Conversation
Team status pane inspection currently points users directly at `omx sparkshell`, which can spend Spark/model quota every time long pane output is summarized. Default status output now prints raw `tmux capture-pane` inspect commands and requires `--model-inspect` for model-backed sparkshell summaries. Constraint: Keep JSON status metadata backward-compatible while making human-facing text hints quota-safe by default. Rejected: Disabling sparkshell globally | sparkshell remains useful when explicitly requested. Confidence: high Scope-risk: narrow Directive: Preserve raw inspect as the safe default for any future team status inspection hints. Tested: npm run build; node --test dist/cli/__tests__/team.test.js; npx tsc --noEmit; npm run check:no-unused
Replace the human inspect_summary command field at render time so default text output mirrors raw tmux guidance while --model-inspect keeps the sparkshell command.\n\nConstraint: PR Yeachan-Heo#1981 blocker requires default human status output to avoid omx sparkshell outside the --model-inspect hint.\nRejected: Appending an additional default command | left the original sparkshell command visible in inspect_summary.\nConfidence: high\nScope-risk: narrow\nDirective: Keep JSON/model-inspect sparkshell guidance intact when changing pane status presentation.\nTested: npm run build; node --test dist/cli/__tests__/team.test.js; npm run lint -- src/cli/team.ts src/cli/__tests__/team.test.ts\nNot-tested: full npm test
Codex-backed interactive team workers can take longer than five seconds to move from hook notification to observable task progress. Treating that slow startup as no evidence causes false worker-dead classifications and failed teams even when the pane is alive. Increase the default startup evidence floor and launch cap, while keeping the explicit OMX_TEAM_STARTUP_EVIDENCE_TIMEOUT_MS override for tests and operators. Add a regression test that only succeeds when the default window waits long enough for delayed worker progress evidence. Validation: npm run build; node --test --test-name-pattern='uses a production startup evidence window that can tolerate slow Codex startup|startTeam rejects interactive startup when tmux fallback never produces worker startup evidence' dist/team/__tests__/runtime.test.js
…up-evidence-timeouts Give Codex workers longer startup evidence windows
Codex native hooks only watched Bash, so Colony saw most file edits after the mutation. The hook generator now covers edit-family tools, and native PreToolUse dispatch forwards a best-effort Colony pre-edit bridge before local OMX checks continue. Constraint: Claim-before-edit telemetry requires a signal before file mutation Rejected: Count PostToolUse late claims as claim-before-edit | late telemetry is useful audit data but cannot prove pre-edit safety Confidence: high Scope-risk: moderate Directive: Keep Colony bridge warnings allow-only unless policy explicitly changes to blocking edits Tested: npm ci; npm run build; npm run lint; node --test dist/scripts/__tests__/codex-native-hook.test.js dist/config/__tests__/codex-hooks.test.js; npm run verify:native-agents; npm run verify:plugin-bundle; npm test Not-tested: live Colony CLI against production task binding
Codex native hooks now run the Colony pre-edit bridge with a repo-local writable COLONY_HOME by default. This prevents sandboxed hook processes from trying to write the user-level Colony database while keeping Colony advisory output best-effort. Constraint: Codex hook sandbox can read home config but cannot write ~/.colony/data.db reliably. Rejected: Keep direct Colony hooks in hooks.json | they hard-fail on PostToolUse before OMX can degrade gracefully. Confidence: high Scope-risk: narrow Directive: Keep Colony bridge failures advisory; do not let Colony storage errors fail native hooks. Tested: npm run build Tested: node --test dist/scripts/__tests__/codex-native-hook.test.js
OMX native hooks now call a dedicated ColonyBridge for lifecycle telemetry instead of owning CLI spawn details inline. The bridge sends a local-first lifecycle envelope to the Colony CLI, records local failure telemetry, and keeps hook execution advisory by default when Colony is missing, slow, or failing. Constraint: Colony coordination must not become an MCP dependency for hook safety. Constraint: Plain OMX usage must continue when the Colony CLI is unavailable. Rejected: Keep direct pre-tool-use spawn logic in codex-native-hook.ts | lifecycle transport would remain scattered and hard to extend. Confidence: high Scope-risk: moderate Directive: Keep Colony bridge failures warn-only unless a future task explicitly changes default policy. Tested: npm run build Tested: node --test dist/colony/__tests__/bridge.test.js dist/scripts/__tests__/codex-native-hook.test.js Tested: npm run lint
Autopilot now treats planning, execution, and review as one bounded loop: ralplan produces the contract, ralph implements and verifies it, and code-review either approves or sends findings back into planning with persisted handoff state. Constraint: Issue Yeachan-Heo#2000 requires Autopilot to use existing ralplan, ralph, code-review, hook, state, and pipeline primitives instead of a broad lifecycle. Rejected: Preserving expansion/QA/validation as primary Autopilot phases | it conflicts with the strict review loop. Confidence: high Scope-risk: moderate Directive: Keep Autopilot phases limited to ralplan, ralph, code-review, complete/failed/cancelled unless issue Yeachan-Heo#2000 is intentionally superseded. Tested: npm run build Tested: npm run sync:plugin:check Tested: node dist/scripts/generate-catalog-docs.js --check Tested: node --test dist/hooks/__tests__/autopilot-skill-contract.test.js dist/hooks/__tests__/keyword-detector.test.js dist/hooks/__tests__/notify-hook-auto-nudge.test.js dist/hooks/__tests__/prompt-guidance-contract.test.js dist/hooks/__tests__/skill-guidance-contract.test.js dist/hooks/__tests__/deep-interview-contract.test.js dist/state/__tests__/workflow-transition.test.js dist/mcp/__tests__/state-server.test.js dist/modes/__tests__/base-autoresearch-contract.test.js dist/pipeline/__tests__/orchestrator.test.js dist/pipeline/__tests__/stages.test.js Tested: git diff --check Not-tested: Full npm test after final targeted fixes; live end-to-end GitHub workflow execution through a real Autopilot run. Co-authored-by: OmX <omx@oh-my-codex.dev>
Setup refresh previously preserved direct Colony hook commands as user-owned hooks, so old PostToolUse entries could survive in fresh Codex agents even after the native OMX bridge was installed. This classifies those old direct Colony hook wrappers as retired OMX-managed hook commands for setup/uninstall stripping, while active coverage checks still require codex-native-hook.js. Constraint: Existing user hook commands must remain preserved during setup refresh. Rejected: Remove all non-native PostToolUse hooks | would delete legitimate user-owned hooks. Confidence: high Scope-risk: narrow Directive: Do not count retired direct Colony wrappers as active native hook coverage; they are cleanup targets only. Tested: npm run build Tested: node --test dist/config/__tests__/codex-hooks.test.js Tested: node --test dist/cli/__tests__/setup-hooks-shared-ownership.test.js Tested: node --test dist/scripts/__tests__/codex-native-hook.test.js Tested: setup refresh fixture from ~/.codex/hooks.json.bak-colony-direct-hooks-1777456691802 removed 0 direct wrappers left and kept 5 native wrappers
The native bridge is best-effort, but transport failures were being converted into allow-only hook output. In Codex this made fresh PostToolUse runs print noisy failures like spawnSync colony EPERM even though the hook continued safely. This keeps real Colony advisory output visible while treating bridge transport failures as telemetry-only events under .omx/logs. Constraint: Valid Colony hook advisories must still merge with native hook output. Rejected: Disable the Colony bridge entirely | would lose auto-claim payload delivery when the CLI transport is available. Confidence: high Scope-risk: narrow Directive: Bridge transport warnings are operational telemetry, not user-facing PostToolUse feedback. Tested: npm run build Tested: npm run check:no-unused Tested: node --test dist/scripts/__tests__/codex-native-hook.test.js Tested: node --test dist/config/__tests__/codex-hooks.test.js Tested: PostToolUse /dev/null smoke with spawnSync colony EPERM produced no stdout and exit 0
Strict Ralph now starts from ralplan output while legacy ralph-verify keeps team execution input, and review-loop state reaches ralplan without polluting persisted handoff keys.\n\nConstraint: PR Yeachan-Heo#2001 review requested fixes for ralplan consumption, non-clean review replanning, and code_review handoff contract alignment.\nRejected: Persisting stage-name code-review handoffs | contract and hook seed already use code_review.\nConfidence: high\nScope-risk: narrow\nDirective: Keep handoff_artifacts keyed by contract names when adding pipeline phases.\nTested: npm run build; node --test dist/pipeline/__tests__/stages.test.js dist/pipeline/__tests__/orchestrator.test.js; npm run lint; npm run verify:native-agents; npm run sync:plugin:check; npm run verify:plugin-bundle; npx tsc --noEmit --pretty false --project tsconfig.json; git diff --check\nNot-tested: full npm test suite
…ilot-3phase-loop Simplify Autopilot into strict review loop
OMX forwards Codex hook payloads to Colony, but claim and edit rows can only correlate if both sides expose the same compact identity fields. This adds a trace id derived from Codex tool_use_id when available, records normalized file paths for edit and patch transports, and writes OMX_COLONY_TRACE=1 JSONL rows for claim/edit comparison without changing normal hook behavior. Constraint: Diagnostic trace must not include full patch or edit bodies. Rejected: Add more agent prompt nudges | claims already exist, the defect is correlation identity. Confidence: high Scope-risk: narrow Directive: Keep trace rows compact and audit-only; do not count PostToolUse recovery as pre-edit success. Tested: npm run build; node --test dist/colony/__tests__/bridge.test.js; node --test --test-name-pattern 'bridges PreToolUse Edit payloads to Colony before the edit proceeds' dist/scripts/__tests__/codex-native-hook.test.js; npm run check:no-unused; npm run lint -- src/colony/bridge.ts src/colony/__tests__/bridge.test.ts Not-tested: live Colony database correlation against production sessions
Codex CLI 0.125.0 rejects top-level env as an unknown config property, so OMX should seed explore routing through shell_environment_policy.set and migrate legacy env entries during setup refresh. Constraint: Codex config schema accepts shell_environment_policy.set for environment injection, not a root env table. Rejected: Keep writing [env] and rely on Codex tolerating unknown tables | current schema diagnostics reject it. Confidence: high Scope-risk: narrow Directive: Keep future setup-managed environment variables under shell_environment_policy.set unless Codex introduces a documented replacement. Tested: npm run build Tested: node --test dist/config/__tests__/generator-idempotent.test.js dist/cli/__tests__/doctor-warning-copy.test.js dist/cli/__tests__/setup-scope.test.js Tested: npm run lint Tested: npm run test:ci:compiled Tested: git diff --check Not-tested: live Codex App schema UI beyond local Codex CLI config parsing evidence
Codex review found that the legacy [env] migration copied only assignment lines, which could truncate multiline TOML values. This keeps migrated and stripped table keys as full TOML entries instead of single lines. Constraint: Existing setup refresh must migrate legacy [env] into [shell_environment_policy.set] without parsing and rewriting the whole user config. Rejected: Keep line-only extraction | it corrupts multiline strings and arrays during migration. Confidence: high Scope-risk: narrow Directive: Preserve full TOML entry ranges when moving or removing table keys, not just the first assignment line. Tested: npm run build Tested: node --test dist/config/__tests__/generator-idempotent.test.js Tested: npm run lint Tested: npm run test:ci:compiled Tested: git diff --check
* Isolate tmux nudges by instance ownership Tag OMX-managed tmux sessions with the launching session id and make notify-hook resolution prefer matching session options before stale pane targets. Reject panes whose tagged tmux session belongs to another OMX instance. Constraint: concurrent OMX sessions can reuse static pane ids, so hook routing must verify tmux session ownership before send-keys. Rejected: trusting .omx/tmux-hook.json pane ids alone | pane ids can point at unrelated sessions after concurrent launches or stale config healing. Confidence: high Scope-risk: moderate Directive: keep tmux nudge paths fail-closed when @omx_instance_id is present and mismatched. Tested: npm run build; npm run lint; npm run check:no-unused; node --test dist/hooks/__tests__/notify-hook-tmux-heal.test.js dist/cli/__tests__/index.test.js dist/team/__tests__/tmux-session.test.js Not-tested: full npm test completion in final commit pass; skipped per supervisor request. * Fix P1 regression: switch to pane-scoped isolation tags Switched from session-scoped @omx_instance_id to pane-scoped @omx_pane_instance_id to prevent last-writer-wins conflicts when multiple OMX instances share a single tmux session. Changes: - src/scripts/notify-hook/managed-tmux.ts: use pane-scoped tags - src/team/tmux-session.ts: set pane tags on spawn - Tests updated for pane-scoped logic Constraint: Multi-instance isolation within same session Rejected: Session-scoped tags (last-writer-wins regression) Confidence: high Scope-risk: moderate Directive: future isolation work should prefer pane-level or PID-level scope Tested: lint and typecheck Not-tested: live multi-instance tmux validation Co-authored-by: Hermes Agent <hermes@nousresearch.com> * Preserve pane mismatch reason for hook consumers Keep pane-scoped ownership while preserving the existing pane_instance_mismatch reason consumed by notify-hook state and tests. Constraint: hook state consumers assert stable last_reason values Rejected: expose new tmux_pane_instance_mismatch reason | breaks existing pane mismatch contract Confidence: high Scope-risk: narrow Directive: new tmux ownership scopes must preserve public hook-state reason strings unless migrations update consumers Tested: npm run build; node --test dist/hooks/__tests__/notify-hook-managed-tmux.test.js dist/hooks/__tests__/notify-hook-tmux-heal.test.js dist/team/__tests__/tmux-session.test.js; npm run lint; npm run check:no-unused Not-tested: live multi-instance tmux manual validation --------- Co-authored-by: Hermes Agent <hermes@nousresearch.com>
Refresh the shared prompt-guidance contract around outcome-first goals, concise preambles, validation expectations, and explicit stop rules while preserving OMX lifecycle and exact-model invariants. Constraint: Issue Yeachan-Heo#2007 requested aligning skills, agents, AGENTS.md, hook messages, and prompt guidance with the official OpenAI GPT-5.5 prompt guidance. Rejected: Full workflow-contract rewrite | too broad and risked weakening OMX runtime gates. Rejected: Updating gpt-5.4-mini seams | exact-model adaptation remains an intentional invariant outside this prompt-behavior refresh. Confidence: high Scope-risk: moderate Directive: Keep future prompt edits outcome-first, but do not widen exact gpt-5.4-mini model adaptation without a separate scoped issue. Tested: npm run build; node --test prompt-guidance/skill/terminal/native-config/generator-notify set; npm run prompt:inventory; git diff --check Not-tested: Full npm test suite
Refresh the checked-in plugin skill copies after the canonical prompt-guidance rename so CI validates one source of truth rather than stale bundled skill text. Constraint: PR Yeachan-Heo#2008 changed canonical root skill guidance headings from GPT-5.4 to GPT-5.5. Rejected: Relaxing plugin mirror checks | the CI failure correctly caught bundled skill drift. Confidence: high Scope-risk: narrow Directive: Run npm run sync:plugin after canonical skill prompt edits. Tested: npm run build; npm run sync:plugin:check; npm run test:plugin-boundaries:compiled; Node 20 cli-core-rest lane command; npm run prompt:inventory; git diff --check Not-tested: Remaining unrelated CI jobs still pending before this push
…t-guidance Align prompt surfaces with GPT-5.5 guidance
…-inspect-budget Avoid model-backed team status inspect by default
Add code-reviewer-only guidance that treats fallback/workaround patches as review blockers when they hide failures or avoid the primary contract, while preserving a narrow compatibility exception with documentation, tests, and visible failure behavior. Constraint: Issue Yeachan-Heo#2009 requested a focused code-reviewer ruleset change with no runtime behavior changes. Rejected: Runtime enforcement or code-review skill changes | prompt guidance is the requested surface and keeps behavior unchanged. Confidence: high Scope-risk: narrow Directive: Keep fallback rejection scoped to masking workarounds; do not reject explicitly justified compatibility boundaries. Tested: git diff --check; npm run build; node --test dist/hooks/__tests__/prompt-guidance-wave-two.test.js; npm run lint; npm run verify:native-agents; npm run verify:plugin-bundle; lsp_diagnostics prompt-guidance-wave-two.test.ts
…reviewer-root-cause Teach code-reviewer to reject masking workaround patches
* Keep plugin-launched MCP servers alive The installable Codex plugin exposes OMX MCP servers through the `omx mcp-serve` wrapper. That wrapper was exiting immediately after dispatch, which terminated stdio MCP servers before clients could complete initialization. The wrapper now preserves normal one-shot CLI exit behavior while letting `mcp-serve` own its stdio lifecycle. A behavioral packaging contract initializes the packaged wrapper through stdio so the plugin MCP discovery path stays protected without hardwired config entries. Constraint: Codex plugin MCP discovery should work from plugin metadata without adding explicit OMX MCP tables to config.toml Rejected: Add [mcp_servers.omx_*] entries during setup | would bypass plugin auto-discovery and reintroduce hardwired config Rejected: Source-regex-only regression test | too brittle and weaker than proving stdio initialization works Confidence: high Scope-risk: narrow Tested: npm run build Tested: node --test dist/cli/__tests__/package-bin-contract.test.js dist/cli/__tests__/mcp-serve.test.js dist/cli/__tests__/codex-plugin-layout.test.js Tested: Manual plugin MCP initialize/write smoke tests on three independent systems Not-tested: Full npm test suite * Prove every plugin MCP target initializes through the bin wrapper Keep the contributor's lifecycle fix intact while widening the regression from the single state server to the full first-party plugin MCP roster used by .mcp.json. Constraint: Issue Yeachan-Heo#2011 reports all plugin-scoped first-party MCP servers failing through omx mcp-serve. Rejected: Replacing plugin metadata with direct node dist/mcp entrypoints | this would bypass the intended public omx mcp-serve contract. Confidence: high Scope-risk: narrow Directive: Keep omx mcp-serve covered as a bin-equivalent stdio handshake, not only as a command-dispatch unit test. Tested: npm run build; node --test dist/cli/__tests__/package-bin-contract.test.js; node --test dist/cli/__tests__/package-bin-contract.test.js dist/cli/__tests__/mcp-serve.test.js dist/cli/__tests__/codex-plugin-layout.test.js; npm run test:plugin-boundaries:compiled; bounded timeout/head initialize probes for state, memory, code-intel, trace, wiki. Not-tested: full npm run test:ci:compiled was interrupted after substantial progress because the broad team runtime lane is long-running in this tmux session. --------- Co-authored-by: aeyeopsdev <aeyeopsdev@users.noreply.github.com>
Batch questions now share one normalized record contract, render in a large adaptive leader-targeted split, support arrow/back review flow, and return all answers through both JSON and the tmux side-channel. Constraint: no external Claude integration, no new runtime dependencies, no persistent UI after answer, and no exact visual clone. Rejected: fixed-height single-question pane | could not cover multi-question content or leader-pane popup expectation. Rejected: first-answer-only return injection | silently drops batch answers after the first question. Confidence: high Scope-risk: moderate Directive: Keep questions/answers as the primary payload contract; prompt/answer are legacy projections only. Tested: npm run build; targeted compiled tests 85/85; npx tsc --noEmit --pretty false; git diff --check; npm run lint; npm run check:no-unused; live omx question batch panel demo. Not-tested: full test:ci:compiled after final fixes; earlier full run had an unrelated notify-fallback watcher flake that passed focused rerun. Co-authored-by: bellman <bellman@bellmanui-MacBookAir.local>
…eachan-Heo#2016) * Clarify supported OMX config routing Document the supported .omx-config.json schema surfaces and model routing precedence so users can choose safe cost-saving or max-quality defaults without inventing unsupported keys. Constraint: Docs-only fix for Yeachan-Heo#2015; schema claims are grounded in current config, notification, agent, and team routing code. Rejected: Runtime schema validation changes | Issue scope requests docs-only guidance. Confidence: high Scope-risk: narrow Directive: Keep future examples limited to keys recognized by the installed OMX version. Tested: JSON fences parsed; local markdown links checked; key coverage grep; git diff --check. Not-tested: No runtime behavior changed. * Clarify config routing precedence after review Constraint: PR Yeachan-Heo#2016 requested a docs-only follow-up that preserves issue Yeachan-Heo#2015 schema-routing scope.\nRejected: Changing source behavior or adding new config surfaces | review blockers only require correcting documentation wording.\nConfidence: high\nScope-risk: narrow\nDirective: Keep this reference tied to current source precedence instead of generalizing all .omx-config.json readers as one path.\nTested: markdown fence sanity; JSON fenced-block parse; local relative link existence; git diff --check\nNot-tested: full test suite, because this is a docs-only wording fix.
Update prompt and skill surfaces so structured-question guidance follows the enhanced popup renderer and primary answers[] payload while keeping deep-interview one round at a time. Constraint: Follow-up PR only updates guidance and matching hook tests; no runtime feature changes or new dependencies. Rejected: Batch multiple deep-interview rounds | violates the Socratic one-question ambiguity gate. Confidence: high Scope-risk: narrow Directive: Keep root skills and plugin mirrors synchronized when changing workflow guidance. Tested: npm run build; npm run sync:plugin:check; node --test dist/scripts/__tests__/codex-native-hook.test.js dist/config/__tests__/generator-idempotent.test.js dist/catalog/__tests__/plugin-bundle-ssot.test.js dist/cli/__tests__/codex-plugin-layout.test.js; npm run lint; npm run check:no-unused; npx tsc --noEmit --pretty false; git diff --check Not-tested: Full npm test suite was not run; targeted hook, generator, plugin, lint, type, and mirror checks covered the changed surfaces. Co-authored-by: OmX <omx@oh-my-codex.dev>
Add a doctor-only diagnostic so oversized context settings are visible without changing explicit user configuration. Constraint: Issue Yeachan-Heo#2018 requires preserving config semantics and avoiding unsupported Codex/API limit claims. Rejected: Clamp oversized context settings | would rewrite user config and overclaim an authoritative hard limit. Confidence: high Scope-risk: narrow Directive: Keep this warning framed as an OMX setup recommendation unless authoritative runtime limit evidence is added. Tested: npm run build; node --test dist/cli/__tests__/doctor-context-window-warning.test.js dist/cli/__tests__/doctor-invalid-config.test.js dist/config/__tests__/generator-idempotent.test.js dist/config/__tests__/generator-notify.test.js; npx biome lint affected files; npx tsc -p tsconfig.json --noEmit; manual doctor smoke. Not-tested: Full npm test suite. Co-authored-by: OmX <omx@oh-my-codex.dev>
Restore the literal legacy contract phrases that the hook guidance tests enforce without reverting the PR's primary answers[] guidance. Constraint: PR Yeachan-Heo#2019 follow-up must stay limited to guidance wording and preserve the structured-question answers[] contract. Rejected: Updating the tests to accept only new wording | would broaden the contract instead of fixing the PR's compatibility regression. Confidence: high Scope-risk: narrow Directive: Keep root skills and plugin mirrors synchronized when changing workflow guidance. Tested: npm run build; node --test dist/hooks/__tests__/consensus-execution-handoff.test.js dist/hooks/__tests__/deep-interview-contract.test.js; node dist/scripts/run-test-files.js dist/hooks/__tests__ dist/hooks/code-simplifier/__tests__ dist/hooks/extensibility/__tests__ dist/notifications/__tests__ dist/mcp/__tests__ dist/hud/__tests__ dist/verification/__tests__ dist/openclaw/__tests__; npm run sync:plugin:check; npm run lint; npm run check:no-unused; git diff --check Not-tested: Full npm test suite was not run; the failed CI shard and focused contract tests passed locally.
Restore the structured-question equivalent wording and legacy selected_values phrase while preserving the answers[] source-of-truth guidance. Tested: npm run build; node --test dist/hooks/__tests__/deep-interview-contract.test.js
State-level Stop blocks for team/team-worker runtime state were keyed by volatile turn and transcript details, so the same unresolved task/team state could re-block on every fresh Stop turn. Keep those signatures scoped to stable runtime state instead, while still re-blocking when the actual team/task status changes. Constraint: Stop hooks must still block once for active team work and re-block when the runtime state changes. Rejected: Disabling team Stop blocks entirely | would allow active worker tasks to stop silently. Confidence: high Scope-risk: narrow Directive: Keep content-based auto-nudge signatures volatile; only state-level team signatures should ignore turn/transcript/message churn. Tested: npm run build; node --test --test-name-pattern='suppresses identical team worker Stop replays across fresh turns until task state changes' dist/scripts/__tests__/codex-native-hook.test.js; node --test dist/scripts/__tests__/codex-native-hook.test.js Not-tested: full npm test suite
…ale-team-state Fix state-level Stop hook replay loops
Approved and merged after final merge-gate verification.
…alph-state-rebind Fix Ralph session state rebinding
Route runtime-owned path helpers through the OMX_ROOT-aware .omx root so omxbox-style launches can keep project cwd semantics while storing mode, MCP, tmux-hook, and team state in the boxed workspace. Constraint: omxbox exports OMX_ROOT but launches omx from the source cwd, so path helpers must not infer runtime state ownership from process cwd alone. Rejected: wrapper-only isolation | it proves run-dir creation but not that runtime state avoids source cwd .omx writes. Confidence: high Scope-risk: moderate Directive: Keep source cwd for project files/history; use OMX_ROOT only for runtime-owned .omx state surfaces. Tested: npm run build; node --test dist/utils/__tests__/paths.test.js dist/mcp/__tests__/state-paths.test.js dist/mcp/__tests__/state-server.test.js dist/team/__tests__/state-root.test.js; runtime state_write smoke with OMX_ROOT confirmed boxed .omx writes and empty source cwd. Not-tested: full npm test has unrelated baseline failures in model expectation/team integration tests under this checkout.
…d-state-routing Fix boxed team state path routing
The fork dev branch was 22 commits ahead and 56 commits behind upstream origin/dev. This merge starts from fork/dev in a detached temp worktree, merges origin/dev, and resolves overlapping native-hook docs/runtime conflicts by keeping fork Colony mutating-tool coverage together with upstream subagent and team Stop handling. Constraint: User requested updating fork dev while keeping the 22 fork commits Rejected: Rebase fork/dev onto origin/dev | would rewrite public fork history and require a force push Confidence: medium Scope-risk: broad Tested: npm run build Tested: node --test dist/scripts/__tests__/codex-native-hook.test.js dist/config/__tests__/generator-idempotent.test.js dist/config/__tests__/generator-notify.test.js Not-tested: full npm test Co-authored-by: OmX <omx@oh-my-codex.dev>
Plugin-mode AGENTS.md and developer_instructions defaults now describe registered Codex plugin marketplace surfaces instead of legacy setup-owned prompt/native-agent paths, while legacy setup keeps the existing wording. Tests lock user and project plugin-mode wording plus legacy path omissions. Constraint: Issue Yeachan-Heo#2090 requires plugin-mode generated guidance to avoid stale prompt/agent load paths while preserving user-installed skill path guidance. Rejected: Editing the canonical AGENTS.md template directly | that would change source/install mode wording that must remain applicable. Confidence: high Scope-risk: narrow Directive: Keep plugin-mode wording generated through setup-specific transforms so legacy setup keeps its local asset contract. Tested: npm run build; npm run lint; npm run check:no-unused; node --test dist/cli/__tests__/setup-install-mode.test.js dist/config/__tests__/generator-notify.test.js dist/cli/__tests__/setup-agents-overwrite.test.js; npx tsc --noEmit via lsp_diagnostics_directory; architect verification APPROVED Not-tested: full npm test
Ralph Stop gating must preserve leader persistence without trapping native verifier or architect child sessions after their verdicts. The Stop dispatcher now reuses native subagent tracking for Stop payloads and skips only the Ralph leader block for confirmed child threads, leaving the leader block intact. Constraint: Codex wait_agent only receives completion after a child Stop hook returns without a Ralph continuation block. Rejected: Clearing or weakening Ralph state globally | would let leaders stop before verified completion. Confidence: high Scope-risk: narrow Directive: Keep Ralph Stop exemptions tied to tracked native subagent identity; do not infer from verdict text alone. Tested: npm run build; node --test dist/scripts/__tests__/codex-native-hook.test.js; npm run check:no-unused; npm run lint; lsp diagnostics on changed files; architect review approved. Not-tested: Full npm test suite.
…#2097) Codex exposes goal mode as thread-local model tools rather than a shell command, so ultragoal stores the plan in repo artifacts and hands the active Codex agent one goal at a time. Constraint: Codex CLI 0.128.0 has no shell goal subcommand; goal state is available through get_goal/create_goal/update_goal in the active agent thread. Rejected: Direct shell mutation of Codex /goal state | the shell cannot safely invoke thread-local goal tools or account for active-goal collisions. Confidence: high Scope-risk: moderate Directive: Keep ultragoal as the durable artifact owner and Codex goal mode as the single active-thread focus/accounting owner. Tested: npm test (pre-deslop full pass: 4495 passed, 0 failed); npm run build; node --test dist/ultragoal/__tests__/artifacts.test.js dist/cli/__tests__/ultragoal.test.js; npm run lint; npm run check:no-unused; git diff --check Not-tested: Post-cleanup full npm test rerun did not complete before timeout/hang; targeted post-cleanup build/tests/lint/no-unused passed.
Use the Node executable that ran omx setup when writing first-party MCP server commands, so generated Codex config does not rely on node being discoverable on child-process PATH.\n\nTests cover generated TOML and setup idempotency for absolute execPath output.
* Make madmax launches own isolated runtime state Native madmax launches now create a per-run OMX_ROOT before launch/exec dispatch, then propagate that runtime root through Codex, detached tmux, notify fallback, overlay locks, metrics, and tmux lease state while preserving the source cwd for project files. Constraint: Yeachan-Heo#2086 made runtime paths OMX_ROOT-aware, but users still needed wrapper-side boxing to create and propagate the root. Rejected: wrapper-only omxmad behavior | it leaves native omx --madmax dependent on local shell wrappers and can miss helper/watch paths. Confidence: high Scope-risk: moderate Directive: Keep source cwd for project reads/writes; route runtime-owned .omx files through OMX_ROOT when present. Tested: npm run build; node --test dist/cli/__tests__/index.test.js dist/hooks/__tests__/session.test.js dist/hooks/__tests__/agents-overlay.test.js; npx biome lint src/cli/index.ts src/cli/__tests__/index.test.ts src/scripts/notify-fallback-watcher.ts src/hooks/session.ts src/hooks/agents-overlay.ts; fake-codex smoke confirmed OMX_ROOT propagation and no source .omx; clean-env npm test 4498 pass / 0 fail. Not-tested: ambient-env npm test fails in this shell due pre-existing OMX_OPENCLAW/OMX_TEAM_WORKER_LAUNCH_ARGS overrides. * Keep boxed madmax runtime state inside the box Constraint: PR Yeachan-Heo#2100 request-changes required fixing only boxed --madmax CODEX_HOME, detached tmux env forwarding, and hook-derived watcher runtime paths. Rejected: Broad runtime-root redesign | the existing OMX_ROOT/OMX_STATE_ROOT plumbing already defines the boxed boundary. Confidence: high Scope-risk: narrow Directive: Future boxed runtime changes must keep source cwd and runtime state root distinct across launch, tmux, and watcher helpers. Tested: npm run build; node --test dist/cli/__tests__/index.test.js dist/scripts/__tests__/hook-derived-watcher.test.js; npm run lint; npm run check:no-unused; npx tsc --noEmit via lsp diagnostics; git diff --check Not-tested: Full npm test suite --------- Co-authored-by: HaD0Yun <HaD0Yun@users.noreply.github.com> Co-authored-by: Yeachan-Heo <hurrc04@gmail.com>
Adds the $ultragoal prompt workflow support after OMX review marked the PR merge-ready.
Bounds omx-explore startup environment and prevents invalid NODE_OPTIONS from leaking into Codex/Node launch paths after OMX review and follow-up fix verification.
Adds scoped Lore commit guard opt-out support and preserves enforcement across shell env boundaries after OMX review and follow-up CI/typecheck fixes.
Preserves approved team handoff binding continuity and avoids state probing for non-followup team launches after OMX review confirmed merge readiness.
Route Discord, Telegram, Slack, webhook, legacy notifier, and OpenClaw HTTP gateway sends through a shared proxy-aware HTTP layer while preserving existing validation and result contracts. Constraint: Notification transports must honor HTTP_PROXY, HTTPS_PROXY, ALL_PROXY, NO_PROXY and lowercase variants without broad user-facing contract changes. Rejected: Per-provider proxy handling | it would duplicate env parsing and risk inconsistent NO_PROXY behavior. Confidence: high Scope-risk: narrow Directive: Keep future outbound notification HTTP sends on src/notifications/http-client.ts so proxy behavior remains shared. Tested: npm run build; node --test dist/notifications/__tests__/http-client.test.js dist/notifications/__tests__/dispatcher.test.js dist/notifications/__tests__/notifier.test.js dist/openclaw/__tests__/dispatcher.test.js; npm run check:no-unused; git diff --check Not-tested: Live external provider delivery through a real corporate proxy
…otification-proxy-envs Honor proxy envs for notification transports
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.183 to 0.2.186. - [Release notes](https://github.com/rust-lang/libc/releases) - [Changelog](https://github.com/rust-lang/libc/blob/0.2.186/CHANGELOG.md) - [Commits](rust-lang/libc@0.2.183...0.2.186) --- updated-dependencies: - dependency-name: libc dependency-version: 0.2.186 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…eo#2115) Bumps [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) from 2.4.13 to 2.4.14. - [Release notes](https://github.com/biomejs/biome/releases) - [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md) - [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.14/packages/@biomejs/biome) --- updated-dependencies: - dependency-name: "@biomejs/biome" dependency-version: 2.4.14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [zod](https://github.com/colinhacks/zod) from 4.3.6 to 4.4.3. - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](colinhacks/zod@v4.3.6...v4.4.3) --- updated-dependencies: - dependency-name: zod dependency-version: 4.4.3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Merge upstream dev into the fork branch so the fork receives the 14 missing upstream commits while retaining the fork-only history on dev. Constraint: Fork dev must preserve the existing 23 ahead commits. Rejected: Rebase fork dev onto upstream dev | would rewrite fork history and risk disrupting open references. Confidence: high Scope-risk: moderate Tested: npm run build Tested: node dist/scripts/__tests__/codex-native-hook.test.js Not-tested: Full npm test suite. Co-authored-by: OmX <omx@oh-my-codex.dev>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Describe the problem and why this change is needed.
Changes
Validation
npm run buildnpm testomx doctor(when setup/config behavior changes)Checklist
Related
Closes #