Skip to content

[codex] Fix first-run provider autodetection#1921

Merged
steipete merged 1 commit into
mainfrom
codex/fix-provider-autodetect
Jul 5, 2026
Merged

[codex] Fix first-run provider autodetection#1921
steipete merged 1 commit into
mainfrom
codex/fix-provider-autodetect

Conversation

@steipete

@steipete steipete commented Jul 5, 2026

Copy link
Copy Markdown
Owner

Summary

  • recognize Claude Desktop as an installed Claude source during first-run provider detection
  • auto-enable Gemini only when the CLI has OAuth credentials usable by CodexBar
  • preserve configured Gemini, Claude CLI, Antigravity, and Codex fallback behavior
  • add focused regression coverage for the reported Codex + Claude Desktop setup

Root cause

First-run detection treated any Gemini executable on PATH as usable, even without OAuth credentials, while Claude detection only considered the Claude Code CLI and ignored the installed desktop app.

Validation

  • DEVELOPER_DIR=/Applications/Xcode.app/Contents/Developer swift test --filter ProviderDetectionPolicyTests
  • DEVELOPER_DIR=/Applications/Xcode.app/Contents/Developer make check
  • DEVELOPER_DIR=/Applications/Xcode.app/Contents/Developer make test (existing AdaptiveRefreshTimerTests failure on current main: manual mode observed two startup refresh completions instead of one; reproduced after the shard retry)

@clawsweeper

clawsweeper Bot commented Jul 5, 2026

Copy link
Copy Markdown

Codex review: needs maintainer review before merge. Reviewed July 5, 2026, 3:09 PM ET / 19:09 UTC.

Summary
The PR extracts provider autodetection policy, detects Claude Desktop as a Claude signal, requires Gemini OAuth credentials before auto-enabling Gemini, adds regression tests, and updates the changelog.

Reproducibility: yes. from source inspection: current main enables Gemini from CLI presence alone and ignores Claude Desktop, matching the root cause described in the PR body. I did not run live app or keychain validation because repository policy prefers focused non-prompting checks for provider/parser behavior.

Review metrics: none identified.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🌊 off-meta tidepool
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

  • none.

Risk before merge

  • [P1] The PR intentionally changes first-run provider enablement, so maintainers should let the remaining macOS CI shards finish before merge; I did not find a source-level compatibility blocker for existing users because provider detection is guarded by providerDetectionCompleted.

Maintainer options:

  1. Decide the mitigation before merge
    Land the focused first-run detection fix after the remaining CI finishes, keeping the policy tests as the stable seam for future provider-detection changes.
  2. Pause or close
    Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

  • [P2] No repair lane is needed because the PR has no actionable review finding; wait for remaining CI and maintainer merge judgment.

Security
Cleared: No security or supply-chain concern found; the diff reads local provider availability signals, adds tests, and does not broaden credential logging or third-party execution.

Review details

Best possible solution:

Land the focused first-run detection fix after the remaining CI finishes, keeping the policy tests as the stable seam for future provider-detection changes.

Do we have a high-confidence way to reproduce the issue?

Yes from source inspection: current main enables Gemini from CLI presence alone and ignores Claude Desktop, matching the root cause described in the PR body. I did not run live app or keychain validation because repository policy prefers focused non-prompting checks for provider/parser behavior.

Is this the best way to solve the issue?

Yes: extracting a small pure policy seam and testing it is the narrowest maintainable fix for this first-run detection rule. The remaining runtime integration is a direct mapping from existing binary, app, credential-file, and Antigravity signals into that policy.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against 8e9a844dbd36.

Label changes

Label changes:

  • add P2: This is a normal first-run provider autodetection bug fix with limited blast radius and focused regression coverage.
  • add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
  • add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: The real-behavior proof gate is not applicable because this is an owner-authored PR; the body includes focused validation commands as supporting context.

Label justifications:

  • P2: This is a normal first-run provider autodetection bug fix with limited blast radius and focused regression coverage.
  • rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
  • status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: The real-behavior proof gate is not applicable because this is an owner-authored PR; the body includes focused validation commands as supporting context.
Evidence reviewed

What I checked:

  • Repository policy read: AGENTS.md was read fully and applied: provider/parser changes should prefer focused tests and avoid live credential probes; this review used source inspection and the PR's focused test evidence rather than running keychain-touching validation. (AGENTS.md:1, 8e9a844dbd36)
  • Current main still has the reported autodetection behavior: On current main, first-run detection enables Gemini from BinaryLocator.resolveGeminiBinary() alone and enables Claude only from BinaryLocator.resolveClaudeBinary(), so a Claude Desktop plus unconfigured Gemini CLI setup is still misdetected before this PR. (Sources/CodexBar/SettingsStore+ProviderDetection.swift:16, 8e9a844dbd36)
  • PR changes the central detection policy: The PR head adds ProviderDetectionPolicy, treats Claude CLI or Claude Desktop as Claude availability, and requires both Gemini CLI and a Gemini configured signal before enabling Gemini. (Sources/CodexBar/SettingsStore+ProviderDetection.swift:15, 6b1d76d7dfc6)
  • Gemini credential source matches existing docs: The Gemini provider documentation identifies ~/.gemini/oauth_creds.json as the OAuth credential file used by the provider, supporting the PR's credential-file signal for first-run enablement. (docs/gemini.md:23, 8e9a844dbd36)
  • Focused regression coverage added: The new ProviderDetectionPolicyTests cover the Codex plus Claude Desktop plus unconfigured Gemini case, configured Gemini detection, and the Codex fallback when no provider source exists. (Tests/CodexBarTests/ProviderDetectionPolicyTests.swift:5, 6b1d76d7dfc6)
  • PR metadata and checks: GitHub reports the PR as mergeable with lint and Linux CLI checks green, macOS shard checks still in progress at inspection time, and no human review comments beyond the ClawSweeper placeholder. (6b1d76d7dfc6)

Likely related people:

  • steipete: Current-main blame for SettingsStore+ProviderDetection.swift and BinaryLocator.resolveGeminiBinary() points to Peter Steinberger, and the PR commit is also authored by steipete, making him the best route for this detection behavior. (role: recent area contributor; confidence: high; commits: e437044c32ba, 7048eb53603f, 6b1d76d7dfc6; files: Sources/CodexBar/SettingsStore+ProviderDetection.swift, Sources/CodexBarCore/PathEnvironment.swift, Tests/CodexBarTests/ProviderDetectionPolicyTests.swift)
  • charlie: The Gemini CLI provider integration history starts at charlie's Gemini provider commit, which is relevant to the Gemini OAuth credential semantics touched by this PR. (role: adjacent provider owner; confidence: medium; commits: 47015e38e7e3; files: Sources/CodexBarCore/Providers/Gemini/GeminiStatusProbe.swift, Sources/CodexBar/GeminiLoginRunner.swift, Tests/CodexBarTests/GeminiStatusProbeTests.swift)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

@clawsweeper clawsweeper Bot added rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. P2 Normal priority bug or improvement with limited blast radius. labels Jul 5, 2026

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 6b1d76d7df

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines +42 to +43
let claudeDesktopInstalled = NSWorkspace.shared.urlForApplication(
withBundleIdentifier: "com.anthropic.claudefordesktop") != nil

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Do not enable Claude for desktop-only installs

When Claude Desktop is installed but the standalone claude binary is not on PATH/well-known paths and there is no browser Claude session, this signal makes Claude the only enabled provider and skips the Codex fallback. The Claude fetch planner still gets CLI availability from ClaudeCLIResolver.isAvailable/BinaryLocator.claudeWellKnownPaths, which has no Desktop app path, and the web fallback only probes browser cookies, so a desktop-only fresh install can start with an enabled Claude card that has no usable source. Please either resolve Desktop credentials/CLI before counting it as available or keep the fallback in this case.

Useful? React with 👍 / 👎.

@steipete steipete merged commit 68939ad into main Jul 5, 2026
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

P2 Normal priority bug or improvement with limited blast radius. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant