feat(workspace): attribute Codex and OpenCode workspaces

[IvGolovach]

Summary

Adds workspace attribution for Codex and OpenCode usage so --group-by workspace,model can show real workspace buckets for both clients when reliable source metadata is available.

Why

Codex and OpenCode were falling into the Unknown workspace bucket even when their session data already contained explicit workspace context. This change uses only reliable sources: Codex session_meta.cwd, OpenCode SQLite session.directory, and OpenCode JSON path.root.

Diff scope

Touched areas

• crates/tokscale-core/src/sessions/codex.rs: reads cwd from Codex session_meta, persists it in incremental parse state, and applies it to structured and headless usage rows.
• crates/tokscale-core/src/sessions/opencode.rs: reads workspace metadata from OpenCode SQLite sessions and explicit JSON path.root, with legacy SQLite fallback kept intact.
• crates/tokscale-core/src/message_cache.rs: bumps the source cache schema so stale cached rows without workspace metadata are not reused.
• crates/tokscale-cli/tests/cli_tests.rs: adds CLI coverage for Codex and OpenCode workspace/model grouping output.

Branch integrity

• Base branch: main
• origin/main SHA: edc8ed1fca49ec4a6936e4d4e15ca45dfd442b8e
• Ahead/behind: 1 ahead, 0 behind
• Merge-base SHA: edc8ed1fca49ec4a6936e4d4e15ca45dfd442b8e
• Fast-forward safety: git merge-base --is-ancestor origin/main HEAD returned exit code 0; origin/main is an ancestor of this branch.

Commit integrity

• 8fc78149ccb9a4369bb4da76809eaee6cf116c09 feat(workspace): attribute Codex and OpenCode workspaces
• One logical change per commit: yes.
• Ledger-Id trailer validation: Not applicable - scripts/ledger/ does not exist in this repository.
• Unique Ledger-Id for squash merge: Not applicable - scripts/ledger/ does not exist in this repository.

Ledger proof

Not applicable - scripts/ledger/ does not exist in this repository.

Diff hygiene

git diff --name-status origin/main...HEAD

M  crates/tokscale-cli/tests/cli_tests.rs
M  crates/tokscale-core/src/message_cache.rs
M  crates/tokscale-core/src/sessions/codex.rs
M  crates/tokscale-core/src/sessions/opencode.rs

git diff --check origin/main...HEAD

PASS, no output.

Forbidden-file confirmation

No .env files, local environment files, secrets, tokens, credentials, ops/reports/**, __pycache__/, *.pyc, .DS_Store, .coverage, htmlcov/, coverage.xml, build artifacts, cache files, unrelated generated files, or unrelated source changes are included.

Test proof

• bash scripts/check-version-coherence.sh: PASS, Version coherence OK: 2.0.27
• cargo test --workspace --all-features: PASS, 1131 passed, 2 ignored
• cargo fmt --all -- --check: PASS, no output
• cargo clippy -p tokscale-core --all-features -- -D warnings: PASS

Verification-pack proof

Not applicable - no infra, governance, replay, invariant, runbook, release, or verification-pack files changed.

Migration notes

Not applicable - no DB migration changed.

CI context confirmation

• Required generic contexts backend, frontend, and simulated-correctness-core: Not applicable - this Rust CLI repository does not define those contexts for this PR.
• Repository workflow context names unchanged.
• CI context names unchanged.
• Not applicable - no CI/workflow context changes.

Runtime safety

Reviewed runtime modules: crates/tokscale-core/src/sessions/codex.rs, crates/tokscale-core/src/sessions/opencode.rs, and crates/tokscale-core/src/message_cache.rs.

• No new blocking locks: parsing only attaches workspace metadata to already parsed messages.
• No new unbounded queues: no queueing or buffering model changed.
• No invariant removal: existing token parsing, deduplication, legacy OpenCode SQLite fallback, and unknown-workspace grouping remain intact.
• No invariant regression introduced.

Documentation integrity

Not applicable - no docs, runbooks, commands, or user-facing CLI syntax changed.

Rollback plan

• Squash merge rollback: git revert <post_merge_commit_sha>
• Replace <post_merge_commit_sha> with the final squash or merge commit SHA after merge.
• DB downgrade required: no.
• Data repair required: no.
• Operational caveats: source message cache schema is bumped; rollback may cause cache entries written by this branch to be ignored by older code and regenerated.

Known residual risks

• Local macOS full-workspace clippy could not be used as final proof because a transitive image dependency fails before project-code linting under the local clippy/dependency combination. Core clippy, full workspace tests, formatting, and diff hygiene all passed locally; GitHub CI remains the source of truth for the repository's full cargo clippy --workspace --all-features -- -D warnings job.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
tokscale	Ignored	Preview	Apr 29, 2026 2:00am

[cubic-dev-ai]

1 issue found across 4 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="crates/tokscale-core/src/sessions/opencode.rs">

<violation number="1" location="crates/tokscale-core/src/sessions/opencode.rs:162">
P2: Deduplicated SQLite messages can get nondeterministic workspace attribution because duplicate selection is order-dependent and query order is undefined.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}