Fix Windows provider startup and update issues

[riftzen-bit]

What changed

This fixes the Windows-specific provider failures I hit while running the desktop app locally:

• Resolve provider update executables before spawning them on Windows, so commands like npm install -g @openai/codex@latest run through the actual npm.cmd shim instead of failing with ChildProcess.spawn NotFound.
• Stop passing unsupported Codex service tiers through to codex app-server; unsupported values are now omitted instead of causing thread/start or turn/start failures.
• Fix the server build script so Windows paths with spaces do not get split by the shell.
• Tighten a few Windows-facing tests that were assuming POSIX-style paths or privileged symlink behavior.

Why

On Windows, the desktop app could start, but provider maintenance failed when the server tried to spawn npm directly. Node process spawning does not reliably resolve .cmd shims from a bare command name, which is exactly how npm is installed on Windows. The update runner now resolves the command path first and keeps the existing non-Windows behavior unchanged.

Validation

Ran after rebasing onto current origin/main:

• bun fmt
• bun lint (0 errors; existing warnings remain)
• bun typecheck
• bun run build
• bun --filter t3 test src/provider/providerMaintenanceRunner.test.ts src/provider/Layers/CodexSessionRuntime.test.ts
• bun --filter @t3tools/desktop test src/app/DesktopEnvironment.test.ts src/app/DesktopAppIdentity.test.ts
• bun --filter @t3tools/scripts test mock-update-server.test.ts
• bun --filter @t3tools/oxlint-plugin-t3code test

Note

Fix Windows provider startup and update command resolution

• Adds resolveProviderMaintenanceSpawnCommand in providerMaintenanceRunner.ts to resolve Windows command shims (e.g. npm.cmd) before spawning maintenance processes instead of using bare command names.
• Removes the shell: true workaround from the build script's child process invocation on Windows in cli.ts.
• Introduces normalizeCodexServiceTier in CodexSessionRuntime.ts to drop unsupported service tiers (anything other than 'fast' or 'flex') from thread and turn start payloads.
• Updates desktop path equality assertions in tests to normalize Windows-style paths before comparison.
• Behavioral Change: maintenance commands on Windows now spawn the resolved executable path directly rather than relying on shell lookup.

^{Macroscope summarized dba5fae.}

---

Note

Medium Risk
Moderate risk because it changes provider update process spawning (Windows-specific command resolution) and alters the payload sent to Codex by dropping unsupported serviceTier values, which could affect runtime behavior if assumptions were wrong.

Overview
Fixes several Windows-specific runtime issues around provider maintenance and Codex requests.

Provider updates now resolve Windows command shims (e.g. npm.cmd) via resolveProviderMaintenanceSpawnCommand before spawning, and the server build CLI stops forcing shell mode when running node --run build:bundle.

Codex session startup/turn payloads now only forward supported serviceTier values (fast/flex), omitting others to avoid thread/start and turn/start failures; tests were added/updated accordingly. Desktop and script tests were hardened for Windows by normalizing path comparisons and skipping symlink-escape assertions when symlinks can’t be created on Windows, and oxlint rule tests now use a longer per-test timeout.

^{Reviewed by Cursor Bugbot for commit dba5fae. Bugbot is set up for automated code reviews on this repo. Configure here.}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 5d07d45b-e1e1-4371-83c4-12a4a0ea487f

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR addresses multiple Windows-specific failures encountered when running the desktop app locally, primarily by improving how provider maintenance/update commands are spawned on Windows and by preventing unsupported Codex serviceTier values from being sent to codex app-server.

Changes:

• Resolve provider maintenance spawn commands on Windows to the concrete shim/executable path (e.g. npm.cmd) before spawning.
• Omit unsupported Codex serviceTier values from thread/start and turn/start payloads.
• Remove Windows shell: true usage from the server build CLI command (now uses process.execPath --run ...) and harden a set of Windows-sensitive tests.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
scripts/mock-update-server.test.ts	Skips symlink-escape assertion when symlink creation fails on Windows.
oxlint-plugin-t3code/test/utils.ts	Adds longer per-test timeout for oxlint rule harness tests.
apps/web/src/lib/archivedThreadsState.ts	Import reordering (no functional change).
apps/server/src/provider/providerMaintenanceRunner.ts	Adds Windows command-path resolution before spawning update processes.
apps/server/src/provider/providerMaintenanceRunner.test.ts	Adds/updates tests for Windows command shim resolution and resolved spawn commands.
apps/server/src/provider/Layers/CodexSessionRuntime.ts	Normalizes/filters serviceTier to supported values (fast/flex) before sending to Codex.
apps/server/src/provider/Layers/CodexSessionRuntime.test.ts	Adds coverage asserting unsupported tiers are omitted from Codex payloads.
apps/server/scripts/cli.ts	Removes shell: true workaround for Windows; uses process.execPath for build command.
apps/desktop/src/app/DesktopEnvironment.test.ts	Normalizes paths in assertions to be Windows-compatible.
apps/desktop/src/app/DesktopAppIdentity.test.ts	Normalizes Windows paths in assertions for user data directory.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[macroscopeapp]

Approvability

Verdict: Approved

Platform-specific bug fix for Windows with most changes in test files (path normalization, timeouts). Runtime changes are limited to Windows command resolution for spawning and filtering unsupported service tier values before API calls. Open review comments address test quality rather than production issues.

^{You can customize Macroscope's approvability policy. Learn more.}

[juliusmarminge]

this is fixed on main. was a breaking change in the app server contract where they started returning priority when the old shcema was a stricter union. now it's just string on the protocol.

depending on the codex version you're on you need to be on nightly or not of t3code though as the protocol change most likely hasn't gone out to latest yet