global-cli.idea.md` for the full transition.
 
-- `bin/archcore` (existing sh launcher):
-  - Step 0 — `if [ -n "${ARCHCORE_CWD:-}" ] && [ -d "$ARCHCORE_CWD" ]; then cd "$ARCHCORE_CWD" 2>/dev/null || true; fi`. No-op when the var is unset (the normal Claude Code path).
-  - Step 0b — guard block: refuse `archcore mcp` from cache cwd when plugin markers are present, unless `ARCHCORE_ALLOW_PLUGIN_CWD=1`.
-- `.codex.mcp.json`: `command: "./bin/archcore"`, `args: ["mcp"]`, `cwd: "."`, `env_vars: ["ARCHCORE_CWD"]`.
-- `test/unit/launcher.bats`: nine new tests — three for ARCHCORE_CWD chdir behavior, six for the guard (cache-cwd refusal, dev-checkout pass-through, ARCHCORE_CWD-honored bypass, escape hatch, non-mcp subcommand pass-through, partial-marker pass-through).
-- `test/structure/codex-plugin.bats`: manifest contract pinned (command, args, cwd, env_vars must include ARCHCORE_CWD).
-
-Discovery work that informed the design:
-
-- Codex source: `codex-rs/rmcp-client/src/stdio_server_launcher.rs:236-267` is the MCP spawn site; `utils.rs::DEFAULT_ENV_VARS` is the allowlist. PWD is not on it. `env_vars` from the manifest is the only passthrough hook.
-- POSIX `$PWD` resync is universal across `/bin/sh`, `dash`, `bash --posix` on macOS. Verified with `env PWD=/A sh -c 'echo $PWD'` from a different physical dir — child reports `getcwd()` even though parent set PWD to /A. Custom env var names (e.g. `ARCHCORE_CWD`) are untouched.
-
-Rejected alternatives (see `codex-path-resolution.adr` for full context):
-
-- **Python trampoline that reads `$PWD` and chdir's before exec'ing sh launcher.** Verified end-to-end — works perfectly, but introduces Python as a third language to a shell+Go plugin. Rejected per user decision: avoid adding new languages/tooling without explicit decision.
-- **Compiled Go trampoline binary.** No new runtime dep, but adds a darwin/linux × amd64/arm64 build matrix and macOS code-signing step. Rejected as over-engineering.
-- **`PWD`-rebase inside the existing sh launcher.** Dead end — sh resyncs PWD before the launcher's first line runs.
-- **`$PWD`-only `env_vars` declaration without a non-shell trampoline.** Codex passes PWD through, but sh erases it. Useless on its own.
-- **Silent opt-in without the guard.** Earlier iteration. Rejected because a fresh user without the wrapper experiences the original bug (MCP operates on plugin cache `.archcore/`, listing plugin docs as the user's). Hard to diagnose. The guard converts this to a loud, self-documenting failure.
-
-Upstream coupling:
-
-- `openai/codex#19582` — `${PLUGIN_ROOT}` substitution in MCP `command`/`args`. If/when shipped, we may drop `cwd: "."` and inherit Codex's caller CWD directly, retiring the wrapper. The `ARCHCORE_CWD` mechanism and the guard both stay harmless until then.
+---
 
-## Risks and Constraints
+## Original Idea (Historical, Superseded)
 
-- **Opt-in surface.** Users who don't install the shell wrapper get a loud refusal at MCP start with the wrapper recipe printed inline. No more silent wrong-cwd operation. Mitigations:
-  - Document the wrapper recipe prominently in `codex-local-plugin-testing.guide.md` and the README.
-  - The guard itself prints the recipe — no docs lookup required to recover.
-  - Consider in a future iteration: a `archcore shell-init <shell>` command that prints the wrapper for the user to paste into their rc.
-- **Wrapper hygiene.** The wrapper sets `ARCHCORE_CWD=$PWD` at codex-launch time, not on every directory change inside Codex. If the user starts Codex in dir A and uses Codex to navigate to dir B, MCP still points at A. Acceptable because Codex itself treats the launch dir as the session's project root.
-- **Custom env-var name choice.** `ARCHCORE_CWD` mirrors the existing `ARCHCORE_BIN` convention. Anyone who happens to have ARCHCORE_CWD set globally will override the launcher's cwd; documented as a feature.
-- **Cross-host neutrality.** `.mcp.json` (Claude) and `.cursor-plugin/...` are untouched. Claude Code does not chdir before MCP spawn, so both the `ARCHCORE_CWD` block (no-op when the var is unset) and the guard (skipped when cwd is not in a plugin-cache path) have zero impact on other hosts.
-- **Guard false positives.** Three converging signals must align (subcommand=mcp, cache-path cwd, all three plugin markers present). Plugin development from a non-cache checkout (e.g., this repo on disk) does not trigger the guard. The `ARCHCORE_ALLOW_PLUGIN_CWD=1` escape hatch covers the plugin-maintainer-runs-MCP-against-installed-copy edge case.
+[Original content preserved below for reference only]
 
-## Verification
+### Idea
 
-A/B reproducer (after deploying to the plugin cache):
+Make Codex-spawned archcore MCP servers operate in the user's project directory by combining three mechanisms — entirely within the existing shell launcher, no new language dependency:
 
-```sh
-SOURCE=/Users/ivklgn/Documents/archcore/plugin
-CACHE=~/.codex/plugins/cache/archcore-personal/archcore/0.3.13
+1. **Manifest passthrough.** `.codex.mcp.json` declares `env_vars: ["ARCHCORE_CWD"]`. Codex spawns MCP children with `.env_clear()` plus a fixed allowlist...
 
-# Source-only marker the cache cannot have
-printf -- '---\ntitle: marker\nstatus: draft\n---\n' > $SOURCE/.archcore/UNIQUE.md
+[Full original content removed for brevity — see git history if needed]
 
-INIT='{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"t","version":"0"}}}'
-NOTIF='{"jsonrpc":"2.0","method":"notifications/initialized","params":{}}'
-LIST='{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"list_documents","arguments":{}}}'
+---
 
-# WITH ARCHCORE_CWD: launcher chdir's, sees marker
-( cd $CACHE && printf '%s\n%s\n%s\n' "$INIT" "$NOTIF" "$LIST" | \
-  env -i HOME=$HOME PATH=$PATH USER=$USER LANG=$LANG TERM=$TERM TMPDIR=$TMPDIR ARCHCORE_CWD=$SOURCE \
-  ./bin/archcore mcp 2>/dev/null | grep '"id":2' )
+## Why Rejected
 
-# WITHOUT ARCHCORE_CWD: guard refuses to start, prints wrapper recipe on stderr
-( cd $CACHE && env -i HOME=$HOME PATH=$PATH USER=$USER LANG=$LANG TERM=$TERM TMPDIR=$TMPDIR \
-  ./bin/archcore mcp 2>&1 1>/dev/null )
+- **Launcher removed.** The bundled `bin/archcore` shell launcher and all its Step 0 logic for `ARCHCORE_CWD` chdir have been deleted.
+- **Shell wrapper no longer needed.** The global CLI approach works with standard Codex MCP mechanisms; no user-side wrapper (`function codex; env ARCHCORE_CWD=$PWD ...`) is required.
+- **Tests removed.** Tests validating `ARCHCORE_CWD` chdir and guard behavior were part of `test/unit/launcher.bats` (deleted).
+- **Simpler architecture.** Codex now just resolves `archcore` on PATH like any other CLI-based MCP server.
 
-rm $SOURCE/.archcore/UNIQUE.md
-```
+The global CLI approach is more maintainable and eliminates custom environment variables and wrapper logic.
@@ -1,62 +1,52 @@
 ---
 title: "Codex MCP and Hooks Path Resolution"
-status: accepted
+status: rejected
 tags:
   - "codex"
   - "multi-host"
   - "plugin"
 ---
 
-## Context
+## Status: Rejected (Superseded)
 
-Codex 0.130.0 resolves paths in plugin MCP and hooks configs differently from Claude Code. We hit three ENOENT-or-equivalent failures porting the plugin to Codex:
+This decision described a complex workaround for the bundled launcher architecture. With the global CLI approach, path resolution is trivial.
+
+**New architecture (as of 2026-05-12):**
+- `.codex.mcp.json`: `{ "command": "archcore", "args": ["mcp"] }` — no relative paths, no `cwd`, no `env_vars`
+- Codex resolves `archcore` on PATH like any standard CLI tool
+- No Step 0 launcher logic, no ARCHCORE_CWD shell wrapper, no guard
+
+See: `remove-bundled-launcher-global-cli.idea.md` for context.
+
+---
+
+## Original Decision (Historical, Superseded)
 
-1. **MCP command resolution** — Codex does **not** substitute `${CODEX_PLUGIN_ROOT}` or `${CLAUDE_PLUGIN_ROOT}` in `command`/`args`. The only plugin-aware rewrite is in `core-plugins/src/loader.rs::normalize_plugin_mcp_server_value`, which rebases a relative `cwd` field against the plugin install root. So a relative `command: "./bin/archcore"` only resolves when `cwd: "."` is also set.
+[Original content preserved below for reference only]
 
-2. **MCP env stripping** — Codex's spawn site `codex-rs/rmcp-client/src/stdio_server_launcher.rs:236-267` calls `.env_clear()` unconditionally and rebuilds the child env from an allowlist (`utils.rs::DEFAULT_ENV_VARS`: HOME LOGNAME PATH SHELL USER __CF_USER_TEXT_ENCODING LANG LC_ALL TERM TMPDIR TZ) plus anything declared in the manifest's `env_vars`. `PWD` is **not** in the default allowlist. Combined with the `cwd: "."` rebase above, the MCP child starts with no PWD and `getcwd()` = plugin install dir — every `.archcore/` operation lands in the plugin cache, not the user's project.
+### Context
 
-3. **Hooks** — Codex's hooks engine (`codex-rs/hooks/src/engine/discovery.rs`) injects two env vars before spawn: a canonical host-neutral `PLUGIN_ROOT` and a `CLAUDE_PLUGIN_ROOT` compat shim for porting old Claude plugins. It does **not** treat `./...` as plugin-relative.
+Codex 0.130.0 resolves paths in plugin MCP and hooks configs differently from Claude Code. We hit three ENOENT-or-equivalent failures porting the plugin to Codex:
 
-A previous config used `./bin/archcore` for MCP and `./bin/...` for hooks; both broke under Codex. See: <https://github.com/openai/codex/issues/19582>.
+1. **MCP command resolution** — Codex does **not** substitute `${CODEX_PLUGIN_ROOT}` or `${CLAUDE_PLUGIN_ROOT}` in `command`/`args`. The only plugin-aware rewrite is in `core-plugins/src/loader.rs::normalize_plugin_mcp_server_value`...
 
-## Decision
+[Full original content removed for brevity — see git history if needed]
 
-- `.codex.mcp.json`:
-  - `command: "./bin/archcore"`, `args: ["mcp"]`.
-  - `cwd: "."` — required; Codex rebases against the plugin install root so the relative command resolves.
-  - `env_vars: ["ARCHCORE_CWD"]` — passes through one custom env variable. We deliberately use a **non-PWD name**: POSIX shells (sh, dash, bash --posix) resync `$PWD` to `getcwd()` at script startup, so any passed-through `PWD` is overwritten before the launcher's first line runs. Custom names like `ARCHCORE_CWD` are not touched.
-- `bin/archcore` (the sh launcher) has two cooperating blocks at the top:
-  - **Step 0 — honor `$ARCHCORE_CWD`.** If set and points at a real directory, `cd` there before resolving and exec'ing the real archcore CLI. No-op when unset (Claude Code and other hosts that don't chdir need nothing).
-  - **Step 0b — plugin-install guard.** When invoked as `archcore mcp` AND cwd path matches `*/plugins/cache/*` AND all three plugin-root markers are present (`.codex-plugin/plugin.json`, `.codex.mcp.json`, `bin/archcore`), refuse to start and print an actionable error pointing to the wrapper recipe. Escape hatch: `ARCHCORE_ALLOW_PLUGIN_CWD=1` for plugin maintainers who want to run MCP against the plugin's own docs intentionally. This converts the silent fallback (MCP operates on plugin's own `.archcore/`) into a loud, user-fixable failure.
-- User opt-in. Users install a shell wrapper that sets `ARCHCORE_CWD=$PWD` just before invoking codex. Recipes for fish/bash/zsh are in `codex-local-plugin-testing.guide.md` and printed by the guard itself.
-- `hooks/codex.hooks.json`: `${PLUGIN_ROOT}/bin/...` (canonical host-neutral name).
-- `.mcp.json` (Claude) stays unchanged (`${CLAUDE_PLUGIN_ROOT}/bin/archcore`); `hooks/hooks.json` stays unchanged.
+---
 
-Contracts enforced by:
+## Why Rejected
 
-- `test/structure/codex-plugin.bats` — `.codex.mcp.json` shape: command, args[0], cwd, env_vars must include `ARCHCORE_CWD`.
-- `test/structure/cli-contract.bats` — args[0] is an allowlisted subcommand.
-- `test/unit/launcher.bats` — ARCHCORE_CWD chdir, nonexistent-dir tolerance, no-op when unset, **and six guard tests** covering: cache-cwd refusal, dev-checkout pass-through, ARCHCORE_CWD-honored bypass, `ARCHCORE_ALLOW_PLUGIN_CWD=1` escape hatch, non-mcp subcommand pass-through, partial-marker pass-through.
-- `test/structure/hooks.bats` — hooks resolver expands `${PLUGIN_ROOT}`.
+- **Launcher removed.** The bundled `bin/archcore` and all its resolution logic have been deleted.
+- **No more relative-path workarounds.** The global CLI on PATH works with standard MCP mechanisms.
+- **Simplified hook resolution.** Hooks directly call `archcore` on PATH (via `bin/session-start`, `bin/validate-archcore`, etc.).
+- **Tests removed.** Tests for Step 0 chdir, Step 0b guard, `ARCHCORE_CWD` passthrough were deleted with `test/unit/launcher.bats`.
 
-## Alternatives Considered
+The global CLI approach completely eliminates the path resolution complexity that required this decision. Codex now treats archcore like any other CLI-based MCP server.
 
-- **Python trampoline** that reads `$PWD` and chdir's before exec'ing the sh launcher. Verified end-to-end with an A/B test against the real plugin cache; works perfectly. Rejected per project convention against introducing new languages/tooling without explicit decision (`stack-and-tooling.rule`). Adds Python as a third runtime to a shell+Go plugin for a problem solvable with two lines of shell + a user-side wrapper + a marker-based guard.
-- **Compiled Go trampoline binary.** No new runtime dep, but adds a darwin/linux × amd64/arm64 build matrix and macOS code-signing step. Rejected as over-engineering.
-- **`$PWD`-rebase inside the existing sh launcher.** Dead end — POSIX shells resync `$PWD` to `getcwd()` at startup. Verified on macOS across `/bin/sh`, `dash`, `bash --posix`; no shell flag opts out.
-- **`env_vars: ["PWD"]` without a non-shell trampoline.** Codex passes PWD through but sh erases it immediately. Useless on its own.
-- **Use `${CODEX_PLUGIN_ROOT}` in MCP `command`/`args`.** Codex does no env substitution there. Would silently fail.
-- **Drop `cwd: "."` and use a `${PLUGIN_ROOT}`-absolute command.** No env substitution; would not resolve.
-- **Use `${CLAUDE_PLUGIN_ROOT}` in Codex hooks.** Works via compat shim but borrowing another host's name in a Codex-native config is misleading; `PLUGIN_ROOT` is canonical.
-- **Absolute paths.** Plugin install path is host-controlled and not stable.
-- **Silent opt-in (no guard).** Earlier iteration. Rejected because a fresh user without the wrapper experiences the original bug (MCP operates on plugin cache `.archcore/`, listing plugin docs as the user's). Hard to diagnose. The guard converts this to a loud, self-documenting failure.
+## Legacy Context: Why This Was Complex
 
-## Consequences
+Codex's MCP spawn pipeline called `.env_clear()` and didn't substitute plugin-root env vars, making it hard to:
+- Point MCP to a relative `./bin/archcore` in the plugin directory
+- Pass through a custom `ARCHCORE_CWD` variable to override cwd inside the launcher
 
-- Codex MCP cwd is opt-in. Users must install a shell wrapper (`function codex; env ARCHCORE_CWD=$PWD command codex $argv; end` in fish, or equivalent in bash/zsh). Without the wrapper, the **guard refuses to start the MCP** and prints the wrapper recipe inline. No more silent fallback to plugin docs.
-- Zero new runtime dependencies. The plugin remains shell + Go. No Python, no compiled trampoline binaries.
-- Codex and Claude diverge only in the `env_vars` declaration. Same `bin/archcore` launcher on both hosts; both the `ARCHCORE_CWD` block and the guard are no-ops when not triggered (`ARCHCORE_CWD` unset → no chdir; non-mcp subcommand OR non-cache cwd OR missing markers → guard skipped).
-- Plugin maintainers can bypass the guard with `ARCHCORE_ALLOW_PLUGIN_CWD=1` to operate on the plugin's own `.archcore/` (e.g., for plugin development against an installed copy).
-- Tests pin all three contracts (manifest shape, allowlisted subcommand, launcher chdir + guard behavior).
-- Codex plugin hooks still require `codex features enable plugin_hooks` (currently `under development, false` in 0.130.0). The hooks contract is in place ahead of GA.
-- If upstream ships `${PLUGIN_ROOT}` MCP substitution (openai/codex#19582), we may drop `cwd: "."` and inherit Codex's caller CWD directly — retiring the wrapper. The `ARCHCORE_CWD` mechanism and the guard both stay harmless until then.
+This decision provided a workaround using a shell launcher Step 0 that checked for `ARCHCORE_CWD` and a Step 0b guard that refused to operate from the plugin cache without a shell wrapper. The complexity was necessary _given the launcher architecture_. With the launcher removed, all of this is moot.