build(deps): bump @openai/codex-sdk from 0.91.0 to 0.94.0 in /core

[dependabot]

Bumps @openai/codex-sdk from 0.91.0 to 0.94.0.

Release notes

Sourced from @​openai/codex-sdk's releases.

0.94.0

New Features

• Plan mode is now enabled by default with updated interaction guidance in the plan prompt. (#10313, #10308, #10329)
• Personality configuration is now stable: default is friendly, the config key is personality, and existing settings migrate forward. (#10305, #10314, #10310, #10307)
• Skills can be loaded from .agents/skills, with clearer relative-path instructions and nested-folder markers supported. (#10317, #10282, #10350)
• Console output now includes runtime metrics for easier diagnostics. (#10278)

Bug Fixes

• Unarchiving a thread updates its timestamp so sidebar ordering refreshes. (#10280)
• Conversation rules output is capped and prefix rules are deduped to avoid repeated rules. (#10351, #10309)
• Override turn context no longer appends extra items. (#10354)

Documentation

• Fixed a broken image link in the npm README. (#10303)

Changelog

Full Changelog: openai/codex@rust-v0.93.0...rust-v0.94.0

• #10278 feat: show runtime metrics in console @​apanasenko-oai
• #10285 display promo message in usage error @​willwang-openai
• #10302 fix(nix): update flake for newer Rust toolchain requirements @​douglaz
• #10296 chore(features) remove Experimental tag from UTF8 @​dylan-hurd-oai
• #10303 Fix npm README image link @​fouad-openai
• #10306 chore(app-server) add personality update test @​dylan-hurd-oai
• #10308 plan mode prompt @​aibrahim-oai
• #10305 chore(core) Default to friendly personality @​dylan-hurd-oai
• #10307 feat(core,tui,app-server) personality migration @​dylan-hurd-oai
• #10313 enable plan mode @​aibrahim-oai
• #10120 feat: fire tracking events for skill invocation @​alexsong-oai
• #10317 feat: Support loading skills from .agents/skills @​gverma-openai
• #10282 Make skills prompt explicit about relative-path lookup @​xl-openai
• #10316 Add websocket telemetry metrics and labels @​apanasenko-oai
• #10314 chore(config) Rename config setting to personality @​dylan-hurd-oai
• #10310 chore(features) Personality => Stable @​dylan-hurd-oai
• #10320 Sync system skills from public repo @​gverma-openai
• #10322 Sync system skills from public repo for openai yaml changes @​gverma-openai
• #10323 fix(config) config schema newline @​dylan-hurd-oai
• #10329 Improve plan mode interaction rules @​charley-oai
• #10280 Bump thread updated_at on unarchive to refresh sidebar ordering @​charley-oai
• #10350 fix: System skills marker includes nested folders recursively @​gverma-openai
• #10351 fix(rules) Limit rules listed in conversation @​dylan-hurd-oai
• #10354 Do not append items on override turn context @​pakrym-oai
• #10309 fix(core) Deduplicate prefix_rules before appending @​dylan-hurd-oai
• #10373 chore(core) gpt-5.2-codex personality template @​dylan-hurd-oai
• #10375 fix(personality) prompt patch @​dylan-hurd-oai
• #10371 feat: vendor app-server protocol schema fixtures @​bolinfest

0.94.0-alpha.11

Release 0.94.0-alpha.11

... (truncated)

Commits

• 9327e99 Fix minor typos in comments and documentation (#10287)
• 4d9ae3a fix: remove references to corepack (#10138)
• 894923e feat: make it possible to specify --config flags in the SDK (#10003)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[dependabot]

Superseded by #468.