Product Name: codexfy Platform: Windows (native-first) UI Framework: Flutter Desktop Backend Engine: OpenAI Codex App Server (stdio JSONL / JSON-RPC) Reference Architecture: CodexMonitor (client-driven app-server orchestration)
Build a lightweight, professional, native Windows desktop IDE for Codex that provides full agent power with strong user control, without Electron overhead and without requiring WSL.
This application is a first-class Codex client, not a CLI wrapper.
- Multi-workspace Codex usage
- One
codex app-serverper workspace - Thread discovery, resume, and management
- Streaming conversation timeline
- Safe diff review + apply/reject
- Approval & permission system
- Git awareness and rollback safety
- Strong diagnostics and fault tolerance
- Full code editor / LSP
- Integrated terminal emulator
- Team sync or cloud features
- WSL dependency
-
Protocol-first
- UI is driven by Codex app-server events, not CLI flags.
-
User-owned safety
- Codex proposes actions; the app reviews, approves, applies, and can undo.
-
Native Windows first
- Codex runs natively if possible.
- WSL is optional and deferred.
-
Recoverability over automation
- Every file or git change must be reversible.
-
Future-proofing
- Protocol schema generation and raw JSONL logging are mandatory.
-
One Codex app-server process per workspace
-
Each workspace manages:
- Threads
- Diffs
- Approvals
- Git state
- Flutter UI
- Codex Process Supervisor
- JSONL / JSON-RPC Client
- Workspace Manager
- Thread & Timeline Controller
- Diff & Apply Engine
- Git Integration Layer
- Policy / Permissions Engine
- Persistence Layer
- State management:
riverpod - Persistence:
isar(preferred) orhive - Folder picker:
file_picker - Paths:
path,path_provider - Secure storage:
flutter_secure_storage - Markdown rendering:
flutter_markdown - Syntax highlighting:
flutter_highlight(or equivalent) - Diff library:
diff_match_patchor similar
- Window management:
window_manager - Optional:
tray_manager
User Story: As a user, I want to know if Codex and Git are installed and usable.
Acceptance Criteria
- Detect Codex presence and version
- Detect Codex app-server availability
- Detect Git availability
- Missing dependencies show clear install instructions
- “Verify” button re-runs checks
- App never crashes due to missing dependencies
Checklist
- Detect
codex - Detect
codex app-server - Detect
git - User-configurable codex path
- Friendly error states
User Story: As a user, I want to export logs for debugging or support.
Acceptance Criteria
-
One-click ZIP export containing:
- App logs
- Codex stderr
- Raw JSONL protocol logs
-
Sensitive data redacted
Checklist
- Central logging
- JSONL protocol recorder
- ZIP export
User Story: As a user, I want to manage multiple repositories/workspaces.
Acceptance Criteria
-
Add/remove workspaces via folder picker
-
Persisted across restarts
-
Workspace list shows:
- Path
- Git branch
- Dirty status
- Last activity
Checklist
- Workspace model
- Persistent storage
- Workspace list UI
User Story: As a user, Codex should reliably run per workspace.
Acceptance Criteria
- One app-server per workspace
- Auto-restart on crash
- Exponential backoff on repeated failures
- Manual restart control
Checklist
- Process lifecycle manager
- Crash detection
- Restart logic
- Error UI
User Story: As a user, I want to see all Codex threads for a workspace.
Acceptance Criteria
- Call
thread/liston workspace open - Display threads with status indicators
Checklist
- Thread list request
- Thread metadata model
- UI rendering
User Story: As a user, I want to resume an existing thread.
Acceptance Criteria
- Selecting a thread calls
thread/resume - Timeline renders history
- Partial/missing data handled gracefully
Checklist
- Resume logic
- Timeline hydration
- Error tolerance
Acceptance Criteria
- Create new thread from UI
- Thread appears immediately
- First response streams correctly
Checklist
- New thread command
- UI update
User Story: As a user, I want to understand what Codex is doing.
Acceptance Criteria
-
Timeline renders:
- User messages
- Agent messages
- Tool calls
- Diffs
- Approval requests
- Errors
-
Streaming updates are live
-
Filter and search supported
Checklist
- Unified event model
- Streaming UI
- Filters
- Search
Acceptance Criteria
- Toggleable raw JSONL view
- Read-only
- Helps diagnose protocol changes
Checklist
- JSONL viewer panel
User Story: As a user, I want to review code changes before applying them.
Acceptance Criteria
- Grouped by thread and file
- Side-by-side diff view
- Apply / Reject per change
Checklist
- Change model
- Diff renderer
- Change list UI
Acceptance Criteria
- Safe file writes
- Git-backed undo when repo exists
- Conflict detection
Checklist
- Apply logic
- Git restore fallback
- Conflict detection
User Story: As a user, I want to approve risky actions.
Acceptance Criteria
- File writes, commands, git ops require approval
- Clear context shown
- Allow-once / allow-always options
Checklist
- Approval UI
- Policy persistence
Acceptance Criteria
-
Per-workspace:
- Read-only mode
- Allowed paths
- Allowed commands
-
Editable and persistent
Checklist
- Policy editor
- Enforcement logic
User Story: As a user, I want to see repository status.
Acceptance Criteria
- Show staged/unstaged/untracked
- Updates after changes
- Non-fatal errors
Checklist
- Git root detection
- Status parsing
Acceptance Criteria
- Show diffs via git
- Restore with confirmation
Checklist
- Diff view
- Restore action
Acceptance Criteria
- Large repos remain responsive
- Heavy work runs off UI thread
- Lists virtualized
Checklist
- Isolates
- Virtualized lists
Acceptance Criteria
- Survives Codex crashes
- Survives partial protocol messages
- Clear user-facing errors
Checklist
- Error boundaries
- Recovery UI
Acceptance Criteria
- Secrets stored via OS secure storage
- No plaintext secrets on disk
Checklist
- Secure storage integration
Acceptance Criteria
- All applied changes and approvals logged
- Logs are human-readable
Checklist
- Audit log model
- Viewer UI
- Workspace registry
- Codex process supervisor
- Thread list & resume
- Raw protocol logging
- Activity timeline
- Diff model
- Apply/reject workflow
- Approval engine
- Git status & undo
- Performance tuning
- Diagnostics export
- Error recovery UX
- Settings & policy UI
- Embedded editor / LSP
- Multi-agent dashboard
- Remote Codex daemon
- GitHub PR & Issues integration
- Plugin system
- WSL compatibility mode
- Team collaboration
These must not influence core architecture.
- App runs for hours without leaks
- No data loss on crash
- All Codex actions are reviewable and reversible
- Clear upgrade path for protocol changes
- Windows users do not need WSL
Build incrementally. Validate each epic before moving forward. Log everything. Prefer safety and clarity over automation. Never assume protocol stability.