build(deps): bump @openai/codex-sdk from 0.91.0 to 0.101.0 in /core

[dependabot]

Bumps @openai/codex-sdk from 0.91.0 to 0.101.0.

Release notes

Sourced from @​openai/codex-sdk's releases.

0.101.0

Bug Fixes

• Model resolution now preserves the requested model slug when selecting by prefix, so model references stay stable instead of being rewritten. (#11602)
• Developer messages are now excluded from phase-1 memory input, reducing noisy or irrelevant content entering memory. (#11608)
• Memory phase processing concurrency was reduced to make consolidation/staging more stable under load. (#11614)

Chores

• Cleaned and simplified the phase-1 memory pipeline code paths. (#11605)
• Minor repository maintenance: formatting and test-suite hygiene updates in remote model tests. (#11619)

Changelog

Full Changelog: openai/codex@rust-v0.100.0...rust-v0.101.0

• #11605 chore: drop and clean from phase 1 @​jif-oai
• #11602 fix(core) model_info preserves slug @​dylan-hurd-oai
• #11608 exclude developer messages from phase-1 memory input @​wendyjiao-openai
• #11591 Add cwd to memory files @​wendyjiao-openai
• #11614 chore: reduce concurrency of memories @​jif-oai
• #11619 fix: fmt @​jif-oai

0.101.0-alpha.1

Release 0.101.0-alpha.1

0.100.0

New Features

• Added an experimental, feature-gated JavaScript REPL runtime (js_repl) that can persist state across tool calls, with optional runtime path overrides. (#10674)
• Added support for multiple simultaneous rate limits across the protocol, backend client, and TUI status surfaces. (#11260)
• Reintroduced app-server websocket transport with a split inbound/outbound architecture, plus connection-aware thread resume subscriptions. (#11370, #11474)
• Added memory management slash commands in the TUI (/m_update, /m_drop) and expanded memory-read/metrics plumbing. (#11569, #11459, #11593)
• Enabled Apps SDK apps in ChatGPT connector handling. (#11486)
• Promoted sandbox capabilities on both Linux and Windows, and introduced a new ReadOnlyAccess policy shape for configurable read access. (#11381, #11341, #11387)

Bug Fixes

• Fixed websocket incremental output duplication, prevented appends after response.completed, and treated response.incomplete as an error path. (#11383, #11402, #11558)
• Improved websocket session stability by continuing ping handling when idle and suppressing noisy first-retry errors during quick reconnects. (#11413, #11548)
• Fixed stale thread entries by dropping missing rollout files and cleaning stale DB metadata during thread listing. (#11572)
• Fixed Windows multi-line paste reliability in terminals (especially VS Code integrated terminal) by increasing paste burst timing tolerance. (#9348)
• Fixed incorrect inheritance of limit_name when merging partial rate-limit updates. (#11557)
• Reduced repeated skill parse-error spam during active edits by increasing file-watcher debounce from 1s to 10s. (#11494)

Documentation

• Added JS REPL documentation and config/schema guidance for enabling and configuring the feature. (#10674)
• Updated app-server websocket transport documentation in the app-server README. (#11370)

Chores

• Split codex-common into focused codex-utils-* crates to simplify dependency boundaries across Rust workspace components. (#11422)
• Improved Rust release pipeline throughput and reliability for Windows and musl targets, including parallel Windows builds and musl link fixes. (#11488, #11500, #11556)

... (truncated)

Commits

• 703fb38 Make codex-sdk depend on openai/codex (#11503)
• 1dc06b6 fix: ensure resume args precede image args (#10709)
• 9327e99 Fix minor typos in comments and documentation (#10287)
• 4d9ae3a fix: remove references to corepack (#10138)
• 894923e feat: make it possible to specify --config flags in the SDK (#10003)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #490.