build(deps): bump @openai/codex-sdk from 0.91.0 to 0.93.0 in /core

[dependabot]

Bumps @openai/codex-sdk from 0.91.0 to 0.93.0.

Release notes

Sourced from @​openai/codex-sdk's releases.

0.93.0

New Features

• Added an optional SOCKS5 proxy listener with policy enforcement and config gating. (#9803)
• Plan mode now streams proposed plans into a dedicated TUI view, plus a feature-gated /plan shortcut for quick mode switching. (#9786, #10103)
• Added /apps to browse connectors in TUI and $ insertion for app prompts. (#9728)
• App-server can now run in external auth mode, accepting ChatGPT auth tokens from a host app and requesting refreshes when needed. (#10012)
• Smart approvals are now enabled by default, with explicit approval prompts for MCP tool calls. (#10286, #10200)
• Introduced a SQLite-backed log database with an improved logs client, thread-id filtering, retention, and heuristic coloring. (#10086, #10087, #10150, #10151, #10229, #10228)

Bug Fixes

• MCP tool image outputs render reliably even when image blocks aren’t first or are partially malformed. (#9815)
• Input history recall now restores local image attachments and rich text elements. (#9628)
• File search now tracks session CWD changes and supports multi-root traversal with better performance. (#9279, #9939, #10240)
• Resuming a thread no longer updates updated_at until the first turn actually starts. (#9950)
• Shell snapshots no longer inherit stdin, avoiding hangs from startup scripts. (#9735)
• Connections fall back to HTTP when WebSocket proxies fail. (#10139)

Documentation

• Documented app-server AuthMode usage and behavior. (#10191)

Chores

• Upgraded the Rust toolchain to 1.93. (#10080)
• Updated pnpm versions used in the repo. (#9992, #10161)
• Bazel build and runfiles handling improvements, including remote cache compression. (#10079, #10098, #10102, #10104)

Changelog

Full Changelog: openai/codex@rust-v0.92.0...rust-v0.93.0

• #9988 nit: better tool description @​jif-oai
• #9991 nit: better unused prompt @​jif-oai
• #9994 chore: clean orchestrator prompt @​jif-oai
• #10001 backend-client: add get_config_requirements_file @​gt-oai
• #9992 update pnpm to 10.28.2 to address security issues @​mjr-openai
• #9993 description in role type @​jif-oai
• #9944 TUI footer: right-align context and degrade shortcut summary + mode cleanly @​charley-oai
• #9803 feat(network-proxy): add a SOCKS5 proxy with policy enforcement @​viyatb-oai
• #9950 fix(app-server, core): defer initial context write to rollout file until first turn @​owenlin0
• #10003 feat: make it possible to specify --config flags in the SDK @​bolinfest
• #9797 remove sandbox globals. @​iceweasel-oai
• #10009 chore: introduce *Args types for new() methods @​bolinfest
• #10011 really fix pwd for windows codex zip @​iceweasel-oai
• #10007 Remove load from SKILL.toml fallback @​alexsong-oai
• #10008 enable live web search for DangerFullAccess sandbox policy @​sayan-oai
• #9815 Fix: Render MCP image outputs regardless of ordering @​Kbediako
• #9654 Show OAuth error descriptions in callback responses @​blevy-oai
• #10030 Clarify external editor env var message @​joshka-oai
• #9949 Ask user question UI footer improvements @​charley-oai
• #9359 tui: stabilize shortcut overlay snapshots on WSL @​slkzgm
• #10040 fix: enable per-turn updates to web search mode @​sayan-oai

... (truncated)

Commits

• 9327e99 Fix minor typos in comments and documentation (#10287)
• 4d9ae3a fix: remove references to corepack (#10138)
• 894923e feat: make it possible to specify --config flags in the SDK (#10003)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[dependabot]

Superseded by #467.