Skip to content

Refactor: Launch‑gated global CLI/daemon appliance (strict JSON launch, project attach, docs) #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
clduab11 wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Refactor: Launch‑gated global CLI/daemon appliance (strict JSON launch, project attach, docs) #61

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
4fd79ee
feat(cli): add strict launch JSON contract and project attach registry
clduab11 Mar 7, 2026
bd31a7a
Initial plan
Copilot Mar 7, 2026
bcab08a
fix: change repo.dependencies launch-gate check to read-only npm ci -…
Copilot Mar 7, 2026
95e879f
revert accidental package-lock.json changes from interrupted npm install
Copilot Mar 7, 2026
305835f
Merge pull request #62 from clduab11/copilot/sub-pr-61
clduab11 Mar 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions .codex-synaptic/project.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"$schema": "./project.schema.json",
"projectId": "codex-synaptic",
"launchGate": {
"required": true,
"strictJsonCommand": "codex-synaptic launch --strict --json"
},
"daemon": {
"stateDir": "~/.codex-synaptic",
"allowStateInsideRepo": false
},
"optionalEngines": {
"ruflo": true,
"ruvFann": true
Comment on lines +13 to +14
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Mar 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

There's an inconsistency in the naming of the optional engine. Here it's ruvFann (camelCase), but the implementation in src/adapters/optional-engines.ts and src/cli/launch.ts expects ruv-fann (kebab-case). The documentation also uses ruv-FANN or ruv-fann. This discrepancy will prevent the configuration from being correctly applied.

To ensure consistency and correct functionality, I recommend standardizing on ruv-fann across all configuration, code, and documentation. This is also a more common convention for keys representing tool names in configuration files.

Suggested change
"ruflo": true,
"ruvFann": true
"ruflo": true,
"ruv-fann": true

}
}
33 changes: 33 additions & 0 deletions .codex-synaptic/project.schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"type": "object",
"required": ["projectId", "launchGate", "daemon"],
"properties": {
"projectId": { "type": "string", "minLength": 1 },
"launchGate": {
"type": "object",
"required": ["required", "strictJsonCommand"],
"properties": {
"required": { "type": "boolean" },
"strictJsonCommand": { "type": "string" }
}
},
"daemon": {
"type": "object",
"required": ["stateDir", "allowStateInsideRepo"],
"properties": {
"stateDir": { "type": "string" },
"allowStateInsideRepo": { "type": "boolean" }
}
},
"optionalEngines": {
"type": "object",
"properties": {
"ruflo": { "type": "boolean" },
"ruvFann": { "type": "boolean" }
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Mar 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

To align with the suggested change of standardizing the optional engine name to ruv-fann, the JSON schema should also be updated to expect ruv-fann instead of ruvFann.

Suggested change
"ruvFann": { "type": "boolean" }
"ruv-fann": { "type": "boolean" }

},
"additionalProperties": false
}
},
"additionalProperties": false
}
20 changes: 20 additions & 0 deletions .codex/config.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
[project]
root = "."
trusted = true
sandbox = "workspace-write"
approvals = "on-request"

[paths]
restrict_to_project_root = true

[mcp_servers.filesystem]
command = "npx"
args = ["-y", "@modelcontextprotocol/server-filesystem", "."]

[mcp_servers.playwright]
command = "npx"
args = ["-y", "@playwright/mcp@latest"]

[mcp_servers.desktop_commander]
command = "npx"
args = ["-y", "@modelcontextprotocol/server-desktop-commander"]
Comment on lines +14 to +20
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot Mar 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🌐 Web query:

What is the latest version of @modelcontextprotocol/server-filesystem npm package?

💡 Result:

The latest published version of @modelcontextprotocol/server-filesystem on npm is 2026.1.14. [1] [2]

🌐 Web query:

What is the latest version of @playwright/mcp npm package?

💡 Result:

The latest stable version published for the @playwright/mcp npm package is 0.0.68. [1]

There are also newer pre-release (alpha) builds under the 0.0.68-alpha-... version line. [2]

Sources: [1] [2]

🌐 Web query:

What is the latest version of @modelcontextprotocol/server-desktop-commander npm package?

💡 Result:

I couldn’t verify any published version for @modelcontextprotocol/server-desktop-commander on the public npm ecosystem (no third‑party index I checked shows a version number for that exact package name). Some directories/config examples reference it, but they don’t include a resolvable “latest version” tag. [1]

In practice, “Desktop Commander” is commonly installed/run as @wonderwhy-er/desktop-commander (often via @latest) rather than @modelcontextprotocol/server-desktop-commander. [2]

Sources:
[1] (agenticskills.io)
[2] (libraries.io)

Citations:

🏁 Script executed:

cat .codex/config.toml

Repository: clduab11/codex-synaptic

Length of output: 495

Verify the desktop_commander package name—@modelcontextprotocol/server-desktop-commander does not exist on npm.

The config references a package that cannot be resolved. Consider checking if you meant @wonderwhy-er/desktop-commander or another alternative server package. This will cause installation failures when attempting to launch the MCP server.

Separately, consider pinning MCP server versions for reproducibility. Currently, @playwright/mcp uses @latest while others use implicit latest. Pinning to specific versions avoids unexpected behavior changes during CI or automation runs. For example:

  • @modelcontextprotocol/server-filesystem@2026.1.14
  • @playwright/mcp@0.0.68

Without pinning, each npx invocation may pull different versions, reducing determinism in your automation.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.codex/config.toml around lines 14 - 20, The mcp_servers.desktop_commander
entry references a non-existent npm package
"@modelcontextprotocol/server-desktop-commander" so update the
mcp_servers.desktop_commander args to the correct package (e.g., replace
"@modelcontextprotocol/server-desktop-commander" with the verified package name
such as "@wonderwhy-er/desktop-commander" or your actual server package) or
remove the entry if unused; additionally pin versions for reproducibility by
changing mcp_servers.playwright args from "@playwright/mcp@latest" to a specific
version (and likewise pin the desktop_commander/server-filesystem packages to
explicit versions like "@playwright/mcp@0.0.68" and
"@modelcontextprotocol/server-filesystem@2026.1.14" or your chosen versions) so
npx calls are deterministic.

518 changes: 40 additions & 478 deletions AGENTS.md
View file
Open in desktop

Large diffs are not rendered by default.

170 changes: 36 additions & 134 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,156 +1,58 @@
# codex-synaptic

[![Stars](https://img.shields.io/github/stars/clduab11/codex-synaptic?style=for-the-badge&logo=github)](https://github.com/clduab11/codex-synaptic/stargazers)
[![Forks](https://img.shields.io/github/forks/clduab11/codex-synaptic?style=for-the-badge&logo=github)](https://github.com/clduab11/codex-synaptic/network/members)
[![Open Issues](https://img.shields.io/github/issues/clduab11/codex-synaptic?style=for-the-badge&logo=github)](https://github.com/clduab11/codex-synaptic/issues)
[![Open PRs](https://img.shields.io/github/issues-pr/clduab11/codex-synaptic?style=for-the-badge&logo=github)](https://github.com/clduab11/codex-synaptic/pulls)
[![Commit Activity](https://img.shields.io/github/commit-activity/m/clduab11/codex-synaptic?style=for-the-badge&logo=git)](https://github.com/clduab11/codex-synaptic/commits/main)
[![License: AGPL-3.0](https://img.shields.io/badge/License-AGPL--3.0-blue?style=for-the-badge)](https://www.gnu.org/licenses/agpl-3.0.en.html)
[![Node](https://img.shields.io/badge/Node-20%2B-339933?style=for-the-badge&logo=node.js)](https://nodejs.org/)
[![TypeScript](https://img.shields.io/badge/TypeScript-5.x-3178C6?style=for-the-badge&logo=typescript)](https://www.typescriptlang.org/)

Operator-grade orchestration for Codex workflows: daemon-backed runtime control, live terminal dashboards, and MCP-driven external bridges.

## Why This Release

Codex for macOS is now the default frontend path for this repo's operator workflow. This release tightens the "app + CLI + MCP" loop so teams can run Codex-Synaptic predictably in Local, Worktree, and Cloud-aligned flows.

### Verified alignment with official OpenAI docs (February 2026)

- Codex app setup is macOS (Apple Silicon) and recommended for Mac users.
- App feature model includes Local / Worktree / Cloud modes, built-in Git, integrated terminal, automations, and MCP support.
- Codex CLI supports interactive mode, `resume`, `cloud`, `exec`, and `mcp` operations.
- Security defaults recommend workspace-write + on-request approvals for version-controlled repos.

Sources:
- [Codex Quickstart](https://developers.openai.com/codex/quickstart/)
- [Codex App](https://developers.openai.com/codex/app/)
- [Codex App Features](https://developers.openai.com/codex/app/features/)
- [Codex CLI Features](https://developers.openai.com/codex/cli/features/)
- [Codex Security](https://developers.openai.com/codex/security/)

## Star Chart

[![Star History Chart](https://api.star-history.com/svg?repos=clduab11/codex-synaptic&type=Date)](https://star-history.com/#clduab11/codex-synaptic&Date)

## System Flow

```mermaid
flowchart LR
A["Codex App (macOS)"] -->|"Local / Worktree / Cloud"| B["codex-synaptic CLI"]
B --> C["Runtime Authority Guard"]
C --> D["Detached Daemon"]
C --> E["Local Session"]
D --> F["Dashboard / TUI Attach"]
E --> F
B --> G["MCP Profiles"]
G --> G1["mcp-filesystem"]
G --> G2["mcp-playwright"]
G --> G3["mcp-desktop-commander"]
B --> H["Bridge Layer"]
H --> I["External Swarm / MCP Endpoints"]
```

## Operator Command Deck
Codex-Synaptic is an **appliance-grade global CLI + daemon** for Codex on macOS. Install once, attach to any repository, run a deterministic launch gate, and only then execute bounded workflows.

```bash
# build
npm install
npm run build

# readiness
node dist/cli/index.js launch --json
node dist/cli/index.js launch --strict --json
node dist/cli/index.js doctor
node dist/cli/index.js doctor --strict --json

# daemon lifecycle
node dist/cli/index.js background start
node dist/cli/index.js background status
node dist/cli/index.js background attach --watch --interval 2000
node dist/cli/index.js background logs --tail 100
node dist/cli/index.js background restart --timeout 10000
node dist/cli/index.js background stop --timeout 10000

# live dashboard
node dist/cli/index.js tui --attach-daemon --interval 1000
node dist/cli/index.js tui --local --interval 1000

# MCP profiles and registration
node dist/cli/index.js env plan mcp-filesystem mcp-playwright mcp-desktop-commander
node dist/cli/index.js env docker-login mcp-filesystem mcp-playwright mcp-desktop-commander
node dist/cli/index.js env up mcp-filesystem mcp-playwright mcp-desktop-commander
node dist/cli/index.js env status mcp-filesystem mcp-playwright mcp-desktop-commander
node dist/cli/index.js env codex-register mcp-filesystem mcp-playwright mcp-desktop-commander --replace
```
## Product model

Non-interactive CLI commands run in one-shot mode by default (the process exits after command completion). Set `CODEX_CLI_AUTO_SHUTDOWN=0` only when you explicitly want to keep the in-process foreground session alive for debugging.
- **Codex is the cockpit**: app threads, VS Code extension, automations, approvals, and worktrees.
- **Synaptic is the engine room**: daemon lifecycle, readiness checks, MCP routing, telemetry, and release hygiene.
- **Launch Gate is the contract**: `codex-synaptic launch --strict --json` is the first command for every workflow.
- **Optional engines**:
- `ruflo` adapter (optional, capability upgrade only)
- `ruv-FANN` adapter (optional, capability upgrade only)

## Codex for macOS Workflow
## 5-minute first run

```bash
# Local mode
codex -C /absolute/path/to/codex-synaptic
# 1) Install globally
npm install -g codex-synaptic

# first-launch gate in this repo
codex-synaptic launch --json
# 2) Verify global CLI
codex-synaptic --help

# Worktree mode
git worktree add ../codex-synaptic-worktree -b codex/macos-ops
codex -C ../codex-synaptic-worktree
# 3) Attach current repository
codex-synaptic project attach .

# cloud task operations from CLI
codex cloud --help
```
# 4) Run deterministic launch gate
codex-synaptic launch --strict --json

```mermaid
flowchart LR
L["Local Mode"] --> V["Fast Iteration"]
W["Worktree Mode"] --> S["Parallel, Isolated Changes"]
C["Cloud Mode"] --> R["Remote Task Delegation"]
V --> O["Unified Review + Merge"]
S --> O
R --> O
# 5) Apply safe remediations (from fixes[].safeUnderSandbox=true), rerun launch
codex-synaptic launch --strict --json
```

## MCP Profiles Included

| Profile | Purpose | Safety posture |
| --- | --- | --- |
| `mcp-filesystem` | Repo/document access for Codex tasks | defaults to safe mode; controlled write can be explicitly enabled |
| `mcp-playwright` | Browser automation and verification | command-scoped runtime with health checks |
| `mcp-desktop-commander` | Desktop-level command bridge for external orchestration workflows | explicit profile startup + diagnostics before use |

## February 2026 Prompting Baseline
When `ok=true`, start your bounded workflow and produce a report artifact (diff summary, validation log, and follow-up backlog).

Use this structure for high-signal Codex tasks in this repo:

1. Mission: one objective.
2. Constraints: boundaries, safety controls, non-goals.
3. Acceptance criteria: objective pass/fail list.
4. Verification: exact commands and expected outcomes.
5. Deliverables: changed files, test evidence, residual risks.

## Security Posture (Codex-aligned)

Recommended defaults for version-controlled repos:
## Attach a new repository

```bash
codex --sandbox workspace-write --ask-for-approval on-request
cd /path/to/target-repo
codex-synaptic project attach .
codex-synaptic launch --strict --json
```

Use stricter read-only mode when auditing unfamiliar code:

```bash
codex --sandbox read-only --ask-for-approval on-request
```
Synaptic discovers and uses:

## Docs Index
- `AGENTS.md` for Codex instructions
- `.codex/config.toml` for Codex project config and MCP
- `.codex-synaptic/project.json` for Synaptic project-local behavior (optional)

- [macOS integration workflow](docs/guides/codex-macos-workflows.md)
- [MCP setup and profile catalog](docs/mcp/README.md)
- [Autoscaler/daemon runbook](docs/runbooks/autoscaler-daemon-coordination.md)
## Worktree + sandbox safety

## License
- Daemon state is global and **outside** repository/worktree paths (default: `~/.codex-synaptic`).
- Preferred sandbox for development and launch remediations: `workspace-write`.
- Launch report explicitly marks unsafe remediations with `safeUnderSandbox=false` and indicates minimal extra allowlist needs.

This project is licensed under **GNU Affero General Public License v3.0 (AGPL-3.0)**. See [LICENSE](LICENSE).
See:
- `docs/launch-gate.md`
- `docs/codex-usage.md`
- `docs/sandbox-and-rules.md`
50 changes: 50 additions & 0 deletions docs/codex-usage.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# Codex usage (macOS app, threads, automations, VS Code)

## Launch-first workflow

1. Open repository in Codex for macOS or Codex VS Code extension.
2. Run `codex-synaptic launch --strict --json`.
3. Apply safe fixes from `fixes[]`.
4. Re-run launch until `ok=true`.
5. Execute bounded workflow and publish a report artifact.

## Daily automation template

**Name:** Daily Launch Gate + Brief Report

```bash
codex-synaptic launch --strict --json > .codex-synaptic/reports/daily-launch.json
npm run build > .codex-synaptic/reports/daily-build.log 2>&1
npm run test > .codex-synaptic/reports/daily-test.log 2>&1
```

Output artifact: `.codex-synaptic/reports/daily-launch.json` + logs, committed or attached to thread.

## Nightly automation template

**Name:** Nightly Docs Drift / Friction Scan

```bash
codex-synaptic launch --strict --json > .codex-synaptic/reports/nightly-launch.json
git diff -- README.md AGENTS.md docs/ > .codex-synaptic/reports/nightly-docs-drift.diff || true
```

Output artifact: diff-ready drift report for next working day triage.

## Weekly automation template

**Name:** Weekly Release Preflight

```bash
codex-synaptic launch --strict --json > .codex-synaptic/reports/weekly-launch.json
npm run build > .codex-synaptic/reports/weekly-build.log 2>&1
npm run test > .codex-synaptic/reports/weekly-test.log 2>&1
```

Output artifact: preflight bundle for release thread/PR checklist.

## Worktree behavior

- Run automations in dedicated worktrees.
- Keep artifacts in project-local `.codex-synaptic/reports/`.
- Keep daemon runtime/state outside worktrees (`~/.codex-synaptic` by default).
44 changes: 44 additions & 0 deletions docs/launch-gate.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
# Launch Gate

`codex-synaptic launch --strict --json` is the deterministic readiness contract for this appliance.

## Strict JSON schema

```json
{
"ok": true,
"capabilities": ["..."],
"checks": [
{ "name": "...", "status": "pass|fail|warn", "detail": "..." }
],
"fixes": [
{ "why": "...", "command": "...", "safeUnderSandbox": true }
],
"nextActions": ["..."]
}
```

## Required checks

The gate emits at least:
- `runtime.node`
- `runtime.npm`
- `repo.dependencies`
- `repo.build`
- `repo.typecheck`
- `repo.test`
- `daemon.health`
- `mcp.config`
- `worktree.state_location`
- optional capability checks (`optional.ruflo`, `optional.ruv-fann`) as non-blocking warnings

## Remediation semantics

- `safeUnderSandbox=true` means the fix is expected to run under workspace-write.
- `safeUnderSandbox=false` means the fix needs additional host allowlist or elevated rules.
- Apply safe fixes first, rerun launch, and only then proceed to workflow execution.

## Failure handling contract

- In strict mode, the command exits non-zero when `ok=false`.
- Optional engines can downgrade capabilities but must not fail core boot.
37 changes: 37 additions & 0 deletions docs/sandbox-and-rules.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# Sandbox and rules

## Default mode

Use workspace-write by default:

```bash
codex --sandbox workspace-write --ask-for-approval on-request
```

## Safe command set

Safe under workspace-write for this repo:
- `codex-synaptic launch --strict --json`
- `codex-synaptic project attach <path>`
- `codex-synaptic background status|start|attach|logs|stop`
- `npm install`
- `npm run build`
- `npm run test`
- `npm exec tsc -- --noEmit`

## Commands that need extra allowlist

Mark as unsafe (`safeUnderSandbox=false`) and request minimal allowlist:
- `brew install ...`
- `npm install -g ...`
- Docker auth operations (`codex-synaptic env docker-login ...`)
- Any command requiring writes outside workspace scope

## Minimal approval guidance

When a command is unsafe, specify:
1. exact command
2. reason it needs elevated scope
3. smallest file/path/network allowance needed

Never require blanket full-access defaults.
Loading
Loading