fix: [codex-harness] parse Desktop app-server user agents

[cyrusaf]

Summary

• Bug fix for the Codex bundled plugin/app-server integration.
• OpenClaw now accepts supported Codex app-server versions when initialize returns a Desktop-originated user agent such as Codex Desktop/0.118.0 (...).
• The 0.118.0 minimum version gate is unchanged. CLI-shaped user agents still parse, and missing or malformed versions still fail closed.

Context

Codex app-server reports its version in the leading user-agent product field: <originator>/<codex-version> ....

When OpenClaw spawns the app-server from a normal CLI-style environment, the originator can be a no-whitespace token such as openclaw, which matched the existing parser and tests. When OpenClaw runs from a Codex Desktop-originated environment, it inherits CODEX_INTERNAL_ORIGINATOR_OVERRIDE=Codex Desktop; the same app-server then reports a leading product like Codex Desktop/0.118.0 (...).

That Desktop originator is valid for the app-server, but OpenClaw treated it as unknown because the parser rejected whitespace before /.

Root Cause

readCodexVersionFromUserAgent() required the product/originator before / to match a no-whitespace token. That made Codex Desktop/0.118.0 return undefined, which tripped the compatibility diagnostic even though the version itself satisfied the minimum.

The fix parses the leading slash-delimited semver while allowing spaces in the originator. It still requires a semver-like version and a clean delimiter/end boundary after the version.

Testing

• pnpm test extensions/codex/src/app-server/client.test.ts
• pnpm test extensions/codex/src/app-server/shared-client.test.ts extensions/codex/src/app-server/models.test.ts extensions/codex/src/app-server/transport-websocket.test.ts
• pnpm check via scripts/committer

Manual Verification

• In a Codex Desktop-originated environment with CODEX_INTERNAL_ORIGINATOR_OVERRIDE=Codex Desktop, a real local codex app-server --listen stdio:// initialize response returned Codex Desktop/0.118.0 (Mac OS 26.4.0; arm64) dumb (openclaw; e2e-local).
• OpenClaw's built app-server client initialized successfully against that server and listCodexAppServerModels() returned models.

Security / Compatibility

No new permissions, token handling, network calls, command execution surface, config/env changes, or migration. Backward compatible.

[greptile-apps]

Greptile Summary

This PR fixes a version-parsing bug in readCodexVersionFromUserAgent() where user agents with a multi-word originator such as Codex Desktop/0.118.0 were silently rejected because the old regex required the originator to be a no-whitespace token. The fix widens [^/\s]+ to [^/]+ and adds a post-version boundary assertion ((?:[\s(]|$)), incidentally also closing a gap where malformed versions like 0.118.0abc would previously have been accepted and returned as "0.118.0".

Confidence Score: 5/5

Safe to merge — minimal, targeted regex fix with comprehensive tests for both the new positive case and new negative edge cases.

All findings are P2 or lower. The regex change is correct, backward-compatible, and more spec-compliant than the old version. New tests cover the fixed case and the previously unguarded boundary condition.

No files require special attention.

_{Reviews (1): Last reviewed commit: "Codex: parse Desktop app-server user age..." | Re-trigger Greptile}

[jankutschera]

Not a direct match, but possibly related. I filed #64744 for a silent hang in the same codex harness initialize() path on v2026.4.10 (macOS, codex-cli 0.118.0 & 0.120.0).

Symptoms are adjacent but different:

	This PR (#64666)	My report (#64744)
Trigger	CODEX_INTERNAL_ORIGINATOR_OVERRIDE set (e.g. Codex Desktop)	CODEX_INTERNAL_ORIGINATOR_OVERRIDE not set
Failure mode	Thrown error: "OpenClaw could not determine the running Codex version"	Infinite silent hang, no error, no log
Detection	Parser regex rejects userAgent with space	Parser never runs; initialize request never resolves

Both point at the same underlying fragility: CodexAppServerClient.initialize() at dist/harness-uOoDA-Wv.js:380 calls this.request("initialize", ...) without any timeoutMs, so the request() timeout branch at line 419 is skipped. Any failure on the response side — parser throw (your case), request/response id mismatch, silent stdout drop, unhandled rejection — becomes an infinite hang with no diagnostic output.

Your fix (correcting the parser) resolves one concrete cause. A companion change that also passes a bounded timeoutMs into the initialize request would turn all remaining latent failure modes into actionable initialize timed out errors instead of silent hangs. Happy to open a follow-up PR for that if it's useful.

In my case I've verified the underlying handshake works: manual (echo '{"jsonrpc":"2.0","id":1,"method":"initialize",...}'; sleep 2) | codex app-server --listen stdio:// returns a clean response with a well-formed userAgent (openclaw/0.118.0 (Mac OS 26.4.0; arm64) ...). So whatever is breaking is specific to how OpenClaw wires up the spawned subprocess's stdio or response correlation — which is exactly the place where a missing timeout turns a minor bug into an invisible one.

Details + full repro in #64744.

[steipete]

Landed via temp rebase onto main.

• Gate: pnpm test extensions/codex/src/app-server/client.test.ts extensions/codex/src/app-server/shared-client.test.ts extensions/codex/src/app-server/models.test.ts extensions/codex/src/app-server/transport-websocket.test.ts; pnpm test src/agents/tools/pdf-tool.model-config.test.ts src/agents/tools/pdf-tool.helpers.test.ts; pnpm check; pnpm build; GitHub checks green.
• Land commits: 728295c046, 99dfc1b616, 892baf2e81
• Merge commit: 892baf2e81

Thanks @cyrusaf!