Skip to content

feat(mcp): Add local mode support for Codex CLI#1109

Merged
cm-dyoshikawa merged 1 commit intodyoshikawa:mainfrom
r1bilski:codex-local-mcp
Feb 20, 2026
Merged

feat(mcp): Add local mode support for Codex CLI#1109
cm-dyoshikawa merged 1 commit intodyoshikawa:mainfrom
r1bilski:codex-local-mcp

Conversation

@r1bilski
Copy link
Copy Markdown
Collaborator

@r1bilski r1bilski commented Feb 18, 2026

This implements generating project-level config for mcp for codexcli.

closes #1103

dyoshikawa
dyoshikawa reviewed Feb 19, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@dyoshikawa dyoshikawa left a comment
edited by cm-dyoshikawa
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@r1bilski Thank you! I'll be glad if work on the points:

Code Review & Security Review

Code Review

Overall: Good - The implementation follows existing patterns (GeminiCliMcp, OpencodeMcp) well, and the intent is clear.

Issues to Address

  1. README.md not updated (High priority)

    • The Supported Tools and Features section still shows 🌏 🔧 (global-only) for Codex CLI's mcp column. Since this PR adds local mode support, it should be updated to ✅ 🌏 🔧.
    • This is also documented in feature-change-guidelines.md.

  2. Consider .codex/config.toml in gitignore.ts (Medium priority)

    • Other tools' MCP config files (.mcp.json, .gemini/settings.json, etc.) are added to gitignore, but .codex/config.toml is not.
    • If this is intentional (since config.toml may contain other Codex settings, similar to the isDeletable(): false reasoning), please document the rationale in the PR description.
    • Per feature-change-guidelines.md: "Evaluate whether gitignore.ts needs additions or changes in its generated output."

Minor Suggestions

  1. getSettablePaths parameter naming (Low priority)
    • Changing { global } to _options is inconsistent with other tools like GeminiCliMcp. Consider using { global: _global } or keeping the destructuring pattern for consistency.

Positives

  • readFileContentreadFileContentOrNull + smolToml.stringify({}) fallback is appropriate
  • isDeletable(): false follows the same pattern as GeminiCliMcp/OpencodeMcp — correct defensive design
  • Good test coverage: local mode full workflow integration test (fromFile → toRulesyncMcp → fromRulesyncMcp), E2E test, and isDeletable test added
  • Existing test bug fix (mcpServersmcp_servers reference) is a nice catch

Security Review

No security issues found. This PR is safe to merge from a security perspective.

  • Path traversal/injection: Only hardcoded relative paths (.codex, config.toml) are used. checkPathTraversal() exists as additional protection.
  • File system security: TOCTOU window in readFileContentOrNull is a pre-existing pattern across the project, with negligible risk in a CLI tool context.
  • TOML parsing: smolToml.parse() is a safe data parser with type checking in convertFromCodexFormat.
  • Global/local mode switch: Controlled by baseDir parameter — no new attack surface introduced.
  • Malicious code/backdoors: None detected.

🤖 Generated with Claude Code

dyoshikawa
dyoshikawa reviewed Feb 19, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@dyoshikawa dyoshikawa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review & Security Review

Code Review

Overall: Good - The implementation follows existing patterns (GeminiCliMcp, OpencodeMcp) well, and the intent is clear.

Issues to Address

  1. README.md not updated (High priority)

    • The Supported Tools and Features section still shows global-only for Codex CLI's mcp column. Since this PR adds local mode support, it should be updated accordingly.
    • This is also documented in feature-change-guidelines.md.

  2. Consider .codex/config.toml in gitignore.ts (Medium priority)

    • Other tools' MCP config files (.mcp.json, .gemini/settings.json, etc.) are added to gitignore, but .codex/config.toml is not.
    • If this is intentional (since config.toml may contain other Codex settings, similar to the isDeletable(): false reasoning), please document the rationale in the PR description.
    • Per feature-change-guidelines.md: "Evaluate whether gitignore.ts needs additions or changes in its generated output."

Minor Suggestions

  1. getSettablePaths parameter naming (Low priority)
    • Changing { global } to _options is inconsistent with other tools like GeminiCliMcp. Consider using { global: _global } or keeping the destructuring pattern for consistency.

Positives

  • readFileContent to readFileContentOrNull + smolToml.stringify({}) fallback is appropriate
  • isDeletable(): false follows the same pattern as GeminiCliMcp/OpencodeMcp - correct defensive design
  • Good test coverage: local mode full workflow integration test, E2E test, and isDeletable test added
  • Existing test bug fix (mcpServers to mcp_servers reference) is a nice catch

Security Review

No security issues found. This PR is safe to merge from a security perspective.

  • Path traversal/injection: Only hardcoded relative paths are used. checkPathTraversal() exists as additional protection.
  • File system security: TOCTOU window in readFileContentOrNull is a pre-existing pattern across the project, with negligible risk in a CLI tool context.
  • TOML parsing: smolToml.parse() is a safe data parser with type checking in convertFromCodexFormat.
  • Global/local mode switch: Controlled by baseDir parameter - no new attack surface introduced.
  • Malicious code/backdoors: None detected.

@r1bilski
Copy link
Copy Markdown
Collaborator Author

r1bilski commented Feb 19, 2026

Whoops, I forgot to update the docs :)
I resolved 1 and 2.

  1. I'd say is good as is. We're not using the options so I think it's slightly clearer to ignore the whole parameter instead of destructuring.

cm-dyoshikawa
cm-dyoshikawa approved these changes Feb 20, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@cm-dyoshikawa cm-dyoshikawa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, LGTM!

@cm-dyoshikawa cm-dyoshikawa merged commit 894fa63 into dyoshikawa:main Feb 20, 2026
6 checks passed
@r1bilski r1bilski deleted the codex-local-mcp branch March 2, 2026 10:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dyoshikawa dyoshikawa dyoshikawa left review comments

@cm-dyoshikawa cm-dyoshikawa cm-dyoshikawa approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add support for local mode mcp for codex

3 participants

@r1bilski @dyoshikawa @cm-dyoshikawa