🤖 feat: add Mux Extension Platform v1

[ThomasK33]

Summary

Adds the Mux Extension Platform v1 behind the EXTENSION_PLATFORM experiment and documents the platform's architectural pivot to Extension Modules: extension folders with a single extension.ts, statically extractable manifests, QuickJS-based discovery/activation, skill-style root precedence, source locks, and Mux-owned trust/capability state. The implementation is now partially refactored toward that model: trusted roots can discover direct child Extension Module folders via static extension.ts manifest extraction, local authoring roots use ~/.mux/extensions/local, and source-lock schemas now model git/vendored extension sources without carrying trust state.

Background

This PR grew out of the need to consolidate Mux's extension surfaces across skills, tools, agents, policies, themes, and future runtime contributions. During review, the design moved away from npm-package identity and repo-stored project approvals toward a Go-modules-like Extension Module model. The updated docs capture that decision, the code hardens the current scaffold so repositories cannot provide security authority, and the latest slices begin moving discovery/root layout/source metadata from package manifests to static Extension Module manifests and locks.

Implementation

• Adds extension manifest/domain schemas, descriptor validation, permission calculation, drift detection, conflict resolution, provenance-aware telemetry helpers, global state, project-scoped state, and snapshot caching.
• Adds transitional Extension Name support alongside old dotted package identities so kebab-case module names can appear in registry snapshots, IPC payloads, and persisted state keys.
• Adds static extension.ts manifest extraction for export const manifest = defineManifest({ ... }) or a literal object export, rejecting dynamic manifest values without executing extension code.
• Adds trusted-root Extension Module discovery for direct child folders containing extension.ts, including folder-name validation, manifest.name mismatch diagnostics, project-local pre-trust no-read behavior, and static capability validation.
• Points the user-global local authoring root at ~/.mux/extensions/local and updates initializeUserRoot to create that folder instead of a package-root package.json.
• Adds source-lock schemas for global git locks and project git/vendored locks, with strict rejection of repository-provided trust/approval state.
• Adds node discovery/registry services, root watching, bundled-root assembly, ORPC routes, service-container wiring, and bun run debug extensions.
• Threads extension-contributed skills through skill discovery, slash dispatch, stream context construction, and agent_skill_* tool reads, including hardened skill-body reads that reject symlinks and TOCTOU path swaps.
• Adds the Extensions settings UI, Extension cards, consent shortcut/granular controls, diagnostics surfacing, palette entries, and keyboard shortcuts.
• Adds a bundled demo extension package and deterministic bundled-extension assembly tooling for the current scaffold.
• Updates docs, RFC, PRD, ADRs, release checklist, telemetry docs, and authoring docs to describe Extension Modules (extension.ts) as the target architecture.
• Stores project-local extension trust/enablement/grants in Mux-owned global storage under ~/.mux/extensions/project-state/<project-hash>/, not inside the target repository.

Validation

• make static-check
• make test -j1
• Latest TDD slices:
  • bun test src/node/extensions/extensionRoots.test.ts src/node/orpc/extensionsRouter.test.ts src/common/extensions/sourceLocks.test.ts src/node/extensions/staticManifestExtractor.test.ts src/node/extensions/extensionDiscoveryService.test.ts
• Earlier targeted tests during review cleanup:
  • bun test src/common/extensions/conflictResolver.test.ts src/common/extensions/permissionCalculator.test.ts
  • bun test src/node/extensions/bundledExtensionsAssemble.test.ts
  • bun test src/node/extensions/projectExtensionStateService.test.ts
  • bun test src/node/orpc/extensionsRouter.test.ts
  • bun test src/cli/debug/extensions.test.ts
  • bun test src/browser/features/Settings/Sections/ExtensionCard.test.tsx src/browser/features/Settings/Sections/ExtensionsSection.test.tsx

Risks

This is a large additive subsystem touching startup wiring, settings UI, package assembly, telemetry, and skill discovery. The primary rollback lever is the default-on EXTENSION_PLATFORM experiment. The highest remaining architectural risk is that full QuickJS Registration Discovery/Full Activation and git install/store materialization are still follow-up work; the current module-discovery slice intentionally publishes no module-registered skills until that runtime path exists.

Pains

This PR required several review and merge cycles: resolving older security findings, integrating concurrent main changes around heartbeat/image-generation skill filtering, aligning extension skill IDs with agent skill schemas, moving project extension state out of repositories after review identified the trust-injection vulnerability, and beginning the package-to-Extension-Module refactor while preserving transitional compatibility.

---

Generated with mux • Model: openai:gpt-5.5 • Thinking: off • Cost: $916.09

[ThomasK33]

/coder-agents-review

[ThomasK33]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 78225309f0

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[mintlify]

Preview deployment for your docs. Learn more about Mintlify Previews.

Project	Status	Preview	Updated (UTC)
Mux	🟢 Ready	View Preview	May 8, 2026, 11:35 AM

💡 Tip: Enable Workflows to automatically generate PRs for you.

[coder-agents-review]

First-pass review (Netero only). These are mechanical findings from the first-pass scan. The full review panel has not yet reviewed this PR. The panel will review after these findings are addressed.

Severity count: 2 P2, 1 P3, 1 Nit, 1 Note.

The extension platform is well-structured: broad test coverage (~51% test-to-code ratio), clean error handling patterns, no circular imports, and thoughtful domain modeling. The architecture separates concerns cleanly across common/node/browser layers.

"TypeScript structural typing makes the mismatch compile-safe, but the displayName and extensionId fields from the registry are silently dropped by every consumer." (Netero)

🤖 This review was automatically generated with Coder Agents.

[ThomasK33]

/coder-agents-review

[ThomasK33]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 782fdaeb28

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

/coder-agents-review

[ThomasK33]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 782fdaeb28

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

/coder-agents-review

[ThomasK33]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: efc6c71a1f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[coder-agents-review]

Panel review (10 reviewers: Bisky, Hisoka, Kite, Knov, Mafuuu, Melody, Meruem, Nami, Pariston, Zoro). All 5 R1 Netero findings addressed; thank you for the quick fixes.

Severity count: 1 P1, 5 P2, 7 P3, 2 Nit.

The architecture is well-designed: clean domain model separation, strong test coverage (51% ratio), thoughtful conflict resolution, and principled ADRs. The permission model, telemetry gating, and path containment are solid foundations.

The P1 is surgical: PolicyFileSchema.passthrough() was the only schema loosened while all others remain strict. The P2s cluster around scope-blind stale detection, async UI coordination, and accessibility. Most P3s are correctness-in-future-scenarios (multi-root, identity conflicts) that are latent in v1 but worth fixing before the code fossilizes.

"A Governor administrator who fat-fingers extensionPlatfrom: false previously got a parse error. Now it passes, the intended kill switch never fires, and the extension platform runs unblocked on a managed fleet." (Hisoka)

🤖 This review was automatically generated with Coder Agents.

[coder-agents-review]

Round 3 is blocked. Further review is paused until the author responds to or pushes fixes for the open findings from Round 2.

DEREM-6 (P3, initialize user root) and DEREM-8 (P2, scope-blind stale records) were addressed in efc6c71. Thank you.

The following findings remain open with no response:

• DEREM-7 (P1): PolicyFileSchema .strict() to .passthrough() (policy.ts:81). The security kill switch typo gap.
• DEREM-9 (P2): wrapBusy async race (ExtensionCard.tsx:512)
• DEREM-10 (P2): aria-modal without focus trap (ConsentShortcutModal.tsx, DestructiveConfirmDialog.tsx, ExtensionsCheatSheetModal.tsx)
• DEREM-11 (P2): projectExtensionStateService non-atomic read-then-write (projectExtensionStateService.ts:60)
• DEREM-12 (P2): resolveScopeByRootId maps bundled to global scope (extensionRegistryService.ts:251)
• DEREM-13 (P3): permissions map keyed by extensionId alone
• DEREM-14 (P3): extensionRootWatcher scheduleReload missing closed check
• DEREM-15 (P3): homepage link no protocol validation
• DEREM-16 (P3): no loading state for extensions section
• DEREM-17 (P3): cheat sheet modal no Escape handler
• DEREM-18 (P3): onChanged multicast test 10ms sleep fragility
• DEREM-19 (P3): runReloadRoot stale flags from spliced roots
• DEREM-20 (Nit): useCallback/useMemo vs React Compiler convention
• DEREM-21 (Nit): dead manifest-invalid UnavailableReason variant

🤖 This review was automatically generated with Coder Agents.

[ThomasK33]

/coder-agents-review

[ThomasK33]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 15c9e0283c

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

/coder-agents-review

[ThomasK33]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 7e95e2ef3a

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 7e95e2ef3a

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

/coder-agents-review

[ThomasK33]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 78bfd470c6

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[coder-agents-review]

Re-review (4 reviewers: Mafuuu, Meruem, Nami, Kite). All 14 R2 fixes verified clean. DEREM-20 (useCallback/useMemo) closed by panel vote (2/2 accept author defense).

Severity count: 2 P2, 5 P3.

The R3/R4 fix commits addressed every P1 and P2 from Round 2 correctly. The new findings cluster around a common root: the multi-root improvements (efc6c71) added support for multiple project-local roots in rendering (getRootSections), but the keyboard navigation, trust shortcuts, and permission lookup paths still assume at most one project-local root. These are fix-chain artifacts from the DEREM-8/DEREM-19 fixes that broadened root enumeration.

The keyboard-behind-modal finding (DEREM-31) is the highest priority: the consent modal is a security-consent surface, and having the section shortcut handler execute r (reload), e (enable), t (trust) behind it undermines the consent flow.

"Pressing J to navigate: the focus ring moves through bundled, user-global, and the first project-local root's extensions, then stops. Extensions from the second project-local root are visible on screen but unreachable via keyboard." (Mafuuu)

🤖 This review was automatically generated with Coder Agents.

[coder-agents-review]

Round 5 is blocked. Further review is paused until the author responds to or pushes fixes for the open findings from Round 4.

DEREM-33 (lookupLiveRequestedPermissions) and DEREM-34 (conflict descriptor) were addressed. Thank you.

The following findings remain open with no response:

• DEREM-30 (P2): orderedExtensions only traverses first project-local root; J/K navigation skips the rest (ExtensionsSection.tsx:746)
• DEREM-31 (P2): Keyboard handler fires behind open consent/destructive modals (ExtensionsSection.tsx:770)
• DEREM-28 (P3): reloadRoot(rootId) name claims targeted but is full reload (extensionRegistryService.ts:292)
• DEREM-32 (P3): Trust shortcut targets only first project-local root (ExtensionsSection.tsx:760)
• DEREM-35 (P3): body-failed condition changed with zero test coverage (extensionRegistryService.ts:639)
• DEREM-36 (P3): Modals lack focus trapping; Tab escapes to background (ConsentShortcutModal.tsx:74)

🤖 This review was automatically generated with Coder Agents.

[ThomasK33]

/coder-agents-review

[ThomasK33]

@codex review

Addressed the registration capability approval feedback:

• Registration permissions are now auto-effective from discovered contributions and excluded from pendingNew/effect approval drift.
• Full Activation now requires approval only for requested effect permissions; registration-only enabled extensions can activate without a persisted approval record.
• Persisted approval records now store effect permissions only.

Validation:

• bun test src/common/extensions/permissionCalculator.test.ts src/node/extensions/extensionDiscoveryService.test.ts src/node/extensions/extensionRegistryService.test.ts src/node/orpc/extensionsRouter.test.ts src/cli/debug/extensions.test.ts
• make static-check

[ThomasK33]

@codex review

Addressed the draft module watcher feedback by watching valid module-name child directories even before extension.ts exists, while still avoiding unrelated root children and only recursing into nested module directories once an entrypoint is present. Added coverage for creating extension.ts after the module directory watcher is installed.

Validation:

• bun test src/node/extensions/extensionRootWatcher.test.ts
• make static-check

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. 🚀

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

@codex review

Follow-up: made the palette subscription-order test deterministic by extracting the subscribe-then-fetch sequence into a small helper and testing that helper directly, avoiding React effect scheduling delays seen in the full remote unit suite.

Validation:

• bun test src/browser/hooks/useExtensionsPaletteSource.test.ts src/browser/features/Settings/Sections/ExtensionsSection.test.tsx
• make static-check

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ab59970168

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

@codex review

Addressed the Quick Setup rollback trust finding by no longer calling untrustRoot from the failed consent-shortcut rollback path, because that backend operation also clears project-wide trust. The rollback still disables the extension if this flow enabled it, and leaves trust state intact for retry/manual handling. Added coverage that a project-local Quick Setup approval failure does not call untrustRoot after trustRoot succeeds.

Validation:

• bun test src/browser/features/Settings/Sections/ExtensionsSection.test.tsx
• make static-check

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 42edba78b8

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

@codex review

Addressed the reserved first-party Extension Name feedback by rejecting non-bundled static manifests whose folder/name uses the reserved mux/mux-* namespace, while still allowing bundled roots to claim those names. Added static manifest validator coverage for both rejection and bundled acceptance.

Validation:

• bun test src/common/extensions/manifestValidator.test.ts src/node/extensions/extensionDiscoveryService.test.ts
• make static-check

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: e583fbb69f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

@codex review

Addressed the CLI scaffold reserved-name feedback by applying the same reserved mux/mux-* namespace check in mux extensions create before creating files. Added CLI coverage that mux extensions create mux-platform-demo rejects and leaves no local module behind.

Validation:

• bun test src/cli/extensions.test.ts src/common/extensions/manifestValidator.test.ts
• bun run eslint src/cli/extensions.ts src/cli/extensions.test.ts src/common/extensions/manifestValidator.ts src/common/extensions/manifestValidator.test.ts
• make static-check

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. What shall we delve into next?

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

@codex review

Pushed a follow-up that fixes full unit-suite isolation failures: restoring mocked modules after test files and avoiding an eager rejected mock promise in the workspace fork test.

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. You're on a roll.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

@codex review

Pushed a follow-up for the CI-only unit timeout: ImmersiveReviewView tests now mock diff highlighting so the line-budget regression test does not wait on the Shiki worker under CI.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 505e6e37a8

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

Addressed latest Codex finding:

• PRRT_kwDOPxxmWM6FI4QV / ExtensionCard.tsx: contribution availability now requires both permission availability and activation state. Body read/parse failures (activated: false) render as Unavailable instead of Available, with a regression test covering a contribution.body.invalid skill.

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 15887f14db

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

Addressed latest Codex finding:

• PRRT_kwDOPxxmWM6FJEd_ / ExtensionCard.tsx: conflicted contributions now also render as Unavailable; contributionAvailable requires permissions, activation, and no conflict. Added a regression test for a conflicted skill with otherwise-satisfied permissions.

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: bcf81e6585

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

Addressed latest Codex finding:

• PRRT_kwDOPxxmWM6FJOGU / ExtensionCard.tsx: extension-level identity conflicts now mark every contribution row as conflicted/unavailable, so a losing extension cannot display an otherwise-satisfied skill as available. Added a regression test for an extension.identity.conflict diagnostic.

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: b496a26323

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

Addressed latest Codex finding:

• PRRT_kwDOPxxmWM6FJWRW / ExtensionCard.tsx: Extension cards now consume resolver inspection descriptors from the registry snapshot. Descriptor availability is the source of truth, so losing conflicts/body failures show Unavailable while winning extension-identity conflicts preserve Available. Added regression coverage for both losing and winning extension-identity conflict rows.

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Nice work!

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

@codex review

Pushed a follow-up for the unit failure on the latest head: the line-budget ImmersiveReviewView regression now uses a .txt fixture path so it exercises the 1500-line full-file boundary without invoking the TypeScript highlighter worker under CI.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a897fc223f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

Addressed latest Codex finding:

• PRRT_kwDOPxxmWM6FJ6Bi / openedFileRealpath.ts: Windows now falls back to comparing the opened handle's stat identity against the fallback path stat before returning the fallback realpath. POSIX still fails closed when fd namespaces are unavailable. Added a Windows-mode regression test for the fd-namespace-unavailable path.

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Already looking forward to the next diff.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

@codex review

Pushed a follow-up for the latest unit failures: the long-running boundary tests now have explicit 10s Bun timeouts, and the ImmersiveReviewView line-budget test still uses a text fixture to avoid highlighter work while exercising the 1500-line boundary.

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Keep it up!

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".