switch back into derive_exec_args

Author: dylan-hurd-oai

codex-rs/core/src/powershell.rs

@@ -7,12 +7,10 @@ use crate::shell::ShellType;
 use crate::shell::detect_shell_type;
 
 const POWERSHELL_FLAGS: &[&str] = &["-nologo", "-noprofile", "-command", "-c"];
-/// Prelude injected into PowerShell scripts to force UTF-8 stdout encoding.
-///
-/// This must stay in sync with similar constants in other crates (e.g. codex-apply-patch),
-/// since some parsers strip this prefix before analyzing scripts.
+
+/// Prefixed command for powershell shell calls to force UTF-8 console output.
 pub(crate) const UTF8_OUTPUT_PREFIX: &str =
-    "[Console]::OutputEncoding=[System.Text.Encoding]::UTF8;";
+    "[Console]::OutputEncoding=[System.Text.Encoding]::UTF8;\n";
 
 pub(crate) fn prefix_utf8_output(script: &str) -> String {
     let trimmed = script.trim_start();

codex-rs/core/src/shell.rs

@@ -3,6 +3,7 @@ use serde::Serialize;
 use std::path::PathBuf;
 use std::sync::Arc;
 
+use crate::powershell::prefix_utf8_output;
 use crate::shell_snapshot::ShellSnapshot;
 
 #[derive(Debug, PartialEq, Eq, Clone, Serialize, Deserialize)]
@@ -35,7 +36,12 @@ impl Shell {
 
     /// Takes a string of shell and returns the full list of command args to
     /// use with `exec()` to run the shell command.
-    pub fn derive_exec_args(&self, command: &str, use_login_shell: bool) -> Vec<String> {
+    pub fn derive_exec_args(
+        &self,
+        command: &str,
+        use_login_shell: bool,
+        powershell_utf8_enabled: bool,
+    ) -> Vec<String> {
         match self.shell_type {
             ShellType::Zsh | ShellType::Bash | ShellType::Sh => {
                 let arg = if use_login_shell { "-lc" } else { "-c" };
@@ -52,7 +58,11 @@ impl Shell {
                 }
 
                 args.push("-Command".to_string());
-                args.push(command.to_string());
+                if powershell_utf8_enabled {
+                    args.push(prefix_utf8_output(command));
+                } else {
+                    args.push(command.to_string());
+                }
                 args
             }
             ShellType::Cmd => {
@@ -408,7 +418,7 @@ mod tests {
 
     fn shell_works(shell: Option<Shell>, command: &str, required: bool) -> bool {
         if let Some(shell) = shell {
-            let args = shell.derive_exec_args(command, false);
+            let args = shell.derive_exec_args(command, false, false);
             let output = Command::new(args[0].clone())
                 .args(&args[1..])
                 .output()
@@ -429,11 +439,11 @@ mod tests {
             shell_snapshot: None,
         };
         assert_eq!(
-            test_bash_shell.derive_exec_args("echo hello", false),
+            test_bash_shell.derive_exec_args("echo hello", false, false),
             vec!["/bin/bash", "-c", "echo hello"]
         );
         assert_eq!(
-            test_bash_shell.derive_exec_args("echo hello", true),
+            test_bash_shell.derive_exec_args("echo hello", true, false),
             vec!["/bin/bash", "-lc", "echo hello"]
         );
 
@@ -443,11 +453,11 @@ mod tests {
             shell_snapshot: None,
         };
         assert_eq!(
-            test_zsh_shell.derive_exec_args("echo hello", false),
+            test_zsh_shell.derive_exec_args("echo hello", false, false),
             vec!["/bin/zsh", "-c", "echo hello"]
         );
         assert_eq!(
-            test_zsh_shell.derive_exec_args("echo hello", true),
+            test_zsh_shell.derive_exec_args("echo hello", true, false),
             vec!["/bin/zsh", "-lc", "echo hello"]
         );
 
@@ -457,20 +467,37 @@ mod tests {
             shell_snapshot: None,
         };
         assert_eq!(
-            test_powershell_shell.derive_exec_args("echo hello", false),
+            test_powershell_shell.derive_exec_args("echo hello", false, false),
+            vec![
+                "pwsh.exe".to_string(),
+                "-NoProfile".to_string(),
+                "-Command".to_string(),
+                "echo hello".to_string(),
+            ]
+        );
+        assert_eq!(
+            test_powershell_shell.derive_exec_args("echo hello", true, false),
+            vec![
+                "pwsh.exe".to_string(),
+                "-Command".to_string(),
+                "echo hello".to_string(),
+            ]
+        );
+        assert_eq!(
+            test_powershell_shell.derive_exec_args("echo hello", false, true),
             vec![
                 "pwsh.exe".to_string(),
                 "-NoProfile".to_string(),
                 "-Command".to_string(),
-                format!("echo hello"),
+                "[Console]::OutputEncoding=[System.Text.Encoding]::UTF8;\necho hello".to_string(),
             ]
         );
         assert_eq!(
-            test_powershell_shell.derive_exec_args("echo hello", true),
+            test_powershell_shell.derive_exec_args("echo hello", true, true),
             vec![
                 "pwsh.exe".to_string(),
                 "-Command".to_string(),
-                format!("echo hello"),
+                "[Console]::OutputEncoding=[System.Text.Encoding]::UTF8;\necho hello".to_string(),
             ]
         );
     }

codex-rs/core/src/shell_snapshot.rs

@@ -112,7 +112,7 @@ async fn run_shell_script_with_timeout(
     script: &str,
     snapshot_timeout: Duration,
 ) -> Result<String> {
-    let args = shell.derive_exec_args(script, true);
+    let args = shell.derive_exec_args(script, true, false);
     let shell_name = shell.name();
 
     // Handler is kept as guard to control the drop. The `mut` pattern is required because .args()

codex-rs/core/src/tasks/user_shell.rs

@@ -16,6 +16,7 @@ use crate::exec::StdoutStream;
 use crate::exec::StreamOutput;
 use crate::exec::execute_exec_env;
 use crate::exec_env::create_env;
+use crate::features::Feature;
 use crate::parse_command::parse_command;
 use crate::protocol::EventMsg;
 use crate::protocol::ExecCommandBeginEvent;
@@ -68,9 +69,12 @@ impl SessionTask for UserShellCommandTask {
         // allows commands that use shell features (pipes, &&, redirects, etc.).
         // We do not source rc files or otherwise reformat the script.
         let use_login_shell = true;
-        let command = session
-            .user_shell()
-            .derive_exec_args(&self.command, use_login_shell);
+        let powershell_utf8_enabled = session.features().enabled(Feature::PowershellUtf8);
+        let command = session.user_shell().derive_exec_args(
+            &self.command,
+            use_login_shell,
+            powershell_utf8_enabled,
+        );
 
         let call_id = Uuid::new_v4().to_string();
         let raw_command = self.command.clone();

codex-rs/core/src/tools/handlers/shell.rs

@@ -10,10 +10,8 @@ use crate::exec_policy::create_exec_approval_requirement_for_command;
 use crate::features::Feature;
 use crate::function_tool::FunctionCallError;
 use crate::is_safe_command::is_known_safe_command;
-use crate::powershell::prefix_utf8_output;
 use crate::protocol::ExecCommandSource;
 use crate::shell::Shell;
-use crate::shell::ShellType;
 use crate::tools::context::ToolInvocation;
 use crate::tools::context::ToolOutput;
 use crate::tools::context::ToolPayload;
@@ -46,9 +44,14 @@ impl ShellHandler {
 }
 
 impl ShellCommandHandler {
-    fn base_command(shell: &Shell, command: &str, login: Option<bool>) -> Vec<String> {
+    fn base_command(
+        shell: &Shell,
+        command: &str,
+        login: Option<bool>,
+        powershell_utf8_enabled: bool,
+    ) -> Vec<String> {
         let use_login_shell = login.unwrap_or(true);
-        shell.derive_exec_args(command, use_login_shell)
+        shell.derive_exec_args(command, use_login_shell, powershell_utf8_enabled)
     }
 
     fn to_exec_params(
@@ -57,14 +60,12 @@ impl ShellCommandHandler {
         turn_context: &TurnContext,
     ) -> ExecParams {
         let shell = session.user_shell();
-        let command_str = if matches!(shell.shell_type, ShellType::PowerShell)
-            && session.features().enabled(Feature::PowershellUtf8)
-        {
-            prefix_utf8_output(&params.command)
-        } else {
-            params.command.to_string()
-        };
-        let command = Self::base_command(shell.as_ref(), &command_str, params.login);
+        let command = Self::base_command(
+            shell.as_ref(),
+            &params.command,
+            params.login,
+            session.features().enabled(Feature::PowershellUtf8),
+        );
 
         ExecParams {
             command,
@@ -171,7 +172,8 @@ impl ToolHandler for ShellCommandHandler {
         serde_json::from_str::<ShellCommandToolCallParams>(arguments)
             .map(|params| {
                 let shell = invocation.session.user_shell();
-                let command = Self::base_command(shell.as_ref(), &params.command, params.login);
+                let command =
+                    Self::base_command(shell.as_ref(), &params.command, params.login, false);
                 !is_known_safe_command(&command)
             })
             .unwrap_or(true)
@@ -360,12 +362,18 @@ mod tests {
     }
 
     fn assert_safe(shell: &Shell, command: &str) {
-        assert!(is_known_safe_command(
-            &shell.derive_exec_args(command, /* use_login_shell */ true)
-        ));
-        assert!(is_known_safe_command(
-            &shell.derive_exec_args(command, /* use_login_shell */ false)
-        ));
+        assert!(is_known_safe_command(&shell.derive_exec_args(
+            command, /* use_login_shell */ true, false
+        )));
+        assert!(is_known_safe_command(&shell.derive_exec_args(
+            command, /* use_login_shell */ false, false
+        )));
+        assert!(is_known_safe_command(&shell.derive_exec_args(
+            command, /* use_login_shell */ true, true
+        )));
+        assert!(is_known_safe_command(&shell.derive_exec_args(
+            command, /* use_login_shell */ false, true
+        )));
     }
 
     #[tokio::test]
@@ -379,7 +387,7 @@ mod tests {
         let sandbox_permissions = SandboxPermissions::RequireEscalated;
         let justification = Some("because tests".to_string());
 
-        let expected_command = session.user_shell().derive_exec_args(&command, true);
+        let expected_command = session.user_shell().derive_exec_args(&command, true, false);
         let expected_cwd = turn_context.resolve_path(workdir.clone());
         let expected_env = create_env(&turn_context.shell_environment_policy);
 
@@ -415,17 +423,17 @@ mod tests {
         };
 
         let login_command =
-            ShellCommandHandler::base_command(&shell, "echo login shell", Some(true));
+            ShellCommandHandler::base_command(&shell, "echo login shell", Some(true), false);
         assert_eq!(
             login_command,
-            shell.derive_exec_args("echo login shell", true)
+            shell.derive_exec_args("echo login shell", true, false)
         );
 
         let non_login_command =
-            ShellCommandHandler::base_command(&shell, "echo non login shell", Some(false));
+            ShellCommandHandler::base_command(&shell, "echo non login shell", Some(false), false);
         assert_eq!(
             non_login_command,
-            shell.derive_exec_args("echo non login shell", false)
+            shell.derive_exec_args("echo non login shell", false, false)
         );
     }
 }

codex-rs/core/src/tools/handlers/unified_exec.rs

@@ -1,13 +1,11 @@
 use crate::features::Feature;
 use crate::function_tool::FunctionCallError;
 use crate::is_safe_command::is_known_safe_command;
-use crate::powershell::prefix_utf8_output;
 use crate::protocol::EventMsg;
 use crate::protocol::ExecCommandSource;
 use crate::protocol::TerminalInteractionEvent;
 use crate::sandboxing::SandboxPermissions;
 use crate::shell::Shell;
-use crate::shell::ShellType;
 use crate::shell::get_shell_by_model_provided_path;
 use crate::tools::context::ToolInvocation;
 use crate::tools::context::ToolOutput;
@@ -275,14 +273,7 @@ fn get_command(
     });
     let shell = model_shell.as_ref().unwrap_or(session_shell);
 
-    let command_str =
-        if matches!(shell.shell_type, ShellType::PowerShell) && powershell_utf8_enabled {
-            prefix_utf8_output(&args.cmd)
-        } else {
-            args.cmd.to_string()
-        };
-
-    shell.derive_exec_args(&command_str, args.login)
+    shell.derive_exec_args(&args.cmd, args.login, powershell_utf8_enabled)
 }
 
 fn format_response(response: &UnifiedExecResponse) -> String {

codex-rs/core/tests/common/lib.rs

@@ -220,7 +220,7 @@ pub fn sandbox_network_env_var() -> &'static str {
 }
 
 pub fn format_with_current_shell(command: &str) -> Vec<String> {
-    codex_core::shell::default_user_shell().derive_exec_args(command, true)
+    codex_core::shell::default_user_shell().derive_exec_args(command, true, false)
 }
 
 pub fn format_with_current_shell_display(command: &str) -> String {
@@ -229,7 +229,7 @@ pub fn format_with_current_shell_display(command: &str) -> String {
 }
 
 pub fn format_with_current_shell_non_login(command: &str) -> Vec<String> {
-    codex_core::shell::default_user_shell().derive_exec_args(command, false)
+    codex_core::shell::default_user_shell().derive_exec_args(command, false, false)
 }
 
 pub fn format_with_current_shell_display_non_login(command: &str) -> String {