[codex-analytics] add tool item event schemas#17089
Draft
rhan-oai wants to merge 3 commits intorhan/app-server-item-timingfrom
Draft
[codex-analytics] add tool item event schemas#17089rhan-oai wants to merge 3 commits intorhan/app-server-item-timingfrom
rhan-oai wants to merge 3 commits intorhan/app-server-item-timingfrom
Conversation
This was referenced Apr 8, 2026
rhan-oai
force-pushed
the
pr17089
branch
9 times, most recently
from
68d22f3 to
fa81361
Compare
rhan-oai
changed the title
rhan-oai
force-pushed
the
pr17089
branch
7 times, most recently
from
888f26a to
ecd06cb
Compare
This was referenced Apr 20, 2026
rhan-oai
force-pushed
the
pr17089
branch
3 times, most recently
from
90ea95d to
a65b88c
Compare
rhan-oai
force-pushed
the
pr17089
branch
2 times, most recently
from
06888b6 to
7dbe287
Compare
rhan-oai
force-pushed
the
codex/thread-analytics-state
branch
from
ff2f306 to
54756f4
Compare
rhan-oai
force-pushed
the
codex/thread-analytics-state
branch
from
54756f4 to
4340ce1
Compare
rhan-oai
added a commit
that referenced
this pull request
Apr 29, 2026
## Why Codex analytics needs a typed seam for app-server-originated request/response traffic so future tool-approval analytics can consume those facts without adding bespoke callsite tracking each time. Server responses arrive as JSON-RPC `id + result` payloads, so analytics has to reconstruct the matching typed response from the original typed request while that request context still exists in app-server. This also puts analytics on the app-server outbound path, which needs to avoid keeping the runtime alive during shutdown. The final ownership fix keeps the normal strong auth-manager retention in analytics and makes the external-auth refresh bridge hold a weak back-reference to `OutgoingMessageSender`, breaking the runtime cycle at the bridge boundary instead of exposing retention policy through the analytics client API. ## What changed - Adds typed `ServerRequest` and `ServerResponse` analytics facts, plus `AnalyticsEventsClient::track_server_request` and `track_server_response`. - Renames the existing client-side facts to `ClientRequest` and `ClientResponse` so reducers can distinguish client-to-server traffic from server-to-client traffic. - Adds `ServerRequest::response_from_result`, allowing a stored typed request to decode the matching typed server response from a raw JSON-RPC result payload. - Threads `AnalyticsEventsClient` through `OutgoingMessageSender` and records targeted server requests, replayed targeted requests, and matching targeted responses with the responding connection id needed for correlation. - Intentionally leaves broadcast server requests/responses out of analytics for now because the current model is per connection, while broadcasts fan one logical request out across multiple connections. - Breaks the app-server shutdown cycle by storing `Weak<OutgoingMessageSender>` in `ExternalAuthRefreshBridge` and upgrading it only when an external-auth refresh is actually requested. - Keeps reducer ingestion of the new server-side facts as no-ops for now; this PR is plumbing for later tool-approval analytics work. ## Verification - `cargo test -p codex-analytics` - `cargo test -p codex-app-server outgoing_message::tests::` - Covers typed-response reconstruction plus the targeted, replayed, broadcast-exclusion, and response-attribution analytics paths. ## Follow-up This PR intentionally stops at ingestion plumbing, so `ServerRequest` and `ServerResponse` facts are still reducer no-ops. Once a follow-up PR adds real downstream analytics output for those facts: - replace the temporary pre-reducer observation seam with reducer tests for the emitted event shape; - add end-to-end coverage in `app-server/tests/suite/v2/analytics.rs` for the real app-server workflow and captured analytics payload; - remove the temporary sender-level observer tests added here in favor of the real-output coverage above. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/17088). * #18748 * #18747 * #17090 * #17089 * #20241 * #20239 * __->__ #17088
rhan-oai
force-pushed
the
codex/thread-analytics-state
branch
2 times, most recently
from
b39f92b to
4340ce1
Compare
rhan-oai
force-pushed
the
codex/thread-analytics-state
branch
from
4340ce1 to
f1478ed
Compare
rhan-oai
force-pushed
the
codex/thread-analytics-state
branch
from
f1478ed to
9412dae
Compare
rhan-oai
force-pushed
the
codex/thread-analytics-state
branch
from
9412dae to
96f46a2
Compare
rhan-oai
force-pushed
the
codex/thread-analytics-state
branch
3 times, most recently
from
c2e3246 to
ffbe9fe
Compare
This was referenced Apr 30, 2026
This was referenced Apr 30, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
Tool analytics need stable, typed payloads before the later lifecycle reducer starts emitting them. Keeping the event schema definitions isolated in their own PR makes the emitted surface reviewable separately from the reducer logic that produces those events.
What changed
TrackEventRequestwith the corresponding tool-item variants.Verification
cargo test -p codex-analyticsStack created with Sapling. Best reviewed with ReviewStack.