tribes/guix
1
0
Fork 0
mirror of https://git.savannah.gnu.org/git/guix.git synced 2026-04-06 21:20:33 +02:00
Code Activity

gnu: Add codex.

Browse Source 
* gnu/packages/patches/codex-0.98.0-remove-patch-sections.patch: New file.
* gnu/packages/patches/rust-codex-0.98.0-test-shebangs.patch: New file.
* gnu/packages/patches/rust-codex-0.98.0-test-timeout.patch: New file.
* gnu/packages/patches/rust-codex-0.98.0-windows-sandbox-protocol-version.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add references to the patches.
* gnu/packages/rust-apps.scm (codex): New variable.
* gnu/packages/rust-crates.scm: Add crates.
* gnu/packages/rust-sources.scm (rust-codex-0.98.0): New variable.

Change-Id: Ic4af28034cbae83a7e212ee328cbdc25bce31ef0
This commit is contained in:
Danny Milosavljevic
2026-02-27 19:01:22 +01:00
parent 7986689cb6
commit 279410efb8
8 changed files with 1598 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
gnu/local.mk
View File

@@ -1125,6 +1125,7 @@ dist_patch_DATA = \
%D%/packages/patches/coda-use-system-libs.patch \
%D%/packages/patches/codex-acp-0.9.2-remove-patch-sections.patch \
%D%/packages/patches/codex-acp-0.9.2-replace-result-flatten.patch \
%D%/packages/patches/codex-0.98.0-remove-patch-sections.patch \
%D%/packages/patches/cogl-fix-double-free.patch \
%D%/packages/patches/collada-dom-boost.patch \
%D%/packages/patches/collectd-5.11.0-noinstallvar.patch \
@@ -2382,6 +2383,9 @@ dist_patch_DATA = \
%D%/packages/patches/rust-codex-0.98.0-core-file-lock.patch \
%D%/packages/patches/rust-codex-0.98.0-core-remove-self-dep.patch \
%D%/packages/patches/rust-codex-0.98.0-execpolicy-file-lock.patch \
%D%/packages/patches/rust-codex-0.98.0-test-shebangs.patch \
%D%/packages/patches/rust-codex-0.98.0-test-timeout.patch \
%D%/packages/patches/rust-codex-0.98.0-windows-sandbox-protocol-version.patch \
%D%/packages/patches/rust-ring-0.17-ring-core.patch \
%D%/packages/patches/rw-igraph-0.10.patch \
%D%/packages/patches/rxvt-unicode-fix-cursor-position.patch \

42
gnu/packages/patches/codex-0.98.0-remove-patch-sections.patch Normal file
View File

@@ -0,0 +1,42 @@
Author: Danny Milosavljevic <dannym@friendly-machines.com>
Date: 2026-02-08
License: ASL2.0
Remove [patch.crates-io] and [patch.'ssh://...'] sections and
exclude network-proxy from workspace members.
The [patch] sections point to git repositories which are unavailable
in an offline build. The vendored crossterm, ratatui,
tokio-tungstenite and tungstenite forks are provided as cargo-inputs
instead.
The network-proxy workspace member depends on rama which requires
Rust 1.91+.
--- a/codex-rs/Cargo.toml
+++ b/codex-rs/Cargo.toml
@@ -28,7 +28,6 @@
"lmstudio",
"login",
"mcp-server",
- "network-proxy",
"ollama",
"process-hardening",
"protocol",
@@ -311,16 +310,3 @@
debug = 1 # Reduce debug symbol size
inherits = "test"
opt-level = 0
-
-[patch.crates-io]
-# Uncomment to debug local changes.
-# ratatui = { path = "../../ratatui" }
-crossterm = { git = "https://github.com/nornagon/crossterm", branch = "nornagon/color-query" }
-ratatui = { git = "https://github.com/nornagon/ratatui", branch = "nornagon-v0.29.0-patch" }
-tokio-tungstenite = { git = "https://github.com/JakkuSakura/tokio-tungstenite", rev = "2ae536b0de793f3ddf31fc2f22d445bf1ef2023d" }
-
-# Uncomment to debug local changes.
-# rmcp = { path = "../../rust-sdk/crates/rmcp" }
-
-[patch."ssh://git@github.com/JakkuSakura/tungstenite-rs.git"]
-tungstenite = { git = "https://github.com/JakkuSakura/tungstenite-rs", rev = "f514de8644821113e5d18a027d6d28a5c8cc0a6e" }

56
gnu/packages/patches/rust-codex-0.98.0-test-shebangs.patch Normal file
View File

@@ -0,0 +1,56 @@
Author: Danny Milosavljevic <dannym@friendly-machines.com>
Date: 2026-02-27
License: ASL2.0
Subject: Use @SHELL@ placeholder for shebangs in embedded test scripts.
Tests that create and execute temporary shell scripts at runtime use
a hardcoded "#!/bin/sh" shebang. Replace with @SHELL@ so the build
phase can substitute the actual store path.
Also change assertions to print the actual error on failure.
diff -ruN a/codex-rs/rmcp-client/src/program_resolver.rs b/codex-rs/rmcp-client/src/program_resolver.rs
--- a/codex-rs/rmcp-client/src/program_resolver.rs
+++ b/codex-rs/rmcp-client/src/program_resolver.rs
@@ -82,7 +82,7 @@
cmd.envs(&env.mcp_env);
let output = cmd.output().await;
- assert!(output.is_ok(), "Unix should execute scripts directly");
+ output.expect("Unix should execute scripts directly");
Ok(())
}
@@ -134,10 +134,7 @@
cmd.envs(&env.mcp_env);
let output = cmd.output().await;
- assert!(
- output.is_ok(),
- "Resolved program should execute successfully"
- );
+ output.expect("Resolved program should execute successfully");
Ok(())
}
@@ -185,7 +182,7 @@
#[cfg(unix)]
{
let file = dir.join(Self::TEST_PROGRAM);
- fs::write(&file, "#!/bin/sh\nexit 0")?;
+ fs::write(&file, "#!@SHELL@\nexit 0")?;
Self::set_executable(&file)?;
}
diff -ruN a/codex-rs/tui/src/external_editor.rs b/codex-rs/tui/src/external_editor.rs
--- a/codex-rs/tui/src/external_editor.rs
+++ b/codex-rs/tui/src/external_editor.rs
@@ -159,7 +159,7 @@
let dir = tempdir().unwrap();
let script_path = dir.path().join("edit.sh");
- fs::write(&script_path, "#!/bin/sh\nprintf \"edited\" > \"$1\"\n").unwrap();
+ fs::write(&script_path, "#!@SHELL@\nprintf \"edited\" > \"$1\"\n").unwrap();
let mut perms = fs::metadata(&script_path).unwrap().permissions();
perms.set_mode(0o755);
fs::set_permissions(&script_path, perms).unwrap();

20
gnu/packages/patches/rust-codex-0.98.0-test-timeout.patch Normal file
View File

@@ -0,0 +1,20 @@
Author: Danny Milosavljevic <dannym@friendly-machines.com>
Date: 2026-03-05
License: ASL2.0
Subject: Increase per-event test timeout from 10 to 30 seconds.
In resource-constrained build environments, image processing (resize,
base64-encode, JSON serialization) can exceed 10 seconds under CPU
contention, causing intermittent test failures.
diff -ruN a/codex-rs/core/tests/common/lib.rs b/codex-rs/core/tests/common/lib.rs
--- a/codex-rs/core/tests/common/lib.rs
+++ b/codex-rs/core/tests/common/lib.rs
@@ -174,7 +174,7 @@
loop {
// Allow a bit more time to accommodate async startup work (e.g. config IO, tool discovery)
- let ev = timeout(wait_time.max(Duration::from_secs(10)), codex.next_event())
+ let ev = timeout(wait_time.max(Duration::from_secs(30)), codex.next_event())
.await
.expect("timeout waiting for event")
.expect("stream ended unexpectedly");

23
gnu/packages/patches/rust-codex-0.98.0-windows-sandbox-protocol-version.patch Normal file
View File

@@ -0,0 +1,23 @@
Author: Danny Milosavljevic <dannym@friendly-machines.com>
Date: 2026-02-25
License: ASL2.0
Subject: Add version to codex-protocol dependency in windows-sandbox-rs.
The codex-protocol dependency in windows-sandbox-rs uses the TOML table
format with an explicit path, rather than workspace inheritance
(workspace = true). Because it is not an intra-workspace dependency,
cargo cannot resolve its version from the workspace root Cargo.toml
and cargo package fails with "dependency `codex-protocol` does not
specify a version".
diff -u a/codex-rs/windows-sandbox-rs/Cargo.toml b/codex-rs/windows-sandbox-rs/Cargo.toml
--- a/codex-rs/windows-sandbox-rs/Cargo.toml
+++ b/codex-rs/windows-sandbox-rs/Cargo.toml
@@ -38,6 +38,7 @@
[dependencies.codex-protocol]
package = "codex-protocol"
path = "../protocol"
+version = "0.0.0"
[dependencies.rand]
default-features = false

326
gnu/packages/rust-apps.scm
View File

@@ -125,6 +125,7 @@
#:use-module (gnu packages python-xyz)
#:use-module (gnu packages ruby-xyz)
#:use-module (gnu packages rust)
#:use-module (gnu packages rust-sources)
#:use-module (gnu packages security-token)
#:use-module (gnu packages sqlite)
#:use-module (gnu packages terminals)
@@ -836,6 +837,331 @@ Commit and SemVer specifications.")
"This package provides CLI Tool for codeberg similar to gh and glab.")
(license license:agpl3+)))
(define-public codex
(package
(name "codex")
(version (package-version rust-codex-0.98.0))
(source
(origin
(inherit (package-source rust-codex-0.98.0))
(patches (search-patches
"rust-codex-0.98.0-execpolicy-file-lock.patch"
"rust-codex-0.98.0-core-file-lock.patch"
"rust-codex-0.98.0-arg0-file-lock.patch"
"codex-0.98.0-remove-patch-sections.patch"
"rust-codex-0.98.0-test-shebangs.patch"
"rust-codex-0.98.0-test-timeout.patch"))))
(build-system cargo-build-system)
(arguments
(list
#:install-source? #f
#:cargo-install-paths '(list "cli" "exec" "exec-server"
"linux-sandbox" "mcp-server"
"app-server" "tui")
;; schema_fixtures_match_generated (upstream fixture is stale:
;; FileChange::Update in codex-protocol gained old_content,
;; new_content, move_path fields but the committed JSON schema
;; fixture was not regenerated).
#:cargo-test-flags '(list "--workspace"
"--exclude" "codex-app-server-protocol"
"--"
;; These tests exercise sandbox denial and
;; escalation, which requires Landlock to
;; cleanly deny filesystem access. Inside the
;; build container Landlock returns NotEnforced
;; and the sandbox binary panics instead.
;; Disabling Landlock would not help either,
;; since these tests need a working sandbox to
;; have anything to deny and escalate.
"--skip" "sandbox_denied_shell_returns_original_output"
"--skip" "shell_escalated_permissions_rejected_then_ok"
"--skip" "unified_exec_runs_under_sandbox"
;; These tests (in codex-exec) directly call
;; spawn_command_under_linux_sandbox to verify
;; that python and bash work correctly inside
;; the Landlock sandbox. The sandbox binary
;; (codex-exec) panics with LandlockRestrict
;; (exit code 101) before the inner command
;; even starts.
"--skip" "python_getpwuid_works_under_sandbox"
"--skip" "python_multiprocessing_lock_works_under_sandbox"
"--skip" "sandbox_distinguishes_command_and_policy_cwds"
;; These linux-sandbox tests directly invoke
;; the Landlock sandbox via
;; process_exec_tool_call; same root cause.
"--skip" "test_writable_root"
"--skip" "test_timeout"
"--skip" "test_root_read"
"--skip" "test_dev_null_write"
"--skip" "test_no_new_privs_is_enabled"
;; This test iterates many approval scenarios;
;; one of them
;; (danger_full_access_on_request_allows_network)
;; runs a command through the Landlock sandbox
;; binary, which panics with LandlockRestrict
;; inside the build container. Cargo --skip
;; cannot target individual scenarios, so we
;; skip the entire matrix.
"--skip" "approval_matrix_covers_all_modes"
;; This test verifies session-level patch
;; approval caching: approve once, skip
;; future prompts for the same file. When
;; Landlock is unavailable (as in the Guix
;; build container) the sandbox binary panics,
;; triggering the escalation-retry path, which
;; interferes with the approval cache and
;; causes a spurious re-prompt on the second
;; patch.
"--skip" "approving_apply_patch_for_session_skips_future_prompts_for_same_file"
;; These tests expect to interrupt a
;; long-running 'sleep 60' and receive
;; TurnAborted. Default test config is
;; OnRequest + ReadOnly. What happens:
;;
;; 1. ReadOnly wraps the command with
;; codex-linux-sandbox (Landlock-based).
;; 2. Landlock is unavailable in the Guix
;; build container, so the sandbox
;; binary exits instantly (~1 ms).
;; 3. Orchestrator gets SandboxErr::Denied.
;; wants_no_sandbox_approval(OnRequest)
;; returns false (sandboxing.rs:222),
;; so no escalation -- denial returned
;; directly.
;; 4. ToolEmitter::finish sends the error
;; to the mock model as
;; function_call_output.
;; 5. Second mock SSE response fires,
;; turn finishes with TurnComplete.
;; 6. Op::Interrupt arrives 100 ms later,
;; but the turn is already done --
;; TurnAborted is never emitted,
;; test times out.
;;
;; The similar interrupt_long_running_tool_
;; emits_turn_aborted passes because it
;; sends the interrupt with no delay and
;; has only one mock response (so the turn
;; cannot complete first).
"--skip" "interrupt_persists_turn_aborted_marker_in_next_request"
"--skip" "interrupt_tool_records_history_entries"
;; Upstream bug: test hardcodes "0.0.0" in the
;; expected user-agent string but the workspace
;; version is "0.98.0".
"--skip" "get_user_agent_returns_current_codex_user_agent"
;; Same upstream bug: mcp-server tests
;; check the initialize response which
;; includes "version": "0.0.0" but the
;; server returns "0.98.0".
"--skip" "test_codex_tool_passes_base_instructions"
"--skip" "test_shell_command_approval_triggers_elicitation"
"--skip" "test_patch_approval_triggers_elicitation"
;; These codex-exec-server tests need
;; "dotslash", a Meta tool that lazily
;; downloads pre-built binaries from a
;; JSON manifest. The test helper
;; create_transport runs
;; `dotslash -- fetch <path>` to obtain a
;; custom bash binary described in
;; exec-server/tests/suite/bash.
;; dotslash is not available in the build
;; container.
"--skip" "list_tools"
"--skip" "accept_elicitation_for_prompt_rule"
;;; Test isolation bug: each test in
;;; state/src/runtime.rs calls
;;; unique_temp_dir() to get its own
;;; temporary directory (and thus its
;;; own SQLite database). That function
;;; names directories using the current
;;; nanosecond timestamp, so when tests
;;; run in parallel several can receive
;;; the same name and open the same
;;; database. The initial SQLite
;;; migration runs CREATE TABLE threads
;;; (without IF NOT EXISTS), so any init
;;; after the first panics with "table
;;; threads already exists". Any of
;;; these tests
;;; can be the victim.
"--skip" "init_removes_legacy_state_db_files"
"--skip" "upsert_and_get_thread_memory"
"--skip" "get_last_n_thread_memories_for_cwd_matches_exactly"
"--skip" "upsert_thread_memory_errors_for_unknown_thread"
"--skip" "get_last_n_thread_memories_for_cwd_zero_returns_empty"
"--skip" "get_last_n_thread_memories_for_cwd_does_not_prefix_match"
"--skip" "deleting_thread_cascades_thread_memory")
#:cargo-package-crates
''(;;; Tier 0: No internal deps.
"codex-async-utils"
"codex-client"
"codex-execpolicy"
"codex-file-search"
"codex-git"
"codex-keyring-store"
"codex-utils-absolute-path"
"codex-utils-cache"
"codex-utils-cargo-bin"
"codex-utils-home-dir"
"codex-utils-json-to-toml"
"codex-utils-pty"
"codex-utils-readiness"
"codex-utils-string"
"codex-backend-openapi-models"
"codex-process-hardening"
"codex-ansi-escape"
;;; Tier 1: Depends on tier 0.
"codex-utils-image"
"codex-apply-patch"
"codex-protocol"
"codex-windows-sandbox"
"codex-api"
"codex-experimental-api-macros"
"codex-secrets"
"codex-execpolicy-legacy"
"codex-debug-client"
;;; Tier 2.
"codex-app-server-protocol"
"codex-rmcp-client"
"codex-otel"
"codex-state"
"codex-core"
"codex-linux-sandbox"
"codex-feedback"
;;; Tier 3.
"codex-arg0"
"codex-lmstudio"
"codex-login"
"codex-ollama"
"codex-common"
"codex-mcp-server"
"codex-backend-client"
"codex-responses-api-proxy"
;;; Tier 4.
"codex-cloud-requirements"
"codex-exec"
"codex-exec-server"
"codex-stdio-to-uds"
;; codex-network-proxy requires rama which needs Rust 1.91+.
"codex-chatgpt"
"codex-cloud-tasks-client"
;;; Tier 5.
"codex-app-server"
"codex-app-server-test-client"
"codex-tui"
;;; Tier 6.
"codex-cloud-tasks"
;; The main executable.
"codex-cli")
#:phases
#~(modify-phases %standard-phases
(add-after 'unpack 'chdir-to-workspace
(lambda _
(chdir "codex-rs")))
(add-after 'chdir-to-workspace 'update-version-in-snapshots
(lambda _
;; Snapshot test files contain hardcoded v0.0.0 version strings.
;; Update them to match the actual package version.
(let ((snap-files (find-files "." "\\.snap$")))
(substitute* snap-files
(("\\(v0\\.0\\.0\\) ") "(v0.98.0)")))))
(add-after 'chdir-to-workspace 'patch-git-deps-to-vendor
(lambda _
;; Replace git dependencies with version references so cargo
;; resolves them from the vendored sources.
(substitute* "Cargo.toml"
(("nucleo = \\{ git = [^}]+\\}")
"nucleo = \"0.5.0\"")
(("runfiles = \\{ git = [^}]+\\}")
"runfiles = \"0.1.0\""))))
(add-after 'chdir-to-workspace 'add-version-to-workspace-deps
(lambda _
;; cargo package requires all dependencies to have versions.
;; cargo package requires all dependencies to have versions.
;; Add version = "0.98.0" to internal path dependencies.
(let ((cargo-files (find-files "." "^Cargo\\.toml$")))
(substitute* cargo-files
;; Handle inline deps: name = { path = "..." }
(("(codex-[a-z0-9-]+) = \\{ path = " all name)
(string-append name " = { version = \"0.98.0\", path = "))
;; Handle inline deps with package: name = { package = "...", path = "..." }
(("(codex-[a-z0-9-]+) = \\{ package = " all name)
(string-append name " = { version = \"0.98.0\", package = "))
;; Handle section deps: [dependencies.X] with path = "..."
(("^(path = \"\\.\\./[^\"]*\")" all path-line)
(string-append path-line "\nversion = \"0.98.0\""))))))
(add-after 'chdir-to-workspace 'patch-hardcoded-paths
(lambda* (#:key inputs #:allow-other-keys)
(let ((bash-bin (string-append
(assoc-ref inputs "bash-minimal") "/bin"))
(coreutils-bin (string-append
(assoc-ref inputs "coreutils") "/bin"))
(git-bin (string-append
(assoc-ref inputs "git-minimal") "/bin"))
(sed-bin (string-append
(assoc-ref inputs "sed") "/bin"))
;; Include .policy files: the execpolicy-legacy
;; crate embeds default.policy via include_str!
;; at compile time, so its paths must also be
;; patched.
(rs-files (find-files "." "\\.(rs|policy)$")))
(substitute* rs-files
(("\"/bin/bash\"")
(string-append "\"" bash-bin "/bash\""))
(("\"/bin/sh\"")
(string-append "\"" bash-bin "/sh\""))
(("\"/usr/bin/bash\"")
(string-append "\"" bash-bin "/bash\""))
(("\"/usr/bin/sh\"")
(string-append "\"" bash-bin "/sh\""))
;;; bash/sh with inline arguments, e.g. "/bin/bash -i".
(("\"/bin/bash ")
(string-append "\"" bash-bin "/bash "))
(("\"/bin/sh ")
(string-append "\"" bash-bin "/sh "))
;; coreutils.
(("\"/bin/(cat|cp|date|echo|head|ls|rm|sleep|true|touch)\"" all cmd)
(string-append "\"" coreutils-bin "/" cmd "\""))
;; coreutils.
(("\"/usr/bin/(cat|cp|head|ls|touch|true)\"" all cmd)
(string-append "\"" coreutils-bin "/" cmd "\""))
;; coreutils with inline arguments
;; like "/bin/echo END-EVENT".
(("\"/bin/(cat|cp|date|echo|head|ls|rm|sleep|true|touch) " all cmd)
(string-append "\"" coreutils-bin "/" cmd " "))
(("\"/usr/bin/git\"")
(string-append "\"" git-bin "/git\""))
(("\"/usr/bin/sed\"")
(string-append "\"" sed-bin "/sed\"")))
;; @SHELL@ placeholder from test-shebangs patch
(substitute*
(list "rmcp-client/src/program_resolver.rs"
"tui/src/external_editor.rs")
(("@SHELL@")
(string-append bash-bin "/sh")))
;; shebang in test-only file
(substitute*
"core/tests/suite/user_notification.rs"
(("#!/bin/bash")
(string-append "#!" bash-bin "/bash"))))))
(add-before 'check 'set-home
(lambda _
(setenv "HOME" "/tmp")
(setenv "USER" "nixbld"))))))
(native-inputs (list perl python-minimal ;for tests
pkg-config))
(inputs (cons* bash-minimal coreutils git-minimal sed
openssl sqlite `(,zstd "lib")
(cargo-inputs 'codex)))
(home-page "https://github.com/openai/codex")
(synopsis "AI-assisted coding CLI and TUI")
(description
"Codex is an AI-powered coding assistant that runs in the terminal.
It provides an interactive TUI for conversations with AI models, with
support for shell command execution, file editing, and code generation.
Configure providers via @file{~/.codex/config.toml}.")
(license license:asl2.0)))
(define-public codex-acp
(package
(name "codex-acp")

1019
gnu/packages/rust-crates.scm
View File

File diff suppressed because it is too large Load Diff

108
gnu/packages/rust-sources.scm
View File

@@ -818,6 +818,114 @@ intelligence.")
and runtime for AI-assisted coding.")
(license license:asl2.0)))))
(define-public rust-codex-0.98.0
(hidden-package
(package
(name "rust-codex")
(version "0.98.0")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/openai/codex")
(commit "82464689ce0ba8a3b2065e73a8aa0cfdf2ad0625")))
(file-name (git-file-name name version))
(sha256
(base32 "1mn322gbir4gn4y5jihdqg0wprjlnx771chyfmmm7ri7pnim1zmc"))
;; TODO: Remove patches when Rust provides stable file locking API.
;; The file_lock feature is tracked at
;; <https://github.com/rust-lang/rust/issues/130994>.
(snippet '(begin
;;; These are JSON manifests with a dotslash
;;; shebang that download and run pre-built
;;; binaries (ripgrep, bash) at runtime.
(delete-file "codex-cli/bin/rg")
(delete-file "codex-rs/exec-server/tests/suite/bash")
;; Bundled bubblewrap source tree; includes a
;; compiled BPF blob (demos/flatpak.bpf).
(delete-file-recursively "codex-rs/vendor/bubblewrap")))
(patches (search-patches "rust-codex-0.98.0-execpolicy-file-lock.patch"
"rust-codex-0.98.0-core-file-lock.patch"
"rust-codex-0.98.0-arg0-file-lock.patch"
"rust-codex-0.98.0-core-remove-self-dep.patch"
"rust-codex-0.98.0-windows-sandbox-protocol-version.patch"
"rust-codex-0.98.0-test-shebangs.patch"))))
(build-system cargo-build-system)
(arguments
(list
#:skip-build? #t
#:cargo-package-crates
;; Order matters: dependencies must come before packages that need them
''("codex-async-utils" ; No internal deps
"codex-client" ; No internal deps
"codex-execpolicy" ; No internal deps
"codex-file-search" ; No internal deps
"codex-git" ; No internal deps
"codex-keyring-store" ; No internal deps
"codex-utils-absolute-path" ; No internal deps
"codex-utils-cache" ; No internal deps
"codex-utils-cargo-bin" ; No internal deps
"codex-utils-home-dir" ; No internal deps
"codex-utils-json-to-toml" ; No internal deps
"codex-utils-pty" ; No internal deps
"codex-utils-readiness" ; No internal deps
"codex-utils-string" ; No internal deps
"codex-utils-image" ; Depends on codex-utils-cache
"codex-apply-patch" ; Depends on codex-utils-cargo-bin
"codex-protocol" ; Depends on codex-git, codex-utils-*
"codex-windows-sandbox" ; Depends on codex-utils-absolute-path, codex-protocol
"codex-api" ; Depends on codex-client, codex-protocol
"codex-experimental-api-macros" ; Macro crate (must come before app-server-protocol)
"codex-app-server-protocol" ; Depends on codex-protocol, codex-experimental-api-macros
"codex-rmcp-client" ; Depends on codex-keyring-store, codex-protocol
"codex-otel" ; Depends on codex-app-server-protocol, codex-api
"codex-state" ; Depends on codex-protocol, codex-otel
"codex-core" ; Depends on many packages above
"codex-linux-sandbox" ; Depends on codex-core, codex-utils-absolute-path
"codex-arg0" ; Depends on codex-apply-patch, codex-core, codex-linux-sandbox
"codex-lmstudio" ; Depends on codex-core
"codex-login" ; Depends on codex-core
"codex-ollama" ; Depends on codex-core
"codex-common" ; Depends on codex-core, codex-lmstudio, codex-ollama
"codex-mcp-server") ; Depends on codex-core, codex-common
#:phases
#~(modify-phases %standard-phases
(add-after 'unpack 'chdir-to-workspace
(lambda _
(chdir "codex-rs")))
(add-after 'chdir-to-workspace 'patch-git-deps-to-vendor
(lambda _
(substitute* "Cargo.toml"
(("crossterm = \\{ git = [^}]+\\}")
"crossterm = { version = \"0.28.1\" }")
(("ratatui = \\{ git = [^}]+\\}")
"ratatui = { version = \"0.29.0\" }")
(("tokio-tungstenite = \\{ git = [^}]+\\}")
"tokio-tungstenite = { version = \"0.28.0\" }")
(("nucleo = \\{ git = [^}]+\\}")
"nucleo = { version = \"0.5.0\" }")
(("runfiles = \\{ git = [^}]+\\}")
"runfiles = { version = \"0.1.0\" }"))))
(add-after 'chdir-to-workspace 'add-version-to-workspace-deps
(lambda _
;; cargo package requires all dependencies to have versions.
;; Add version = "0.98.0" to internal path dependencies.
(let ((cargo-files (find-files "." "^Cargo\\.toml$")))
(substitute* cargo-files
(("(codex-[a-z0-9-]+) = \\{ path = " all name)
(string-append name " = { version = \"0.98.0\", path = "))
(("(codex-[a-z0-9-]+) = \\{ package = " all name)
(string-append name " = { version = \"0.98.0\", package = "))
(("(mcp-types) = \\{ path = " all name)
(string-append name " = { version = \"0.98.0\", path = ")))))))))
(inputs (cargo-inputs 'rust-codex-0.0.0.785c0c43))
(home-page "https://github.com/openai/codex")
(synopsis "OpenAI Codex workspace crates")
(description
"This package provides the workspace crates for the OpenAI Codex CLI
and runtime for AI-assisted coding.")
(license license:asl2.0))))
;; Also update (@ (gnu packages gnome) glycin-loaders) when updating this.
(define-public rust-glycin-3
(package