{"slug":"coding-agents","name":"Coding Agents","description":"AI pair programmers and autonomous coding agents — IDE-integrated assistants and cloud agents that read, edit, and ship code.","isFeatured":true,"members":[{"kind":"product","slug":"claude-code","name":"Claude Code","description":"AI coding agent for the terminal and IDE","org":{"slug":"anthropic","name":"Anthropic","domain":"anthropic.com","avatarUrl":"https://media.releases.sh/orgs/anthropic.png","githubHandle":"anthropics"}},{"kind":"product","slug":"codex","name":"Codex","description":null,"org":{"slug":"openai","name":"OpenAI","domain":"openai.com","avatarUrl":"https://media.releases.sh/orgs/openai.png","githubHandle":"openai"}},{"kind":"org","slug":"cursor","name":"Cursor","domain":"cursor.com","avatarUrl":"https://media.releases.sh/orgs/cursor.png","githubHandle":"getcursor","description":"AI-powered code editor built on VS Code that integrates large language models directly into the development workflow."},{"kind":"product","slug":"github-copilot","name":"GitHub Copilot","description":null,"org":{"slug":"github","name":"GitHub","domain":"github.com","avatarUrl":"https://media.releases.sh/orgs/github.png","githubHandle":"github"}},{"kind":"product","slug":"devin","name":"Devin","description":null,"org":{"slug":"cognition","name":"Cognition","domain":"cognition.ai","avatarUrl":"https://media.releases.sh/orgs/cognition.png","githubHandle":"Cognition-ai"}},{"kind":"org","slug":"windsurf","name":"Windsurf","domain":"windsurf.com","avatarUrl":"https://media.releases.sh/orgs/windsurf.png","githubHandle":"Exafunction","description":"AI-powered code editor that keeps developers in flow state with local and cloud coding agents."}],"orgs":[{"slug":"cursor","name":"Cursor","domain":"cursor.com","avatarUrl":"https://media.releases.sh/orgs/cursor.png","githubHandle":"getcursor","description":"AI-powered code editor built on VS Code that integrates large language models directly into the development workflow."},{"slug":"windsurf","name":"Windsurf","domain":"windsurf.com","avatarUrl":"https://media.releases.sh/orgs/windsurf.png","githubHandle":"Exafunction","description":"AI-powered code editor that keeps developers in flow state with local and cloud coding agents."}],"releases":[{"id":"rel_OlVXj5Cj47FgjHJZQl7zn","version":"v2.1.148","type":"feature","title":"v2.1.148","summary":"Fixed a regression introduced in 2.1.147 where the Bash tool was returning exit code 127 on every command for some users.","titleGenerated":"Claude Code v2.1.148 fixes Bash tool exit code 127 regression","titleShort":"Bash tool exit code 127 regression fixed","content":"## What's changed\n\n- Fixed the Bash tool returning exit code 127 on every command for some users (a regression introduced in 2.1.147)\n","publishedAt":"2026-05-22T01:16:52.000Z","url":"https://code.claude.com/docs/en/changelog#2-1-148","media":[],"prerelease":false,"source":{"slug":"claude-code","name":"Claude Code","type":"scrape"},"org":{"slug":"anthropic","name":"Anthropic"},"product":{"slug":"claude-code","name":"Claude Code"},"coverageCount":0},{"id":"rel_taDieQOnTX4-gXazi5aA5","version":"v2.1.147","type":"feature","title":"v2.1.147","summary":"Added the Workflow tool for deterministic multi-agent orchestration, disabled by default via CLAUDE_CODE_WORKFLOWS=1. Hardened REPL and Workflow tool sandboxes against prototype-pollution and thenable-based escapes. Renamed /simplify to /code-review with configurable effort levels and GitHub PR comment support; the old cleanup-and-fix behavior is removed. Pinned background sessions now persist when idle and restart in-place for updates. Plus dozens of smaller fixes across shell snapshots, PowerShell tool output, Windows Terminal rendering, and plugin management.","titleGenerated":"Claude Code v2.1.147 adds Workflow tool and hardens sandbox security","titleShort":"Workflow tool for multi-agent orchestration; sandbox escapes hardened","content":"## What's changed\n\n- Added the `Workflow` tool for deterministic multi-agent orchestration. It is off by default — set `CLAUDE_CODE_WORKFLOWS=1` to enable\n- Pinned background sessions (`Ctrl+T` in `claude agents`) now stay alive when idle, are restarted in place to apply Claude Code updates, and are shed under memory pressure only after non-pinned sessions\n- Renamed `/simplify` to `/code-review`. It now reports correctness bugs at a chosen effort level (e.g., `/code-review high`); pass `--comment` to post findings as inline GitHub PR comments. The old cleanup-and-fix behavior has been removed\n- Hardened REPL and Workflow tool sandboxes against prototype-pollution and thenable-based escapes\n- Improved auto-updater: retries transient network failures, reports specific error categories and OS error codes on failure, and shows the current version when an update fails\n- Improved diff rendering performance for large file edits\n- Prompt history no longer records consecutive duplicate entries — recalling a prompt with arrow-up and submitting it again won't add another copy\n- Fixed enterprise login restrictions (`forceLoginOrgUUID` and `forceLoginMethod` managed-settings) not being enforced against third-party-provider and API-key sessions\n- Fixed `&` in `!` command output displaying as `&amp;`, which broke copy-pasting URLs from commands like `gcloud auth login` on headless machines\n- Fixed unknown slash commands silently doing nothing in headless/SDK mode — they now show an error message\n- Fixed `/help` rendering a broken tab header and showing only one command per page on small terminals when not in fullscreen mode\n- Fixed shell snapshot dropping user functions whose names start with a single underscore, which broke aliases referencing them\n- Fixed plugin agents that declare multiple `Agent(...)` types in `tools:` frontmatter dropping all but the last entry\n- Fixed hook `if` conditions like `PowerShell(git push*)` never matching — only `PowerShell(*)` worked\n- Fixed PowerShell tool dropping output for commands that rely on the default formatter\n- Fixed: on Windows, \"Yes, and don't ask again\" for a PowerShell script invocation now writes a rule that actually matches on subsequent runs\n- Fixed PowerShell tool failing on Windows with exit code 1 when `pwsh` is installed via winget or the Microsoft Store\n- Fixed `/effort` opening with the slider on the wrong level — it now starts at your current effort\n- Fixed paginating MCP servers dropping resources, templates, and prompts past page 1\n- Fixed full-screen strobing in attached background sessions on Windows Terminal while Claude is streaming\n- Fixed: on Windows, removing a background-job worktree no longer follows NTFS junctions into the main repo\n- Fixed `/background` refusing sessions whose only typed input was a skill or custom slash command\n- Fixed auto mode suppressing `AskUserQuestion` when the user or a skill explicitly relies on it; the auto-mode classifier now sees the user's answers as intent signal\n- Fixed `/theme` \"New custom theme\" and color editor dialogs not responding to Esc\n- Fixed an uncaught exception at the end of streaming sessions when running via the Agent SDK\n- Fixed a rare hang when waiting for scroll to settle on Windows\n- Fixed stale and doubled rows in the agent view list on Windows when background session results contain wide (CJK) characters\n- Fixed pasted text being delivered to agents as an unreadable `[Pasted text #N]` placeholder instead of the actual content\n- Fixed plugin component counts in `claude plugin details` and `/plugin` being doubled when a plugin's manifest listed paths overlapping its default directories\n- Fixed backgrounded sessions re-prompting for tool permissions you already granted with \"don't ask again\"\n- Fixed GNOME Terminal right-click and middle-click paste not inserting text\n- Fixed `CLAUDE_CODE_SUBAGENT_MODEL` not applying to teammate processes spawned by agent teams\n- Fixed slash commands followed by a tab or newline being treated as an unknown command\n- Fixed several spacing and layout glitches in the `/plugin`, `/status`, `/mobile`, `/sandbox`, and `/permissions` menus\n- Fixed stripped images prompting the model to repeatedly re-read media that was no longer present\n","publishedAt":"2026-05-21T20:39:22.000Z","url":"https://code.claude.com/docs/en/changelog#2-1-147","media":[],"prerelease":false,"source":{"slug":"claude-code","name":"Claude Code","type":"scrape"},"org":{"slug":"anthropic","name":"Anthropic"},"product":{"slug":"claude-code","name":"Claude Code"},"coverageCount":0},{"id":"rel_7xjEpeW_oIjF6o1lESKp0","version":"v2.1.146","type":"feature","title":"v2.1.146","summary":"Fixed a Windows PowerShell tool regression where commands would fail with \"command line is invalid\" when pwsh is installed via winget or the Microsoft Store, and MCP resources/list, resources/templates/list, and prompts/list endpoints dropping items past page 1 on paginating servers. Also renamed /simplify to /code-review with optional effort levels, fixed full-screen strobing in attached background sessions on Windows Terminal, and improved auto-updater reliability with transient network failure retries.","titleGenerated":"Claude Code v2.1.146 fixes PowerShell tool and MCP pagination issues","titleShort":"PowerShell tool works with winget/Store; MCP pagination fixed","content":"## What's changed\n\n- Renamed `/simplify` to `/code-review` with an optional effort level (e.g. `/code-review high`)\n- Auto mode no longer suppresses `AskUserQuestion` when the user or a skill explicitly relies on it\n- Fixed Windows PowerShell tool failing with \"command line is invalid\" when `pwsh` is installed via winget or the Microsoft Store (regression in v2.1.124)\n- Fixed MCP `resources/list`, `resources/templates/list`, and `prompts/list` dropping items past page 1 on paginating servers\n- Fixed full-screen strobing in attached background sessions on Windows Terminal while Claude is streaming\n- Fixed the auto-updater status line not showing your current version when an update fails\n- Fixed on Windows, removing a background-job worktree no longer follows NTFS junctions into the main repo\n- Fixed `/background` refusing sessions whose only typed input was a skill or custom slash command\n- Fixed backgrounded sessions re-prompting for tool permissions you already granted with \"don't ask again\"\n- Fixed `/theme` color editor and \"New custom theme\" dialogs not responding to Esc\n- Fixed an uncaught exception at the end of streaming sessions when running via the Agent SDK\n- Fixed `forceLoginOrgUUID` and `forceLoginMethod` managed-settings policies not being enforced against third-party-provider and API-key sessions\n- Fixed GNOME Terminal right-click and middle-click paste not inserting text\n- Fixed `CLAUDE_CODE_SUBAGENT_MODEL` not being forwarded to child processes in multi-agent sessions\n- Improved auto-updater reliability: native version checks and downloads now retry transient network failures instead of failing immediately\n- Improved diff rendering performance for large file edits\n","publishedAt":"2026-05-21T01:51:52.000Z","url":"https://code.claude.com/docs/en/changelog#2-1-146","media":[],"prerelease":false,"source":{"slug":"claude-code","name":"Claude Code","type":"scrape"},"org":{"slug":"anthropic","name":"Anthropic"},"product":{"slug":"claude-code","name":"Claude Code"},"coverageCount":0},{"id":"rel_oTB6ALg9k686yOLzrEJYh","version":null,"type":"feature","title":"Appshots, goal mode, and more","summary":"Appshots are now available on macOS, allowing you to send the frontmost app window to Codex with a screenshot and available text by pressing both Command keys. Goal mode is no longer experimental and is available in the Codex app, IDE extension, and CLI. Remote computer use is now available, enabling Codex to use desktop apps after your Mac locks, including via Codex Mobile with safeguards such as short-lived authorization and covered displays. Also added plugin sharing through marketplace sources for ChatGPT Business, advanced in-app browser annotations for styling feedback, and browser-use improvements including faster image asset downloading, more effective structured data extraction, and improved reliability across Windows and other regions.","titleGenerated":"Codex adds appshots, promotes goal mode to general availability, and enables remote computer use","titleShort":"Appshots launch; goal mode exits beta; remote computer use enabled","content":"\\# Appshots, goal mode, and more \\[Appshots\\](/codex/appshots) are now available in the Codex app on macOS. Press both Command keys to send the frontmost app window to Codex with a screenshot and available text, so Codex can work from context in another app without you copying, pasting, or describing it manually. This launch also includes: - \\[Goal mode\\](/codex/prompting#goal-mode) is no longer an experimental feature and is available in the Codex app, IDE extension, and CLI. With Goal mode, you can have Codex drive toward a specific objective for hours or even days. - \\[Remote computer use\\](/codex/app/computer-use#locked-use), so Codex can use desktop apps after your Mac locks, including remotely via Codex Mobile. Codex scopes locked use to active, trusted computer use turns and includes safeguards such as short-lived authorization, covered displays, relock on local input, and manual-unlock fallback. - \\[Plugin sharing\\](/codex/plugins/build#share-a-local-plugin-with-your-workspace) through marketplace sources is available for ChatGPT Business. Enterprise support is coming soon. Teams can distribute reusable plugin bundles that include skills, app integrations, and MCP servers. - \\[Advanced in-app browser annotations\\](/codex/app/browser#styling-feedback) let you tweak styling such as font size, colors, and spacing directly using annotations. This gives Codex a clearer signal for changes. - Browser-use improvements across in-app browser & Chrome: - Codex can now download and extract all image assets from a page much more quickly. - Codex can now extract structured data from pages more effectively and find information more quickly with a read-only JS sandbox. - Chrome extension will create less clutter when using it. Codex will no longer create tab groups when taking over existing tabs, and at the end of a task for handoff. Instead, it uses tab icons to indicate status. - Significantly improved reliability for browser use. We fixed bugs on Windows, flaky availability of the plugin to non geo-blocked regions, and many other issues impacting performance.","publishedAt":"2026-05-21T00:00:00.000Z","url":"https://developers.openai.com/codex/changelog/#codex-2026-05-21","media":[],"prerelease":false,"source":{"slug":"openai-codex-changelog","name":"Codex Changelog","type":"feed"},"org":{"slug":"openai","name":"OpenAI"},"product":{"slug":"codex","name":"Codex"},"coverageCount":0},{"id":"rel_DM5h88vPQS4yA-C0K7_D5","version":"0.133.0","type":"feature","title":"Codex CLI Release: 0.133.0","summary":"Goals are now enabled by default, backed by dedicated storage, and track progress across active turns. Plugin discovery is easier to inspect with marketplace-aware list output, installed versions, and visible marketplace roots. Permission profiles gained list APIs, inheritance, managed requirements.toml support, and runtime refresh behavior. Fixed TUI startup choosing wrong working directory, plan-mode unexpected submit on modified Enter keys, stale background terminal poll events, and app-server startup/shutdown races.","titleGenerated":"Codex CLI v0.133.0 enables goals by default and extends plugin discovery","titleShort":"Goals now on by default; plugin discovery and permission profiles expanded","content":"## New Features\n\n- Goals are now enabled by default, backed by dedicated storage, and track progress across active turns. ([#23300](https://github.com/openai/codex/pull/23300), [#23685](https://github.com/openai/codex/pull/23685), [#23696](https://github.com/openai/codex/pull/23696), [#23732](https://github.com/openai/codex/pull/23732))\n- `codex remote-control` now runs like a foreground command, waits for readiness, reports machine status, and keeps explicit daemon-style `start`/`stop` commands. ([#22878](https://github.com/openai/codex/pull/22878))\n- Permission profiles gained list APIs, inheritance, managed `requirements.toml` support, runtime refresh behavior, and stronger Windows sandbox integration. ([#22928](https://github.com/openai/codex/pull/22928), [#23412](https://github.com/openai/codex/pull/23412), [#22270](https://github.com/openai/codex/pull/22270), [#23433](https://github.com/openai/codex/pull/23433), [#22931](https://github.com/openai/codex/pull/22931), [#23715](https://github.com/openai/codex/pull/23715))\n- Plugin discovery is easier to inspect, with marketplace-aware list output, installed versions, visible marketplace roots, and remote collection support. ([#23372](https://github.com/openai/codex/pull/23372), [#23584](https://github.com/openai/codex/pull/23584), [#23727](https://github.com/openai/codex/pull/23727), [#23730](https://github.com/openai/codex/pull/23730))\n- Extensions can observe more lifecycle events, including subagent start/stop, tool execution, turn metadata, and async approval/turn processing. ([#22782](https://github.com/openai/codex/pull/22782), [#22873](https://github.com/openai/codex/pull/22873), [#23309](https://github.com/openai/codex/pull/23309), [#23688](https://github.com/openai/codex/pull/23688), [#23690](https://github.com/openai/codex/pull/23690), [#23692](https://github.com/openai/codex/pull/23692))\n\n## Bug Fixes\n\n- Fixed TUI startup choosing the wrong working directory when reusing a local app-server socket. ([#23538](https://github.com/openai/codex/pull/23538))\n- Fixed plan-mode free-form answers so modified Enter keys, like Shift+Enter, no longer submit unexpectedly. ([#23536](https://github.com/openai/codex/pull/23536))\n- Removed stale background terminal poll events after a process exits. ([#23231](https://github.com/openai/codex/pull/23231))\n- Preserved raw code-mode exec output unless an explicit output token limit is requested. ([#23564](https://github.com/openai/codex/pull/23564))\n- Made AGENTS instruction loading more reliable, including local global reads and warnings for invalid UTF-8 instead of silent drops. ([#23343](https://github.com/openai/codex/pull/23343), [#23232](https://github.com/openai/codex/pull/23232))\n- Fixed app-server startup/shutdown races, empty resume/fork paths, plugin upgrade failures, and realtime v1 websocket compatibility. ([#23516](https://github.com/openai/codex/pull/23516), [#23578](https://github.com/openai/codex/pull/23578), [#23400](https://github.com/openai/codex/pull/23400), [#23356](https://github.com/openai/codex/pull/23356), [#23771](https://github.com/openai/codex/pull/23771))\n\n## Documentation\n\n- Added clearer plugin-creator guidance for updating and reinstalling local personal plugins. ([#23542](https://github.com/openai/codex/pull/23542))\n- Expanded app-server/API docs and schema coverage around managed permission profile requirements. ([#23433](https://github.com/openai/codex/pull/23433), [#23555](https://github.com/openai/codex/pull/23555))\n\n## Chores\n\n- Added a canonical Codex package archive pipeline and moved installers, npm packages, DotSlash, and SDK runtimes toward that shared layout. ([#23513](https://github.com/openai/codex/pull/23513), [#23582](https://github.com/openai/codex/pull/23582), [#23586](https://github.com/openai/codex/pull/23586), [#23596](https://github.com/openai/codex/pull/23596), [#23635](https://github.com/openai/codex/pull/23635), [#23636](https://github.com/openai/codex/pull/23636), [#23637](https://github.com/openai/codex/pull/23637), [#23638](https://github.com/openai/codex/pull/23638), [#23786](https://github.com/openai/codex/pull/23786))\n- Fixed Linux Python runtime wheel tags so glibc-based systems can install the runtime artifacts. ([#21812](https://github.com/openai/codex/pull/21812))\n- Improved release and CI reliability with package-builder tests, prebuilt resource packaging, DotSlash zstd handling, platform-sharded Rust tests, and Codex Linux release runners. ([#23760](https://github.com/openai/codex/pull/23760), [#23759](https://github.com/openai/codex/pull/23759), [#23752](https://github.com/openai/codex/pull/23752), [#23358](https://github.com/openai/codex/pull/23358), [#23761](https://github.com/openai/codex/pull/23761))\n\n## Changelog\n\nFull Changelog: [rust-v0.132.0...rust-v0.133.0](https://github.com/openai/codex/compare/rust-v0.132.0...rust-v0.133.0)\n\n- [#23343](https://github.com/openai/codex/pull/23343) codex: route global AGENTS reads through LOCAL\\_FS [@starr-openai](https://github.com/starr-openai)\n- [#22380](https://github.com/openai/codex/pull/22380) fix: default unknown tool schemas to empty schemas [@celia-oai](https://github.com/celia-oai)\n- [#23309](https://github.com/openai/codex/pull/23309) Add tool lifecycle extension contributor [@jif-oai](https://github.com/jif-oai)\n- [#23253](https://github.com/openai/codex/pull/23253) Reduce rust-ci-full Windows nextest timeout flakes [@starr-openai](https://github.com/starr-openai)\n- [#22878](https://github.com/openai/codex/pull/22878) Improve `codex remote-control` CLI UX [@owenlin0](https://github.com/owenlin0)\n- [#21812](https://github.com/openai/codex/pull/21812) Publish Linux runtime wheels with glibc-compatible tags [@aibrahim-oai](https://github.com/aibrahim-oai)\n- [#22709](https://github.com/openai/codex/pull/22709) \\[codex\\] Trim unused TurnContextItem fields [@pakrym-oai](https://github.com/pakrym-oai)\n- [#23353](https://github.com/openai/codex/pull/23353) Include plugin id in plugin MCP tool metadata [@mzeng-openai](https://github.com/mzeng-openai)\n- [#22728](https://github.com/openai/codex/pull/22728) \\[codex\\] Move pending input into input queue [@pakrym-oai](https://github.com/pakrym-oai)\n- [#23371](https://github.com/openai/codex/pull/23371) fix(tui): warn on unsupported iTerm2 pet versions [@fcoury-oai](https://github.com/fcoury-oai)\n- [#23376](https://github.com/openai/codex/pull/23376) \\[codex-analytics\\] preserve user thread source for exec threads [@marksteinbrick-oai](https://github.com/marksteinbrick-oai)\n- [#23360](https://github.com/openai/codex/pull/23360) app-server: use profile ids in v2 permission params [@bolinfest](https://github.com/bolinfest)\n- [#23384](https://github.com/openai/codex/pull/23384) \\[codex\\] Remove external websocket session resets [@pakrym-oai](https://github.com/pakrym-oai)\n- [#22721](https://github.com/openai/codex/pull/22721) cleanup: Remove skill env var dependency prompting [@xl-openai](https://github.com/xl-openai)\n- [#23389](https://github.com/openai/codex/pull/23389) Remove ToolSearch feature toggle [@sayan-oai](https://github.com/sayan-oai)\n- [#23080](https://github.com/openai/codex/pull/23080) \\[1 of 7\\] Add thread settings to UserInput [@etraut-openai](https://github.com/etraut-openai)\n- [#23081](https://github.com/openai/codex/pull/23081) \\[2 of 7\\] Remove UserInputWithTurnContext [@etraut-openai](https://github.com/etraut-openai)\n- [#23075](https://github.com/openai/codex/pull/23075) \\[3 of 7\\] Remove UserTurn [@etraut-openai](https://github.com/etraut-openai)\n- [#23396](https://github.com/openai/codex/pull/23396) \\[codex\\] Extract turn skill and plugin injections [@pakrym-oai](https://github.com/pakrym-oai)\n- [#23356](https://github.com/openai/codex/pull/23356) fix(plugins): keep version upgrades additive [@iceweasel-oai](https://github.com/iceweasel-oai)\n- [#22508](https://github.com/openai/codex/pull/22508) \\[5 of 7\\] Replace OverrideTurnContext with ThreadSettings [@etraut-openai](https://github.com/etraut-openai)\n- [#22086](https://github.com/openai/codex/pull/22086) CI: Customize v8 building [@cconger](https://github.com/cconger)\n- [#23390](https://github.com/openai/codex/pull/23390) Remove explicit connector tool undeferral [@sayan-oai](https://github.com/sayan-oai)\n- [#22928](https://github.com/openai/codex/pull/22928) core: expose permission profile picker metadata [@viyatb-oai](https://github.com/viyatb-oai)\n- [#23352](https://github.com/openai/codex/pull/23352) Preserve context baselines for full-history agent forks [@jif-oai](https://github.com/jif-oai)\n- [#23300](https://github.com/openai/codex/pull/23300) feat: dedicated goal DB [@jif-oai](https://github.com/jif-oai)\n- [#22835](https://github.com/openai/codex/pull/22835) Remove ToolsConfig from tool planning [@jif-oai](https://github.com/jif-oai)\n- [#22870](https://github.com/openai/codex/pull/22870) Add `body_after_prefix` auto-compact token limit scope [@jif-oai](https://github.com/jif-oai)\n- [#23144](https://github.com/openai/codex/pull/23144) Defer v1 multi-agent tools behind tool search [@jif-oai](https://github.com/jif-oai)\n- [#23409](https://github.com/openai/codex/pull/23409) \\[codex\\] Allow empty turn/start requests [@pakrym-oai](https://github.com/pakrym-oai)\n- [#23388](https://github.com/openai/codex/pull/23388) \\[codex\\] Move hook request plumbing into hook runtime [@pakrym-oai](https://github.com/pakrym-oai)\n- [#23405](https://github.com/openai/codex/pull/23405) \\[codex\\] Preserve steer input as user input [@pakrym-oai](https://github.com/pakrym-oai)\n- [#22914](https://github.com/openai/codex/pull/22914) \\[2 of 4\\] tui: route app and skill enablement through app server [@etraut-openai](https://github.com/etraut-openai)\n- [#23397](https://github.com/openai/codex/pull/23397) \\[codex\\] Make contextual user fragments dyn-renderable [@pakrym-oai](https://github.com/pakrym-oai)\n- [#23475](https://github.com/openai/codex/pull/23475) chore: namespace v1 sub-agent tools [@jif-oai](https://github.com/jif-oai)\n- [#23493](https://github.com/openai/codex/pull/23493) Make `deny` canonical for filesystem permission entries [@viyatb-oai](https://github.com/viyatb-oai)\n- [#22929](https://github.com/openai/codex/pull/22929) Harden CLI rate limit window labels [@ase-openai](https://github.com/ase-openai)\n- [#22782](https://github.com/openai/codex/pull/22782) Add SubagentStart hook [@abhinav-oai](https://github.com/abhinav-oai)\n- [#23513](https://github.com/openai/codex/pull/23513) build: add Codex package builder [@bolinfest](https://github.com/bolinfest)\n- [#23369](https://github.com/openai/codex/pull/23369) Make local environment optional in EnvironmentManager [@starr-openai](https://github.com/starr-openai)\n- [#23327](https://github.com/openai/codex/pull/23327) Refactor exec-server websocket pump [@starr-openai](https://github.com/starr-openai)\n- [#23536](https://github.com/openai/codex/pull/23536) fix(tui): preserve modified enter in plan questions [@fcoury-oai](https://github.com/fcoury-oai)\n- [#23400](https://github.com/openai/codex/pull/23400) Fix empty rollout path app-server handling [@wiltzius-openai](https://github.com/wiltzius-openai)\n- [#23551](https://github.com/openai/codex/pull/23551) Route local-only app-server gating through processors [@starr-openai](https://github.com/starr-openai)\n- [#23372](https://github.com/openai/codex/pull/23372) Split plugin install discovery into list and request tools [@mzeng-openai](https://github.com/mzeng-openai)\n- [#23516](https://github.com/openai/codex/pull/23516) fix: serialize unix app-server startup [@efrazer-oai](https://github.com/efrazer-oai)\n- [#22169](https://github.com/openai/codex/pull/22169) \\[codex\\] Honor role-defined spawn service tiers [@aibrahim-oai](https://github.com/aibrahim-oai)\n- [#23555](https://github.com/openai/codex/pull/23555) Add CUA requirements subsection for locked computer use [@adams-oai](https://github.com/adams-oai)\n- [#23538](https://github.com/openai/codex/pull/23538) Fix: TUI starting in wrong CWD [@canvrno-oai](https://github.com/canvrno-oai)\n- [#23526](https://github.com/openai/codex/pull/23526) build: fetch rg for Codex packages [@bolinfest](https://github.com/bolinfest)\n- [#23573](https://github.com/openai/codex/pull/23573) Remove unused ARC monitor path [@mzeng-openai](https://github.com/mzeng-openai)\n- [#23576](https://github.com/openai/codex/pull/23576) test: fix multi-agent service tier assertion [@bolinfest](https://github.com/bolinfest)\n- [#23541](https://github.com/openai/codex/pull/23541) build: default Codex package target and output [@bolinfest](https://github.com/bolinfest)\n- [#23358](https://github.com/openai/codex/pull/23358) Fan out rust-ci-full nextest by platform [@starr-openai](https://github.com/starr-openai)\n- [#23593](https://github.com/openai/codex/pull/23593) feat: expose codex-app-server version flag [@bolinfest](https://github.com/bolinfest)\n- [#23412](https://github.com/openai/codex/pull/23412) feat: add permission profile list api [@viyatb-oai](https://github.com/viyatb-oai)\n- [#23535](https://github.com/openai/codex/pull/23535) Move plugin and skill warmup into session startup [@aibrahim-oai](https://github.com/aibrahim-oai)\n- [#23231](https://github.com/openai/codex/pull/23231) Fix stale background terminal poll events [@etraut-openai](https://github.com/etraut-openai)\n- [#23564](https://github.com/openai/codex/pull/23564) \\[codex\\] Preserve raw code-mode exec output by default [@aibrahim-oai](https://github.com/aibrahim-oai)\n- [#23232](https://github.com/openai/codex/pull/23232) Warn on invalid UTF-8 in AGENTS.md files [@etraut-openai](https://github.com/etraut-openai)\n- [#23584](https://github.com/openai/codex/pull/23584) feat: Add vertical remote plugin collection support [@xl-openai](https://github.com/xl-openai)\n- [#23586](https://github.com/openai/codex/pull/23586) build: package prebuilt Codex entrypoints [@bolinfest](https://github.com/bolinfest)\n- [#23582](https://github.com/openai/codex/pull/23582) ci: build Codex package archives in release workflow [@bolinfest](https://github.com/bolinfest)\n- [#23596](https://github.com/openai/codex/pull/23596) runtime: detect Codex package layout [@bolinfest](https://github.com/bolinfest)\n- [#23500](https://github.com/openai/codex/pull/23500) add encryptedcontent to functioncalloutput [@sayan-oai](https://github.com/sayan-oai)\n- [#23633](https://github.com/openai/codex/pull/23633) Migrate exec-server remote registration to environments [@richardopenai](https://github.com/richardopenai)\n- [#23451](https://github.com/openai/codex/pull/23451) Add timeout for remote compaction requests [@jif-oai](https://github.com/jif-oai)\n- [#23667](https://github.com/openai/codex/pull/23667) feat: rename 1 [@jif-oai](https://github.com/jif-oai)\n- [#23669](https://github.com/openai/codex/pull/23669) feat: rename 3 [@jif-oai](https://github.com/jif-oai)\n- [#23668](https://github.com/openai/codex/pull/23668) feat: rename 2 [@jif-oai](https://github.com/jif-oai)\n- [#23675](https://github.com/openai/codex/pull/23675) fix: main [@jif-oai](https://github.com/jif-oai)\n- [#23685](https://github.com/openai/codex/pull/23685) feat: wire goal extension tools to the dedicated goal store [@jif-oai](https://github.com/jif-oai)\n- [#23690](https://github.com/openai/codex/pull/23690) feat: async approval contrib [@jif-oai](https://github.com/jif-oai)\n- [#23692](https://github.com/openai/codex/pull/23692) feat: async turn item process [@jif-oai](https://github.com/jif-oai)\n- [#23688](https://github.com/openai/codex/pull/23688) feat: expose turn-start metadata to extensions [@jif-oai](https://github.com/jif-oai)\n- [#23605](https://github.com/openai/codex/pull/23605) \\[codex\\] Hide deferred tools from code mode prompt [@pakrym-oai](https://github.com/pakrym-oai)\n- [#23634](https://github.com/openai/codex/pull/23634) runtime: use install context for bundled bwrap [@bolinfest](https://github.com/bolinfest)\n- [#23635](https://github.com/openai/codex/pull/23635) release: publish Codex package archive checksums [@bolinfest](https://github.com/bolinfest)\n- [#23592](https://github.com/openai/codex/pull/23592) feat: Add btw alias for side slash command [@anp-oai](https://github.com/anp-oai)\n- [#23696](https://github.com/openai/codex/pull/23696) feat: account active goal progress in the goal extension [@jif-oai](https://github.com/jif-oai)\n- [#23176](https://github.com/openai/codex/pull/23176) \\[2 of 2\\] Start fresh TUI thread in background [@etraut-openai](https://github.com/etraut-openai)\n- [#23578](https://github.com/openai/codex/pull/23578) fix(app-server): speed up shutdown [@fcoury-oai](https://github.com/fcoury-oai)\n- [#22896](https://github.com/openai/codex/pull/22896) windows-sandbox: add resolved permissions helper [@bolinfest](https://github.com/bolinfest)\n- [#23502](https://github.com/openai/codex/pull/23502) Add thread/settings/update app-server API [@etraut-openai](https://github.com/etraut-openai)\n- [#23507](https://github.com/openai/codex/pull/23507) Sync TUI thread settings through app server [@etraut-openai](https://github.com/etraut-openai)\n- [#23666](https://github.com/openai/codex/pull/23666) feat: add turn\\_id and truncation\\_policy to extension tool calls [@jif-oai](https://github.com/jif-oai)\n- [#23636](https://github.com/openai/codex/pull/23636) install: consume Codex package archives [@bolinfest](https://github.com/bolinfest)\n- [#23717](https://github.com/openai/codex/pull/23717) \\[codex\\] Preserve failed goal accounting flushes [@jif-oai](https://github.com/jif-oai)\n- [#23655](https://github.com/openai/codex/pull/23655) add standalone websearch api client [@sayan-oai](https://github.com/sayan-oai)\n- [#23724](https://github.com/openai/codex/pull/23724) Fix thread settings clippy failure [@etraut-openai](https://github.com/etraut-openai)\n- [#23637](https://github.com/openai/codex/pull/23637) npm: ship platform packages in Codex package layout [@bolinfest](https://github.com/bolinfest)\n- [#23729](https://github.com/openai/codex/pull/23729) fix(config): resolve cloud requirements deny-read globs [@viyatb-oai](https://github.com/viyatb-oai)\n- [#23638](https://github.com/openai/codex/pull/23638) dotslash: publish Codex entrypoints from package archives [@bolinfest](https://github.com/bolinfest)\n- [#22918](https://github.com/openai/codex/pull/22918) windows-sandbox: send permission profiles to elevated runner [@bolinfest](https://github.com/bolinfest)\n- [#23735](https://github.com/openai/codex/pull/23735) windows-sandbox: share bundled helper lookup [@bolinfest](https://github.com/bolinfest)\n- [#18868](https://github.com/openai/codex/pull/18868) Add MITM hook config model [@evawong-oai](https://github.com/evawong-oai)\n- [#22270](https://github.com/openai/codex/pull/22270) feat(permissions): resolve permission profile inheritance [@viyatb-oai](https://github.com/viyatb-oai)\n- [#23719](https://github.com/openai/codex/pull/23719) cli: add strict config to exec-server [@bolinfest](https://github.com/bolinfest)\n- [#23542](https://github.com/openai/codex/pull/23542) \\[skills\\] Create a personal update flow for plugin creator [@caseychow-oai](https://github.com/caseychow-oai)\n- [#21272](https://github.com/openai/codex/pull/21272) Support compact SessionStart hooks [@abhinav-oai](https://github.com/abhinav-oai)\n- [#20659](https://github.com/openai/codex/pull/20659) Wire MITM hooks into runtime enforcement [@evawong-oai](https://github.com/evawong-oai)\n- [#23752](https://github.com/openai/codex/pull/23752) release: use DotSlash zstd for package archives [@bolinfest](https://github.com/bolinfest)\n- [#22923](https://github.com/openai/codex/pull/22923) windows-sandbox: drive write roots from resolved permissions [@bolinfest](https://github.com/bolinfest)\n- [#23761](https://github.com/openai/codex/pull/23761) chore: use Codex Linux runners for Rust releases [@bolinfest](https://github.com/bolinfest)\n- [#23759](https://github.com/openai/codex/pull/23759) release: package prebuilt resource binaries [@bolinfest](https://github.com/bolinfest)\n- [#23167](https://github.com/openai/codex/pull/23167) windows-sandbox: feed setup from resolved permissions [@bolinfest](https://github.com/bolinfest)\n- [#22931](https://github.com/openai/codex/pull/22931) core: refresh active permission profiles at runtime [@viyatb-oai](https://github.com/viyatb-oai)\n- [#22873](https://github.com/openai/codex/pull/22873) Add SubagentStop hook [@abhinav-oai](https://github.com/abhinav-oai)\n- [#23727](https://github.com/openai/codex/pull/23727) feat(plugins): tabulate plugin list output [@caseychow-oai](https://github.com/caseychow-oai)\n- [#23732](https://github.com/openai/codex/pull/23732) Make goals feature on by default and no longer experimental [@etraut-openai](https://github.com/etraut-openai)\n- [#23537](https://github.com/openai/codex/pull/23537) Honor client-resolved service tier defaults [@shijie-oai](https://github.com/shijie-oai)\n- [#23771](https://github.com/openai/codex/pull/23771) \\[codex\\] Fix realtime v1 websocket compatibility [@guinness-oai](https://github.com/guinness-oai)\n- [#23764](https://github.com/openai/codex/pull/23764) Remove Windows sandbox resource stamping [@iceweasel-oai](https://github.com/iceweasel-oai)\n- [#23730](https://github.com/openai/codex/pull/23730) \\[codex\\] List marketplaces considered by plugin discovery [@caseychow-oai](https://github.com/caseychow-oai)\n- [#23760](https://github.com/openai/codex/pull/23760) ci: run Codex package builder tests [@bolinfest](https://github.com/bolinfest)\n- [#23737](https://github.com/openai/codex/pull/23737) \\[codex\\] Add plugin id to MCP tool call items [@mzeng-openai](https://github.com/mzeng-openai)\n- [#18240](https://github.com/openai/codex/pull/18240) Use named MITM permissions config [@evawong-oai](https://github.com/evawong-oai)\n- [#23774](https://github.com/openai/codex/pull/23774) \\[codex\\] Reject read-only fallback with approvals disabled [@viyatb-oai](https://github.com/viyatb-oai)\n- [#23714](https://github.com/openai/codex/pull/23714) windows-sandbox: add profile-native elevated APIs [@bolinfest](https://github.com/bolinfest)\n- [#23433](https://github.com/openai/codex/pull/23433) feat: support managed permission profiles in requirements.toml [@viyatb-oai](https://github.com/viyatb-oai)\n- [#23715](https://github.com/openai/codex/pull/23715) core: pass permission profiles to Windows runner [@bolinfest](https://github.com/bolinfest)\n- [#23786](https://github.com/openai/codex/pull/23786) sdk: launch packaged Codex runtimes [@bolinfest](https://github.com/bolinfest)","publishedAt":"2026-05-21T00:00:00.000Z","url":"https://developers.openai.com/codex/changelog/#github-release-327109656","media":[],"prerelease":false,"source":{"slug":"openai-codex-changelog","name":"Codex Changelog","type":"feed"},"org":{"slug":"openai","name":"OpenAI"},"product":{"slug":"codex","name":"Codex"},"coverageCount":0},{"id":"rel_sc85xP00Ev5P9ievD6z8N","version":null,"type":"feature","title":"Improvements to Cursor Automations","summary":"This release brings [Cursor Automations](https://cursor.com/docs/cloud-agent/automations) to the Agents Window and introduces the ability to configure...","titleGenerated":null,"titleShort":null,"content":"This release brings [Cursor Automations](https://cursor.com/docs/cloud-agent/automations) to the Agents Window and introduces the ability to configure automations with multiple attached repos or no repos at all.\n\nFor the next 7 days, all agent runs for newly created automations are 50% off.\n\n## Automations in the Agents Window\n\nCursor Automations are now available in the [Agents Window](https://cursor.com/blog/cursor-3), in addition to cursor.com/automations. Create and manage your automations in the same workspace as your agents.\n\n## Multi-repo automations\n\nA lot of engineering work spans more than one codebase. You can now attach multiple repos to an automation so agents reason across all required context and work across repos to deliver, test, and verify tasks.\n\n## No-repo automations\n\nMany useful automations exist apart from code, where agents monitor your tools and act on key signals. You can now create automations without an attached repository.\n\nWe've added five new templates for no-repo automations to the [Cursor Marketplace](https://cursor.com/marketplace) to help you get started:\n\n- [\\*\\*Slack digest agent\\*\\*](https://cursor.com/marketplace/automations/slack-digest-agent): Summarizes unread DMs and key Slack channels every morning and prioritizes them by importance\n- [\\*\\*Product analytics agent\\*\\*](https://cursor.com/marketplace/automations/product-analytics-agent): Delivers a weekly digest of key metrics from your data warehouse like Databricks\n- [\\*\\*Product FAQ agent\\*\\*](https://cursor.com/marketplace/automations/product-faq-agent): Watches a Slack channel for questions and writes a first response based on docs, codebase context, and past threads\n- [\\*\\*Product finance agent\\*\\*](https://cursor.com/marketplace/automations/product-finance-agent): Pulls financial data from a billing provider like Stripe for recurring revenue reports\n- [\\*\\*Customer health agent\\*\\*](https://cursor.com/marketplace/automations/customer-health-monitoring-agent): Monitors key systems like Granola, Slack, and Databricks and flags accounts where health signals are shifting\n\nRead our [docs](https://cursor.com/docs/cloud-agent/automations) to learn more.","publishedAt":"2026-05-20T00:00:00.000Z","url":"https://cursor.com/changelog/05-20-26","media":[],"prerelease":false,"source":{"slug":"cursor-changelog","name":"Cursor Changelog","type":"feed"},"org":{"slug":"cursor","name":"Cursor"},"product":null,"coverageCount":0},{"id":"rel_TgNY23Sb9ORLF9ab-SYT9","version":"0.132.0","type":"feature","title":"Codex CLI Release: 0.132.0","summary":"The Python SDK now supports first-class authentication with API key login, ChatGPT browser and device-code flows, account inspection, and logout APIs. TUI startup is faster because terminal capability probes are now batched. Goal continuations now stop when hitting usage limits instead of looping and burning tokens, and remote sessions keep websocket connections alive.","titleGenerated":"Codex CLI 0.132.0 adds first-class Python SDK authentication and faster TUI startup","titleShort":"Python SDK gains first-class auth; TUI startup faster","content":"## New Features\n\n- The Python SDK now supports first-class authentication, including API key login, ChatGPT browser and device-code flows, account inspection, and logout APIs. ([#23093](https://github.com/openai/codex/pull/23093))\n- Python turn APIs are easier to use for text-only workflows: you can pass a plain string as input, and handle-based runs now return a richer `TurnResult` with collected items, timing, and usage data. ([#23151](https://github.com/openai/codex/pull/23151), [#23162](https://github.com/openai/codex/pull/23162))\n- `codex exec resume` now accepts `--output-schema`, so resumed automations can keep session context while still enforcing structured JSON output. ([#23123](https://github.com/openai/codex/pull/23123))\n- TUI startup is faster because terminal capability probes are now batched instead of waiting on several serial checks before the first interactive frame. ([#23175](https://github.com/openai/codex/pull/23175))\n- Remote executor registration can now use standard Codex auth instead of a separate registry credential flow. ([#22769](https://github.com/openai/codex/pull/22769))\n- App-server turns can preserve requested image fidelity, including original-resolution local images, across user inputs and image-producing tools. ([#20693](https://github.com/openai/codex/pull/20693))\n\n## Bug Fixes\n\n- Goal continuations now stop when they hit usage limits or a repeated blocker instead of looping and burning more tokens, and completion responses phrase usage more naturally. ([#23094](https://github.com/openai/codex/pull/23094), [#22907](https://github.com/openai/codex/pull/22907))\n- The session picker is easier to trust: renamed threads now show `name (thread-id)` in resume hints, and pasted text works in the picker search box. ([#23234](https://github.com/openai/codex/pull/23234), [#23338](https://github.com/openai/codex/pull/23338))\n- Multi-session TUI flows are more reliable: in-progress MCP calls stay marked as active during replay, and elicitation replies are sent back to the thread that requested them. ([#23236](https://github.com/openai/codex/pull/23236), [#23241](https://github.com/openai/codex/pull/23241))\n- Remote sessions now keep websocket connections alive and show repo-relative diff paths again instead of `/tmp/...`\\-prefixed paths. ([#23226](https://github.com/openai/codex/pull/23226), [#23261](https://github.com/openai/codex/pull/23261))\n- Windows installs are more robust: `codex doctor` now detects npm-managed installs correctly, and MSVC release binaries no longer depend on separately installed VC++ runtime DLLs. ([#22967](https://github.com/openai/codex/pull/22967), [#22905](https://github.com/openai/codex/pull/22905))\n- TUI polish fixes include immediate shutdown feedback on exit, hiding the ChatGPT usage link for non-OpenAI providers, and keeping a cleared Fast tier from reappearing after side-thread resume. ([#23323](https://github.com/openai/codex/pull/23323), [#23127](https://github.com/openai/codex/pull/23127), [#23121](https://github.com/openai/codex/pull/23121))\n\n## Documentation\n\n- The Python SDK docs, FAQ, and examples were refreshed around the new auth flow and turn APIs, with clearer setup guidance and simpler text-only examples. ([#22941](https://github.com/openai/codex/pull/22941), [#23093](https://github.com/openai/codex/pull/23093), [#23151](https://github.com/openai/codex/pull/23151), [#23162](https://github.com/openai/codex/pull/23162))\n\n## Chores\n\n- Memory summaries are now versioned and rebuilt when the stored format is stale, which should keep long-lived memory context leaner and more predictable. ([#23148](https://github.com/openai/codex/pull/23148))\n\n## Changelog\n\nFull Changelog: [rust-v0.131.0...rust-v0.132.0](https://github.com/openai/codex/compare/rust-v0.131.0...rust-v0.132.0)\n\n- [#20693](https://github.com/openai/codex/pull/20693) Preserve image detail in app-server inputs [@fjord-oai](https://github.com/fjord-oai)\n- [#22891](https://github.com/openai/codex/pull/22891) tui: pass active permission profiles through app commands [@bolinfest](https://github.com/bolinfest)\n- [#22924](https://github.com/openai/codex/pull/22924) app-server-protocol: remove PermissionProfile from API [@bolinfest](https://github.com/bolinfest)\n- [#22941](https://github.com/openai/codex/pull/22941) \\[codex\\] Refine Python SDK user-facing docs [@aibrahim-oai](https://github.com/aibrahim-oai)\n- [#22967](https://github.com/openai/codex/pull/22967) Fix Windows doctor npm root probe [@etraut-openai](https://github.com/etraut-openai)\n- [#22920](https://github.com/openai/codex/pull/22920) core: set permission profiles from snapshots [@bolinfest](https://github.com/bolinfest)\n- [#22939](https://github.com/openai/codex/pull/22939) \\[codex\\] Split Python SDK helper logic [@aibrahim-oai](https://github.com/aibrahim-oai)\n- [#22907](https://github.com/openai/codex/pull/22907) Improve goal completion usage reporting [@etraut-openai](https://github.com/etraut-openai)\n- [#23030](https://github.com/openai/codex/pull/23030) test: construct permission profiles directly [@bolinfest](https://github.com/bolinfest)\n- [#22769](https://github.com/openai/codex/pull/22769) exec-server: support auth-backed remote executor registration [@miz-openai](https://github.com/miz-openai)\n- [#22946](https://github.com/openai/codex/pull/22946) \\[codex\\] preserve MCP result meta in McpToolCallItemResult [@miaolin-oai](https://github.com/miaolin-oai)\n- [#23069](https://github.com/openai/codex/pull/23069) multiagent: trim model-visible description, cap to 5 models [@sayan-oai](https://github.com/sayan-oai)\n- [#22913](https://github.com/openai/codex/pull/22913) \\[1 of 4\\] tui: route primary settings writes through app server [@etraut-openai](https://github.com/etraut-openai)\n- [#23093](https://github.com/openai/codex/pull/23093) sdk/python: add first-class login support [@aibrahim-oai](https://github.com/aibrahim-oai)\n- [#23151](https://github.com/openai/codex/pull/23151) \\[codex\\] Return TurnResult from Python turn handles [@aibrahim-oai](https://github.com/aibrahim-oai)\n- [#23147](https://github.com/openai/codex/pull/23147) Make multi-agent v2 tool namespace configurable [@jif-oai](https://github.com/jif-oai)\n- [#23036](https://github.com/openai/codex/pull/23036) test: reduce core sandbox policy test setup [@bolinfest](https://github.com/bolinfest)\n- [#23162](https://github.com/openai/codex/pull/23162) \\[codex\\] Accept string input for Python turns [@aibrahim-oai](https://github.com/aibrahim-oai)\n- [#23226](https://github.com/openai/codex/pull/23226) Add exec-server websocket keepalive [@starr-openai](https://github.com/starr-openai)\n- [#23148](https://github.com/openai/codex/pull/23148) Densify and version memory summaries [@jif-oai](https://github.com/jif-oai)\n- [#22448](https://github.com/openai/codex/pull/22448) \\[codex\\] Add installed-plugin mention API [@xli-oai](https://github.com/xli-oai)\n- [#23288](https://github.com/openai/codex/pull/23288) chore: goal ext skeleton [@jif-oai](https://github.com/jif-oai)\n- [#23291](https://github.com/openai/codex/pull/23291) Make extension lifecycle hooks async [@jif-oai](https://github.com/jif-oai)\n- [#23293](https://github.com/openai/codex/pull/23293) feat: add extension event sink capability [@jif-oai](https://github.com/jif-oai)\n- [#23295](https://github.com/openai/codex/pull/23295) chore: isolate thread goal storage behind GoalStore [@jif-oai](https://github.com/jif-oai)\n- [#23301](https://github.com/openai/codex/pull/23301) chore: goal resumed metrics [@jif-oai](https://github.com/jif-oai)\n- [#23305](https://github.com/openai/codex/pull/23305) chore: make token usage async [@jif-oai](https://github.com/jif-oai)\n- [#23306](https://github.com/openai/codex/pull/23306) Emit goal update events from goal extension tools [@jif-oai](https://github.com/jif-oai)\n- [#23121](https://github.com/openai/codex/pull/23121) tui: keep cleared Fast tier from reappearing after side-thread resume [@etraut-openai](https://github.com/etraut-openai)\n- [#23123](https://github.com/openai/codex/pull/23123) Support --output-schema for exec resume [@etraut-openai](https://github.com/etraut-openai)\n- [#23128](https://github.com/openai/codex/pull/23128) Fix TUI stream cleanup after turn errors [@etraut-openai](https://github.com/etraut-openai)\n- [#23127](https://github.com/openai/codex/pull/23127) Hide ChatGPT usage link for non-OpenAI status [@etraut-openai](https://github.com/etraut-openai)\n- [#23175](https://github.com/openai/codex/pull/23175) \\[1 of 2\\] Optimize TUI startup terminal probes [@etraut-openai](https://github.com/etraut-openai)\n- [#22706](https://github.com/openai/codex/pull/22706) \\[codex\\] Remove legacy shell output formatting paths [@pakrym-oai](https://github.com/pakrym-oai)\n- [#23332](https://github.com/openai/codex/pull/23332) nit: read prompt [@jif-oai](https://github.com/jif-oai)\n- [#22905](https://github.com/openai/codex/pull/22905) windows: link MSVC release binaries with static CRT [@iceweasel-oai](https://github.com/iceweasel-oai)\n- [#23323](https://github.com/openai/codex/pull/23323) fix(tui): show shutdown feedback on exit [@fcoury-oai](https://github.com/fcoury-oai)\n- [#23261](https://github.com/openai/codex/pull/23261) Fix remote turn diff display roots [@starr-openai](https://github.com/starr-openai)\n- [#22569](https://github.com/openai/codex/pull/22569) Simplify legacy Windows sandbox ACL persistence [@iceweasel-oai](https://github.com/iceweasel-oai)\n- [#23273](https://github.com/openai/codex/pull/23273) Upload rust full CI JUnit reports [@starr-openai](https://github.com/starr-openai)\n- [#22893](https://github.com/openai/codex/pull/22893) fix: harden plugin creator sharing validation [@efrazer-oai](https://github.com/efrazer-oai)\n- [#23094](https://github.com/openai/codex/pull/23094) goal: pause continuation loops on usage limits and blockers [@etraut-openai](https://github.com/etraut-openai)\n- [#23234](https://github.com/openai/codex/pull/23234) Clarify resume hints for renamed threads [@etraut-openai](https://github.com/etraut-openai)\n- [#23241](https://github.com/openai/codex/pull/23241) TUI: route elicitation responses to request thread [@etraut-openai](https://github.com/etraut-openai)\n- [#23236](https://github.com/openai/codex/pull/23236) TUI: replay in-progress MCP calls as started [@etraut-openai](https://github.com/etraut-openai)\n- [#23088](https://github.com/openai/codex/pull/23088) goals: keep pause transitions explicit [@etraut-openai](https://github.com/etraut-openai)\n- [#23338](https://github.com/openai/codex/pull/23338) feat(tui): handle paste in session picker [@fcoury-oai](https://github.com/fcoury-oai)\n- [#23335](https://github.com/openai/codex/pull/23335) feat(app-server): add optional thread\\_id to experimentalFeature/list [@owenlin0](https://github.com/owenlin0)","publishedAt":"2026-05-20T00:00:00.000Z","url":"https://developers.openai.com/codex/changelog/#github-release-325545332","media":[],"prerelease":false,"source":{"slug":"openai-codex-changelog","name":"Codex Changelog","type":"feed"},"org":{"slug":"openai","name":"OpenAI"},"product":{"slug":"codex","name":"Codex"},"coverageCount":0},{"id":"rel_wDsKCiz48sDRzIbaM_rnw","version":"v2.1.145","type":"feature","title":"v2.1.145","summary":"Fixed a permission-prompt bypass where bare variable assignments to non-allowlisted environment variables in Bash commands were auto-approved. Also fixed Agent Teams teammates with non-ASCII names failing API calls due to invalid header encoding. Plus session list JSON export, plugin discovery improvements, and dozens of smaller fixes across MCP commands, UI rendering, and cross-platform support.","titleGenerated":"Claude Code v2.1.145 fixes permission-prompt bypass and permission header encoding","titleShort":"Permission-prompt bypass closed; non-ASCII names now work","content":"## What's changed\n\n- Added `claude agents --json` to list live Claude sessions as JSON for scripting (tmux-resurrect, status bars, session pickers)\n- Added `agent_id` and `parent_agent_id` attributes to `claude_code.tool` OTEL spans, and fixed trace parenting so background subagent spans nest under the dispatching Agent tool span\n- Status line JSON input now includes GitHub repo and PR information when detected\n- `/plugin` Discover and Browse screens now show a plugin's commands, agents, skills, hooks, and MCP/LSP servers before installation\n- `claude agents` terminal tab title now shows the awaiting-input count so an alt-tabbed window tells you when an agent needs attention\n- Slash command and @-mention suggestion list now supports mouse hover and click in fullscreen mode\n- Stop and SubagentStop hook input now includes `background_tasks` and `session_crons` fields\n- Fixed a permission-prompt bypass where bare variable assignments to non-allowlisted environment variables in Bash commands were auto-approved\n- Fixed MCP prompt slash commands showing raw server validation errors when a required argument is omitted — the error now names the missing argument and shows expected usage\n- Fixed the spinner and elapsed-time display freezing until a keypress after the terminal was resized or refocused\n- Fixed the cross-project resume hint failing in default Windows PowerShell 5.1 — Windows now uses `;` as the command separator\n- Fixed voice push-to-talk not working in the agent view's reply pane\n- Fixed task lists rendering in random order when several tasks are created at once\n- Fixed stale \"Failed to install Anthropic marketplace\" banner showing when the marketplace is already installed\n- Fixed the PR badge in the footer not updating immediately after `gh pr create` and other PR-state-changing commands run in-session\n- Fixed Agent Teams teammates with non-ASCII names failing every API call due to invalid header encoding\n- Fixed `/review` using a deprecated `projectCards` GraphQL query that errored on repos with Classic Projects\n- Fixed `claude plugin validate` not flagging `skills:` entries that point at a file instead of a directory — the error now suggests the parent directory\n- Fixed an infinite loop where a skill using `context: fork` could repeatedly re-invoke itself instead of running\n- Improved the Read tool to return a truncated first page with a \"PARTIAL view\" notice instead of a hard error when a whole-file read exceeds the token limit\n","publishedAt":"2026-05-19T21:31:07.000Z","url":"https://code.claude.com/docs/en/changelog#2-1-145","media":[],"prerelease":false,"source":{"slug":"claude-code","name":"Claude Code","type":"scrape"},"org":{"slug":"anthropic","name":"Anthropic"},"product":{"slug":"claude-code","name":"Claude Code"},"coverageCount":0},{"id":"rel_yVTX64BUt1JAMOcO0rT09","version":"v2.1.144","type":"feature","title":"v2.1.144","summary":"Fixed macOS background sessions crashing with \"exit 1 before init\" when the project lives under a Full Disk Access-protected folder, and progressive terminal display corruption (stale or garbled glyphs) that could appear in very long sessions. Also fixed startup hanging up to 75s when api.anthropic.com is unreachable, garbled terminal output after missed window-resize events, and dozens of MCP, tool, and session management issues.","titleGenerated":"Claude Code v2.1.144 fixes background session crashes and terminal rendering corruption","titleShort":"Background sessions no longer crash on Full Disk Access folders; terminal rendering stabilized","content":"## What's changed\n\n- Added `/resume` support for background sessions — sessions started via `claude --bg` or agent view now appear alongside interactive ones, marked with `bg`\n- Added elapsed duration to background subagent completion notifications (e.g. \"Agent completed · 3h 2m 5s\")\n- The `/plugin` browse and discover panes now show when a plugin was last updated\n- `/model` now changes the model for the current session only; press `d` in the model picker to set a default for new sessions\n- Renamed \"extra usage\" to \"usage credits\" across CLI copy; `/extra-usage` is now `/usage-credits` (old name still works)\n- Fixed startup hanging up to 75s when `api.anthropic.com` is unreachable (captive portal, firewall, VPN issues) — side-channel API calls now time out after 15s\n- Fixed garbled terminal output after a missed window-resize event (e.g. dragging a VS Code split-pane divider) — now self-heals on the next frame instead of requiring Ctrl+L\n- Fixed progressive terminal display corruption (stale/garbled glyphs) that could appear in very long sessions and only cleared on terminal resize or restart\n- Reduced terminal rendering glitches in VS Code by reducing spinner animation color count\n- Fixed macOS background sessions crashing with \"exit 1 before init\" when the project lives under a Full Disk Access-protected folder (regression in 2.1.143)\n- Fixed an unrecoverable conversation when reading a file whose image extension doesn't match its contents (e.g. HTML saved as .png) — now falls back to text\n- Fewer spurious tool errors during search: `head`/`tail` file views now satisfy the read-before-edit check, and a \"no matches\" result (exit code 1) from `egrep`, `fgrep`, `git grep`, or `git diff` is no longer reported as a command failure\n- Fixed `/branch` failing with \"No conversation to branch\" after entering a worktree or in some background sessions\n- Fixed pressing Escape in the AskUserQuestion notes field aborting the turn instead of returning to answer selection\n- Fixed model selection not applying when changed via the IDE model picker or `applyFlagSettings` after startup\n- Resumed sessions now keep the model they were using instead of picking up another session's `/model` choice\n- Fixed Bedrock and Vertex users unable to select \"Opus (1M context)\" from the `/model` picker (regression in v2.1.129)\n- Fixed remote-session login failing with \"Can't access this organization\" for users with `forceLoginMethod` and `forceLoginOrgUUID` set\n- Fixed MCP servers with paginated `tools/list` responses only returning the first page, silently dropping tools\n- Fixed MCP images with unsupported MIME types (e.g. SVG) breaking the conversation — now saved to disk and referenced in the tool result\n- Fixed file descriptor exhaustion when a build runs inside a skill directory — non-`.md` files no longer trigger skill reloads\n- Fixed session title being generated from plugin monitor output instead of the user's first prompt\n- Fixed Skill tool failing with permission error in headless mode (regression in v2.1.141)\n- Fixed plugins enabled in your own settings showing \"not cached\" errors after first load on a fresh machine; plugins enabled only by a project's `.claude/settings.json` now show an actionable `claude plugin install` hint\n- Fixed `claude mcp list` silently reporting no servers when `.mcp.json` can't be parsed (e.g. using VS Code's `\"servers\"` key instead of `\"mcpServers\"`) — now shows configuration errors\n- Fixed background side-queries on custom `ANTHROPIC_BASE_URL` setups and Bedrock Mantle not using Haiku — now falls back correctly when a first-party API key is configured or no Haiku model is set\n- Fixed scrolling in attached background sessions on Windows — PgUp/PgDn, mouse wheel, and Ctrl+O transcript navigation now work\n- Fixed a crash when closing the terminal while attached to a background session\n- Fixed `! <cmd>` exec sessions not responding to Ctrl+C while attached — now interrupts the running command\n- Fixed agent view shell-command rows lingering under Working after completion, and pressing Enter on a completed row re-running the command after its output expired\n- Fixed on Windows, pressing ← in `claude agents` leaving the list unresponsive to keyboard input\n- Fixed ghost characters at the left edge when switching panes in Agent View on Windows Terminal with CJK content\n- `/bg` and `←`-detach now preserve directories added via `/add-dir`\n- Fixed Edit/Write refusing with \"background session hasn't isolated its changes yet\" right after detaching a session that was already editing in place\n- Fixed `claude respawn <id>` on a stopped background session showing \"stopped\" instead of running\n- Fixed `/resume` picker not showing sessions forked from a background session\n- Fixed opening a session from `claude agents` or running `claude logs <id>` hanging when the background service is unresponsive — now times out after 10s with a recovery hint\n- Fixed background Bash tasks spawned by subagents staying \"Running\" in SDK task panels after the process exits\n- Fixed completed or stopped background sessions briefly failing to wake being permanently marked as a startup crash\n- Fixed markdown links in `claude agents` attached sessions rendering as plain text instead of clickable hyperlinks\n- Fixed custom `spinnerVerbs` applying to the post-turn duration message — past-tense built-ins like \"Worked for 5s\" are restored there\n- `claude agents` / `--bg` rejection messages now name the specific gate (non-TTY, env var, or setting) instead of a generic message\n- `claude --bg --name <label>` now echoes the name in the post-spawn confirmation\n- `claude agents`: renaming a background session with Ctrl+R now updates the attached session's banner immediately\n- Background session worktree isolation guard now applies for non-git VCS users with `WorktreeCreate` hooks configured\n- Plugin marketplace add/update now respects `CLAUDE_CODE_PLUGIN_PREFER_HTTPS`\n- `/plugin` now returns to the Installed list after enabling, disabling, or uninstalling a plugin\n- `/doctor` now shows an exec-form example when a command hook is missing the `command` field\n- Skill-listing truncation is no longer shown as a startup notification — run `/doctor` for the full breakdown\n- Improved recovery from rare pre-response stream stalls — now retries streaming once instead of falling back to a slower non-streaming request\n- Improved SDK/headless MCP startup: pre-wait now overlaps startup instead of blocking before the first turn (up to 2s faster with slow MCP servers)\n- The post-survey follow-up hint now appears after every non-dismiss survey response with context-aware copy, making it easier to share more detail via /feedback.\n","publishedAt":"2026-05-19T00:48:51.000Z","url":"https://code.claude.com/docs/en/changelog#2-1-144","media":[],"prerelease":false,"source":{"slug":"claude-code","name":"Claude Code","type":"scrape"},"org":{"slug":"anthropic","name":"Anthropic"},"product":{"slug":"claude-code","name":"Claude Code"},"coverageCount":0},{"id":"rel_5XLlX1ezHI4B18Zi7vBBk","version":null,"type":"feature","title":"Cursor in Jira","summary":"Cursor is now available in Jira.\n\nAssign work items to Cursor, or mention \\`@Cursor\\` in a comment to kick off a [cloud agent](https://cursor.com/docs...","titleGenerated":null,"titleShort":null,"content":"Cursor is now available in Jira.\n\nAssign work items to Cursor, or mention \\`@Cursor\\` in a comment to kick off a [cloud agent](https://cursor.com/docs/cloud-agent). Cursor uses the work item title, description, comments, and your team's repository settings to scope the task.\n\nYou can ask Cursor to fix bugs, add features, update tests, or investigate something described in the ticket. When the agent finishes, Jira shows completion updates and includes a link to the pull request.\n\nInstall the integration from [Cursor integrations](https://cursor.com/dashboard/integrations#integrations). You need Cursor admin access and Jira Commercial Cloud with Rovo enabled. Learn more in our [docs](https://cursor.com/docs/integrations/jira).","publishedAt":"2026-05-19T00:00:00.000Z","url":"https://cursor.com/changelog/05-19-26","media":[],"prerelease":false,"source":{"slug":"cursor-changelog","name":"Cursor Changelog","type":"feed"},"org":{"slug":"cursor","name":"Cursor"},"product":null,"coverageCount":0},{"id":"rel_ggqTwImjmn1BrpClbffOW","version":"2.5","type":"feature","title":"Composer 2.5","summary":"[Composer 2.5](https://cursor.com/blog/composer-2-5) is now available in Cursor.\n\nIt's a substantial improvement in intelligence and behavior over [Co...","titleGenerated":null,"titleShort":null,"content":"[Composer 2.5](https://cursor.com/blog/composer-2-5) is now available in Cursor.\n\nIt's a substantial improvement in intelligence and behavior over [Composer 2](https://cursor.com/blog/composer-2). It is better at sustained work on long-running tasks, follows complex instructions more reliably, and is more pleasant to collaborate with.\n\n![Composer 2.5 benchmark results](https://ptht05hbb1ssoooe.public.blob.vercel-storage.com/assets/blog/composer-2.5-benchmark-table-landscape-light04.png)\n\nComposer 2.5 benchmark results\n\n- \\*\\*Standard:\\*\\* \\\\$0.50/M input, \\\\$2.50/M output tokens\n- \\*\\*Fast\\*\\* (default): \\\\$3.00/M input, \\\\$15.00/M output tokens\n\nComposer 2.5 includes double usage for the first week. See our [model docs](https://cursor.com/docs/models/cursor-composer-2-5) for full details.\n\nRead more in our [announcement](https://cursor.com/blog/composer-2-5).","publishedAt":"2026-05-18T00:00:00.000Z","url":"https://cursor.com/changelog/composer-2-5","media":[{"type":"image","url":"https://ptht05hbb1ssoooe.public.blob.vercel-storage.com/assets/blog/composer-2.5-benchmark-table-landscape-light04.png","alt":"Composer 2.5 benchmark results"}],"prerelease":false,"source":{"slug":"cursor-changelog","name":"Cursor Changelog","type":"feed"},"org":{"slug":"cursor","name":"Cursor"},"product":null,"coverageCount":0},{"id":"rel_neDfqy_tN8NjcFg2uOmn8","version":"0.131.0","type":"feature","title":"Codex CLI Release: 0.131.0","summary":"The TUI now offers richer session controls and display including data-driven service-tier commands, blended token usage, and responsive Markdown tables. Remote workflows gained daemon-managed codex remote-control, runtime enable/disable APIs, and registry-backed environments. The Python SDK moved to openai-codex with pinned runtime-generated types and concurrent turn routing. Additionally, @ mentions now search files, directories, plugins, and skills in one picker, and codex doctor was added for support diagnostics.","titleGenerated":"Codex CLI 0.131.0 adds richer TUI controls, remote daemon workflows, and Python SDK move","titleShort":"TUI gains session controls; remote workflows support daemon management; Python SDK moves to openai-codex","content":"## New Features\n\n- The TUI now offers richer session controls and display: data-driven service-tier commands, blended token usage, permissions/approval mode, effective workspace roots, and responsive Markdown tables. ([#21745](https://github.com/openai/codex/pull/21745), [#21906](https://github.com/openai/codex/pull/21906), [#21991](https://github.com/openai/codex/pull/21991), [#21669](https://github.com/openai/codex/pull/21669), [#21677](https://github.com/openai/codex/pull/21677), [#22052](https://github.com/openai/codex/pull/22052), [#22612](https://github.com/openai/codex/pull/22612))\n\n- `@` mentions now search files, directories, plugins, and skills in one picker, backed by app-server plugin metadata. ([#19068](https://github.com/openai/codex/pull/19068), [#22375](https://github.com/openai/codex/pull/22375))\n\n- Plugin workflows gained marketplace CLI commands, version-aware sharing, share checkout, clearer shared-workspace buckets, and default-enabled plugin hooks. ([#21396](https://github.com/openai/codex/pull/21396), [#22397](https://github.com/openai/codex/pull/22397), [#22425](https://github.com/openai/codex/pull/22425), [#22435](https://github.com/openai/codex/pull/22435), [#22549](https://github.com/openai/codex/pull/22549))\n\n- Remote workflows now support daemon-managed `codex remote-control`, runtime enable/disable APIs, status reads, and registry-backed/configured remote environments. ([#20718](https://github.com/openai/codex/pull/20718), [#22218](https://github.com/openai/codex/pull/22218), [#22562](https://github.com/openai/codex/pull/22562), [#22578](https://github.com/openai/codex/pull/22578), [#22877](https://github.com/openai/codex/pull/22877), [#20667](https://github.com/openai/codex/pull/20667), [#21323](https://github.com/openai/codex/pull/21323))\n\n- The Python SDK moved to `openai-codex` / `openai_codex`, with pinned runtime-generated types, concurrent turn routing, approval modes, and integration coverage. ([#21778](https://github.com/openai/codex/pull/21778), [#21891](https://github.com/openai/codex/pull/21891), [#21893](https://github.com/openai/codex/pull/21893), [#21896](https://github.com/openai/codex/pull/21896), [#21905](https://github.com/openai/codex/pull/21905), [#21910](https://github.com/openai/codex/pull/21910), [#22014](https://github.com/openai/codex/pull/22014))\n\n- Added `codex doctor` for support-ready diagnostics across runtime, auth, terminal, network, config, and local state. ([#22336](https://github.com/openai/codex/pull/22336))\n\n## Bug Fixes\n\n- Fixed several TUI interaction and rendering issues, including URL wrapping, light-mode selection contrast, Shift+Enter in tmux, `/review` MCP startup status, `/side` Esc handling, and network approval history text. ([#21760](https://github.com/openai/codex/pull/21760), [#21950](https://github.com/openai/codex/pull/21950), [#21943](https://github.com/openai/codex/pull/21943), [#21624](https://github.com/openai/codex/pull/21624), [#22710](https://github.com/openai/codex/pull/22710), [#22229](https://github.com/openai/codex/pull/22229))\n\n- Hardened Windows sandbox behavior around deny-read rules, scoped write roots, ineffective firewall policy, and PowerShell edge cases. ([#18202](https://github.com/openai/codex/pull/18202), [#21479](https://github.com/openai/codex/pull/21479), [#22353](https://github.com/openai/codex/pull/22353), [#21400](https://github.com/openai/codex/pull/21400), [#22643](https://github.com/openai/codex/pull/22643))\n\n- Preserved managed read restrictions during permission escalation and cleaned up workspace-root permission profile resolution. ([#15977](https://github.com/openai/codex/pull/15977), [#22624](https://github.com/openai/codex/pull/22624), [#22683](https://github.com/openai/codex/pull/22683))\n\n- Made app-server and local state startup safer by preserving SQLite data, failing closed when state cannot open, adding recovery paths, and softening optional metadata sync failures. ([#21831](https://github.com/openai/codex/pull/21831), [#21847](https://github.com/openai/codex/pull/21847), [#22580](https://github.com/openai/codex/pull/22580), [#22734](https://github.com/openai/codex/pull/22734), [#22899](https://github.com/openai/codex/pull/22899))\n\n- Improved Git and auth reliability by using root worktree hooks consistently, ignoring repo hook/fsmonitor config in helper commands, binding local MCP OAuth callbacks, and revoking superseded login tokens. ([#21969](https://github.com/openai/codex/pull/21969), [#22843](https://github.com/openai/codex/pull/22843), [#22652](https://github.com/openai/codex/pull/22652), [#20237](https://github.com/openai/codex/pull/20237), [#21747](https://github.com/openai/codex/pull/21747))\n\n- Reduced remote and Windows cleanup friction with longer exec-server transport timeouts, quieter `taskkill` cleanup, and non-queued plugin reads. ([#21825](https://github.com/openai/codex/pull/21825), [#21759](https://github.com/openai/codex/pull/21759), [#22058](https://github.com/openai/codex/pull/22058), [#22703](https://github.com/openai/codex/pull/22703))\n\n## Documentation\n\n- Clarified that general Codex product docs should not be added to this repo, while app-server API docs remain in scope. ([#21772](https://github.com/openai/codex/pull/21772))\n\n- Updated plugin-creator guidance for the simplified local plugin handoff links. ([#22240](https://github.com/openai/codex/pull/22240))\n\n- Documented new app-server/API contracts for remote environments and the desktop-owned config namespace. ([#21323](https://github.com/openai/codex/pull/21323), [#22584](https://github.com/openai/codex/pull/22584))\n\n## Chores\n\n- Improved CI and release reliability across Rust CI, exact PR-head checkout, Windows Bazel sharding, unsigned macOS artifacts, and signed macOS promotion. ([#21604](https://github.com/openai/codex/pull/21604), [#21628](https://github.com/openai/codex/pull/21628), [#21835](https://github.com/openai/codex/pull/21835), [#22408](https://github.com/openai/codex/pull/22408), [#22559](https://github.com/openai/codex/pull/22559), [#22649](https://github.com/openai/codex/pull/22649), [#22737](https://github.com/openai/codex/pull/22737), [#22788](https://github.com/openai/codex/pull/22788), [#22900](https://github.com/openai/codex/pull/22900))\n\n- Split large TUI ChatWidget, history, and composer code into focused modules without intended behavior changes. ([#21866](https://github.com/openai/codex/pull/21866), [#22269](https://github.com/openai/codex/pull/22269), [#22407](https://github.com/openai/codex/pull/22407), [#22433](https://github.com/openai/codex/pull/22433), [#22518](https://github.com/openai/codex/pull/22518), [#22537](https://github.com/openai/codex/pull/22537), [#22704](https://github.com/openai/codex/pull/22704), [#22581](https://github.com/openai/codex/pull/22581), [#22656](https://github.com/openai/codex/pull/22656))\n\n- Continued extracting extension and tool internals, including shared tool contracts plus guardian and memory extension plumbing. ([#21736](https://github.com/openai/codex/pull/21736), [#21737](https://github.com/openai/codex/pull/21737), [#21738](https://github.com/openai/codex/pull/21738), [#22138](https://github.com/openai/codex/pull/22138), [#22147](https://github.com/openai/codex/pull/22147), [#22216](https://github.com/openai/codex/pull/22216), [#22258](https://github.com/openai/codex/pull/22258), [#22344](https://github.com/openai/codex/pull/22344), [#22476](https://github.com/openai/codex/pull/22476), [#22480](https://github.com/openai/codex/pull/22480), [#22485](https://github.com/openai/codex/pull/22485), [#22498](https://github.com/openai/codex/pull/22498))\n\n- Removed obsolete tool paths, feature flags, config gates, and legacy hooks as defaults stabilized. ([#21651](https://github.com/openai/codex/pull/21651), [#21805](https://github.com/openai/codex/pull/21805), [#22173](https://github.com/openai/codex/pull/22173), [#22246](https://github.com/openai/codex/pull/22246), [#22565](https://github.com/openai/codex/pull/22565), [#22711](https://github.com/openai/codex/pull/22711), [#22717](https://github.com/openai/codex/pull/22717), [#22724](https://github.com/openai/codex/pull/22724), [#22730](https://github.com/openai/codex/pull/22730))\n\n## Changelog\n\nFull Changelog: [rust-v0.130.0...rust-v0.131.0](https://github.com/openai/codex/compare/rust-v0.130.0...rust-v0.131.0)\n\n- [#21550](https://github.com/openai/codex/pull/21550) [codex] make shutdown pending-touch test deterministic [@jif-oai](https://github.com/jif-oai)\n\n- [#21697](https://github.com/openai/codex/pull/21697) Allow string service tiers in config TOML [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21687](https://github.com/openai/codex/pull/21687) [codex] Enable apply_patch freeform by default [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#19896](https://github.com/openai/codex/pull/19896) Update models.json @github-actions\n\n- [#21669](https://github.com/openai/codex/pull/21669) Display blended token count in status line [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21677](https://github.com/openai/codex/pull/21677) Show permissions and approval mode in the TUI status line [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21757](https://github.com/openai/codex/pull/21757) api: send hyphenated session and thread headers [@jif-oai](https://github.com/jif-oai)\n\n- [#21763](https://github.com/openai/codex/pull/21763) nit: comment [@jif-oai](https://github.com/jif-oai)\n\n- [#21749](https://github.com/openai/codex/pull/21749) codex-otel: validate provider span attributes consistently [@bbrown-oai](https://github.com/bbrown-oai)\n\n- [#21767](https://github.com/openai/codex/pull/21767) chore: thread tui [@jif-oai](https://github.com/jif-oai)\n\n- [#21443](https://github.com/openai/codex/pull/21443) [sandboxing] Remove Darwin user cache write from Seatbelt network policy [@evawong-oai](https://github.com/evawong-oai)\n\n- [#21604](https://github.com/openai/codex/pull/21604) Fix `rust-ci-full` failures due to missing `bwrap` [@zanie-oai](https://github.com/zanie-oai)\n\n- [#21628](https://github.com/openai/codex/pull/21628) Use `CARGO_NET_GIT_FETCH_WITH_CLI` in `rust-ci-full` for more reliable git fetches [@zanie-oai](https://github.com/zanie-oai)\n\n- [#21745](https://github.com/openai/codex/pull/21745) [codex] Generalize service tier slash commands [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21772](https://github.com/openai/codex/pull/21772) Clarify docs folder guidance in AGENTS.md [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21622](https://github.com/openai/codex/pull/21622) [codex] Address some more GHA hygiene issues [@ww-oai](https://github.com/ww-oai)\n\n- [#21662](https://github.com/openai/codex/pull/21662) feat: Use installation ID in remote enrollments [@ddr-oai](https://github.com/ddr-oai)\n\n- [#20667](https://github.com/openai/codex/pull/20667) Load configured environments from CODEX_HOME [@starr-openai](https://github.com/starr-openai)\n\n- [#21776](https://github.com/openai/codex/pull/21776) Update models.json @github-actions\n\n- [#21787](https://github.com/openai/codex/pull/21787) Support resource binaries in Python runtime staging [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21784](https://github.com/openai/codex/pull/21784) Publish Python runtime wheels on release [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21601](https://github.com/openai/codex/pull/21601) Emit accepted line fingerprint analytics [@alexsong-oai](https://github.com/alexsong-oai)\n\n- [#21465](https://github.com/openai/codex/pull/21465) Remove ToolName display helper [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#20619](https://github.com/openai/codex/pull/20619) [codex] request desktop attestation from app [@jiamingz42](https://github.com/jiamingz42)\n\n- [#21810](https://github.com/openai/codex/pull/21810) Revert \"Publish Python runtime wheels on release\" [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21651](https://github.com/openai/codex/pull/21651) [codex] Delete function-style apply_patch [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#21805](https://github.com/openai/codex/pull/21805) [codex] Remove legacy after tool use hooks [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#21616](https://github.com/openai/codex/pull/21616) Enable `--deny-warnings` for `cargo shear` [@charliemarsh-oai](https://github.com/charliemarsh-oai)\n\n- [#21497](https://github.com/openai/codex/pull/21497) Using cached connector directory for discoverable tools list [@mzeng-openai](https://github.com/mzeng-openai)\n\n- [#21835](https://github.com/openai/codex/pull/21835) ci: check out PR head commits in workflows [@bolinfest](https://github.com/bolinfest)\n\n- [#21794](https://github.com/openai/codex/pull/21794) Make environment provider snapshots path-free [@starr-openai](https://github.com/starr-openai)\n\n- [#21831](https://github.com/openai/codex/pull/21831) app-server: support daemon-safe restart handling [@euroelessar](https://github.com/euroelessar)\n\n- [#20293](https://github.com/openai/codex/pull/20293) Support openai library tool [@lt-oai](https://github.com/lt-oai)\n\n- [#21323](https://github.com/openai/codex/pull/21323) [codex] support executor registry remote environments [@miz-openai](https://github.com/miz-openai)\n\n- [#21825](https://github.com/openai/codex/pull/21825) Increase exec-server environment transport timeouts [@starr-openai](https://github.com/starr-openai)\n\n- [#20718](https://github.com/openai/codex/pull/20718) [daemon] Add app-server daemon lifecycle management [@euroelessar](https://github.com/euroelessar)\n\n- [#21840](https://github.com/openai/codex/pull/21840) feat: add Bedrock Mantle client agent header [@celia-oai](https://github.com/celia-oai)\n\n- [#21847](https://github.com/openai/codex/pull/21847) sqlite: no more destructive version bumps [@owenlin0](https://github.com/owenlin0)\n\n- [#21652](https://github.com/openai/codex/pull/21652) Reapply \"Move skills watcher to app-server\" [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#21290](https://github.com/openai/codex/pull/21290) Move file watcher out of core [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#21867](https://github.com/openai/codex/pull/21867) feat: Add role-aware plugin share context APIs [@xl-openai](https://github.com/xl-openai)\n\n- [#21875](https://github.com/openai/codex/pull/21875) [codex] compact network context rendering [@sayan-oai](https://github.com/sayan-oai)\n\n- [#21778](https://github.com/openai/codex/pull/21778) Route Python SDK turn notifications by ID [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21906](https://github.com/openai/codex/pull/21906) [codex] Lowercase TUI service tier commands [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21819](https://github.com/openai/codex/pull/21819) tests: cover sandbox link write behavior [@bolinfest](https://github.com/bolinfest)\n\n- [#21760](https://github.com/openai/codex/pull/21760) fix(tui): preserve wrapped prose beside URLs [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#21950](https://github.com/openai/codex/pull/21950) fix(tui): improve light-mode selection contrast [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#21755](https://github.com/openai/codex/pull/21755) Improve hooks trust flow in TUI [@abhinav-oai](https://github.com/abhinav-oai)\n\n- [#21870](https://github.com/openai/codex/pull/21870) Avoid blocking TUI on agent metadata hydration [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21866](https://github.com/openai/codex/pull/21866) Split ChatWidget state into focused modules [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21991](https://github.com/openai/codex/pull/21991) Persist 'priority' service tier as fast in config [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21943](https://github.com/openai/codex/pull/21943) fix(tui): preserve Shift+Enter in tmux csi-u panes [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#21759](https://github.com/openai/codex/pull/21759) fix(tui): suppress taskkill output for MCP teardown on Windows [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#22039](https://github.com/openai/codex/pull/22039) Deduplicate issue digest interactions by user [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22052](https://github.com/openai/codex/pull/22052) feat(tui): render responsive Markdown tables in TUI [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#20825](https://github.com/openai/codex/pull/20825) Read cached metadata for installed Git plugins [@xli-oai](https://github.com/xli-oai)\n\n- [#21736](https://github.com/openai/codex/pull/21736) extension: add initial typed extension API [@jif-oai](https://github.com/jif-oai)\n\n- [#21737](https://github.com/openai/codex/pull/21737) extension: wire extension registries into sessions [@jif-oai](https://github.com/jif-oai)\n\n- [#21738](https://github.com/openai/codex/pull/21738) extension: move git attribution into an extension [@jif-oai](https://github.com/jif-oai)\n\n- [#22138](https://github.com/openai/codex/pull/22138) refactor: extract executable tool contracts into codex-tool-api [@jif-oai](https://github.com/jif-oai)\n\n- [#22140](https://github.com/openai/codex/pull/22140) feat: drop `CodexExtension` [@jif-oai](https://github.com/jif-oai)\n\n- [#22143](https://github.com/openai/codex/pull/22143) [codex] default unknown contributed tools to mutating [@jif-oai](https://github.com/jif-oai)\n\n- [#22147](https://github.com/openai/codex/pull/22147) feat: wire extension tool bundles into core [@jif-oai](https://github.com/jif-oai)\n\n- [#22163](https://github.com/openai/codex/pull/22163) feat: move extensions tool [@jif-oai](https://github.com/jif-oai)\n\n- [#22113](https://github.com/openai/codex/pull/22113) Add x-codex-ws-stream-request-start-ms [@andmis](https://github.com/andmis)\n\n- [#21860](https://github.com/openai/codex/pull/21860) Persist /goal commands in history [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22141](https://github.com/openai/codex/pull/22141) [codex] Harden overflow auto-compaction recovery [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#22170](https://github.com/openai/codex/pull/22170) Revert \"[codex] Harden overflow auto-compaction recovery\" [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#22106](https://github.com/openai/codex/pull/22106) Fix side conversation config inheritance [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22045](https://github.com/openai/codex/pull/22045) Improve goal continuation based on feedback [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21981](https://github.com/openai/codex/pull/21981) Use goal preview metadata for goal-first threads [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21843](https://github.com/openai/codex/pull/21843) app-server: remove TCP websocket listener [@euroelessar](https://github.com/euroelessar)\n\n- [#22173](https://github.com/openai/codex/pull/22173) chore: drop built-in MCPs [@jif-oai](https://github.com/jif-oai)\n\n- [#21954](https://github.com/openai/codex/pull/21954) Fix goal update and add `/goal edit` command in TUI [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22110](https://github.com/openai/codex/pull/22110) Make auto-review denial short-circuit use a rolling review window [@won-openai](https://github.com/won-openai)\n\n- [#21431](https://github.com/openai/codex/pull/21431) [codex-analytics] add turn tool counts to turn events [@rhan-oai](https://github.com/rhan-oai)\n\n- [#22154](https://github.com/openai/codex/pull/22154) Add process-scoped SQLite telemetry [@jif-oai](https://github.com/jif-oai)\n\n- [#19068](https://github.com/openai/codex/pull/19068) Unified mentions in TUI [@canvrno-oai](https://github.com/canvrno-oai)\n\n- [#20305](https://github.com/openai/codex/pull/20305) fix(exec-policy) use is_known_safe_command less [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22058](https://github.com/openai/codex/pull/22058) fix(exec-server): suppress Windows taskkill output [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#22178](https://github.com/openai/codex/pull/22178) fix(app-server): thread history redaction for remote clients [@owenlin0](https://github.com/owenlin0)\n\n- [#15977](https://github.com/openai/codex/pull/15977) fix(permissions): preserve managed deny-read during escalation [@viyatb-oai](https://github.com/viyatb-oai)\n\n- [#21061](https://github.com/openai/codex/pull/21061) feat(connectors): support managed app tool approval requirements [@viyatb-oai](https://github.com/viyatb-oai)\n\n- [#22188](https://github.com/openai/codex/pull/22188) [elicitation] Advertise new url elicitation capability when auth_elicitation is enabled. [@mzeng-openai](https://github.com/mzeng-openai)\n\n- [#22192](https://github.com/openai/codex/pull/22192) config: accept `minus` in TUI keymap config [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#21853](https://github.com/openai/codex/pull/21853) daemon: refresh updater after validated binary rollout [@euroelessar](https://github.com/euroelessar)\n\n- [#21747](https://github.com/openai/codex/pull/21747) [login] revoke superseded auth tokens on relogin [@cooper-oai](https://github.com/cooper-oai)\n\n- [#20147](https://github.com/openai/codex/pull/20147) feat: add network proxy feature flag [@viyatb-oai](https://github.com/viyatb-oai)\n\n- [#21891](https://github.com/openai/codex/pull/21891) [1/8] Pin Python SDK runtime dependency [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21893](https://github.com/openai/codex/pull/21893) [2/8] Generate Python SDK types from pinned runtime [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21895](https://github.com/openai/codex/pull/21895) [3/8] Run Python SDK tests in CI [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21896](https://github.com/openai/codex/pull/21896) [4/8] Define Python SDK public API surface [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21905](https://github.com/openai/codex/pull/21905) [5/8] Rename Python SDK package to openai-codex [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#21910](https://github.com/openai/codex/pull/21910) [6/8] Add high-level Python SDK approval mode [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#22014](https://github.com/openai/codex/pull/22014) [7/8] Add Python SDK app-server integration harness [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#22021](https://github.com/openai/codex/pull/22021) [8/8] Add Python SDK Ruff formatting [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#18748](https://github.com/openai/codex/pull/18748) [codex-analytics] emit terminal review events [@rhan-oai](https://github.com/rhan-oai)\n\n- [#22159](https://github.com/openai/codex/pull/22159) Add Windows hook command overrides [@abhinav-oai](https://github.com/abhinav-oai)\n\n- [#22218](https://github.com/openai/codex/pull/22218) Update codex remote-control to start the daemon [@owenlin0](https://github.com/owenlin0)\n\n- [#22180](https://github.com/openai/codex/pull/22180) Stop uploading accepted line fingerprints [@alexsong-oai](https://github.com/alexsong-oai)\n\n- [#21617](https://github.com/openai/codex/pull/21617) Support multi-environment apply_patch selection [@starr-openai](https://github.com/starr-openai)\n\n- [#22198](https://github.com/openai/codex/pull/22198) Add production startup and TTFT telemetry [@mzeng-openai](https://github.com/mzeng-openai)\n\n- [#21963](https://github.com/openai/codex/pull/21963) [exec-server] serve websocket listener via HTTP upgrade [@euroelessar](https://github.com/euroelessar)\n\n- [#21946](https://github.com/openai/codex/pull/21946) fix(tui): handle hidden app git directives [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#21595](https://github.com/openai/codex/pull/21595) Simplify MCP tool handler plumbing [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22221](https://github.com/openai/codex/pull/22221) feat(skills): default plugin creator to personal share flow [@efrazer-oai](https://github.com/efrazer-oai)\n\n- [#21861](https://github.com/openai/codex/pull/21861) Apply sandbox context to local view_image reads [@starr-openai](https://github.com/starr-openai)\n\n- [#20527](https://github.com/openai/codex/pull/20527) Support PreToolUse updatedInput rewrites [@abhinav-oai](https://github.com/abhinav-oai)\n\n- [#22243](https://github.com/openai/codex/pull/22243) [codex] Filter legacy warning messages during compaction [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22254](https://github.com/openai/codex/pull/22254) [codex] Make handlers own parallel tool support [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#18202](https://github.com/openai/codex/pull/18202) feat(sandbox): add Windows deny-read parity [@viyatb-oai](https://github.com/viyatb-oai)\n\n- [#22265](https://github.com/openai/codex/pull/22265) feat: Normalize remote plugin summary identities. [@xl-openai](https://github.com/xl-openai)\n\n- [#22216](https://github.com/openai/codex/pull/22216) feat: guardian as an extension (contributors part) [@jif-oai](https://github.com/jif-oai)\n\n- [#22311](https://github.com/openai/codex/pull/22311) [rollout-trace] Add x-codex-inference-call-id header to inference calls. [@cassirer-openai](https://github.com/cassirer-openai)\n\n- [#21206](https://github.com/openai/codex/pull/21206) feat(tui): add ambient terminal pets [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#22323](https://github.com/openai/codex/pull/22323) fix: uv lock [@jif-oai](https://github.com/jif-oai)\n\n- [#22207](https://github.com/openai/codex/pull/22207) [codex] Tighten unified exec sandbox setup [@bookholt-oai](https://github.com/bookholt-oai)\n\n- [#22382](https://github.com/openai/codex/pull/22382) tools: remove is_mutating dispatch gating [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22383](https://github.com/openai/codex/pull/22383) chore(config) include_collaboration_mode_instructions [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22377](https://github.com/openai/codex/pull/22377) code-mode: carry nested tool kind through runtime [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22392](https://github.com/openai/codex/pull/22392) test(tui): relax configured pet load timeout [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#22343](https://github.com/openai/codex/pull/22343) feat(exec-server): use protobuf relay frames [@apanasenko-oai](https://github.com/apanasenko-oai)\n\n- [#20509](https://github.com/openai/codex/pull/20509) [codex] Remove workspace owner usage nudge gate [@richardopenai](https://github.com/richardopenai)\n\n- [#22256](https://github.com/openai/codex/pull/22256) Refactor namespaced tool spec registration [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22280](https://github.com/openai/codex/pull/22280) code-mode: Add pending-aware code mode execution [@cconger](https://github.com/cconger)\n\n- [#22266](https://github.com/openai/codex/pull/22266) core: box multi-agent handler futures [@bolinfest](https://github.com/bolinfest)\n\n- [#22398](https://github.com/openai/codex/pull/22398) [codex] Add search term coverage for tool_search [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22236](https://github.com/openai/codex/pull/22236) Unify thread metadata updates above store [@wiltzius-openai](https://github.com/wiltzius-openai)\n\n- [#22269](https://github.com/openai/codex/pull/22269) Refactor chatwidget state into modules [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22381](https://github.com/openai/codex/pull/22381) [codex] Remove tool search bucket limit override [@sayan-oai](https://github.com/sayan-oai)\n\n- [#22386](https://github.com/openai/codex/pull/22386) mark Feature::RemoteControl as removed [@owenlin0](https://github.com/owenlin0)\n\n- [#22240](https://github.com/openai/codex/pull/22240) docs(skills): simplify plugin creator deeplink shape [@efrazer-oai](https://github.com/efrazer-oai)\n\n- [#22397](https://github.com/openai/codex/pull/22397) feat: Expose plugin versions and gate plugin sharing [@xl-openai](https://github.com/xl-openai)\n\n- [#22404](https://github.com/openai/codex/pull/22404) Restore app-server websocket listener with auth guard [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22258](https://github.com/openai/codex/pull/22258) feat: route guardian review model selection through providers [@celia-oai](https://github.com/celia-oai)\n\n- [#22268](https://github.com/openai/codex/pull/22268) hooks: use new session IDs instead of thread IDs for hooks, apply parent's session ID to subagents' hooks [@eternal-openai](https://github.com/eternal-openai)\n\n- [#20319](https://github.com/openai/codex/pull/20319) Add allow_managed_hooks_only hook requirement [@eternal-openai](https://github.com/eternal-openai)\n\n- [#22413](https://github.com/openai/codex/pull/22413) Remove CODEX_RS_SSE_FIXTURE test hook [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22406](https://github.com/openai/codex/pull/22406) tools: infer code-mode namespace descriptions from specs [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22261](https://github.com/openai/codex/pull/22261) Encapsulate tool search entries in handlers [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22425](https://github.com/openai/codex/pull/22425) feat: Split shared workspace plugins by discoverability [@xl-openai](https://github.com/xl-openai)\n\n- [#22414](https://github.com/openai/codex/pull/22414) Add support for UDS in `codex --remote` [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22407](https://github.com/openai/codex/pull/22407) Refactor chatwidget input flow into modules [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22439](https://github.com/openai/codex/pull/22439) Remove unavailable MCP placeholder tool backfill [@sayan-oai](https://github.com/sayan-oai)\n\n- [#21969](https://github.com/openai/codex/pull/21969) Use root repo hooks in linked worktrees [@abhinav-oai](https://github.com/abhinav-oai)\n\n- [#21768](https://github.com/openai/codex/pull/21768) add --dangerously-bypass-hook-trust CLI flag [@abhinav-oai](https://github.com/abhinav-oai)\n\n- [#22435](https://github.com/openai/codex/pull/22435) feat: Add plugin share checkout [@xl-openai](https://github.com/xl-openai)\n\n- [#22355](https://github.com/openai/codex/pull/22355) chore: Keep view_image sandbox test in temp dir [@jif-oai](https://github.com/jif-oai)\n\n- [#22344](https://github.com/openai/codex/pull/22344) extension-api: add approval review contributor flow [@jif-oai](https://github.com/jif-oai)\n\n- [#22359](https://github.com/openai/codex/pull/22359) feat: extract shared tool executor interface [@jif-oai](https://github.com/jif-oai)\n\n- [#22369](https://github.com/openai/codex/pull/22369) Refactor extension tools onto shared ToolExecutor [@jif-oai](https://github.com/jif-oai)\n\n- [#22338](https://github.com/openai/codex/pull/22338) [app-server] Gate login issuer override constant [@cassirer-openai](https://github.com/cassirer-openai)\n\n- [#22437](https://github.com/openai/codex/pull/22437) [codex] isolate plugin/list from config serialization queue [@xli-oai](https://github.com/xli-oai)\n\n- [#22476](https://github.com/openai/codex/pull/22476) feat: add thread lifecycle contributor hooks [@jif-oai](https://github.com/jif-oai)\n\n- [#22479](https://github.com/openai/codex/pull/22479) nit: codeowners [@jif-oai](https://github.com/jif-oai)\n\n- [#22480](https://github.com/openai/codex/pull/22480) feat: add turn lifecycle contributors [@jif-oai](https://github.com/jif-oai)\n\n- [#22482](https://github.com/openai/codex/pull/22482) fix: emit thread stop lifecycle on implicit shutdown [@jif-oai](https://github.com/jif-oai)\n\n- [#22485](https://github.com/openai/codex/pull/22485) feat: add token usage contributor hook [@jif-oai](https://github.com/jif-oai)\n\n- [#22443](https://github.com/openai/codex/pull/22443) Scope macOS signing secrets to release environment [@shijie-oai](https://github.com/shijie-oai)\n\n- [#22490](https://github.com/openai/codex/pull/22490) feat: move extension scope ids into ExtensionData [@jif-oai](https://github.com/jif-oai)\n\n- [#22491](https://github.com/openai/codex/pull/22491) Make context contributors async [@jif-oai](https://github.com/jif-oai)\n\n- [#22214](https://github.com/openai/codex/pull/22214) feat(tui): remove Zellij TUI workarounds [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#22139](https://github.com/openai/codex/pull/22139) Add service tier overrides to spawned agents [@aibrahim-oai](https://github.com/aibrahim-oai)\n\n- [#22488](https://github.com/openai/codex/pull/22488) feat: add config-change extension contributor [@jif-oai](https://github.com/jif-oai)\n\n- [#22498](https://github.com/openai/codex/pull/22498) feat: memories ext [@jif-oai](https://github.com/jif-oai)\n\n- [#22503](https://github.com/openai/codex/pull/22503) fix: main [@jif-oai](https://github.com/jif-oai)\n\n- [#22347](https://github.com/openai/codex/pull/22347) feat(tui): standardize picker navigation keys [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#22500](https://github.com/openai/codex/pull/22500) refactor: split memories extension crate modules [@jif-oai](https://github.com/jif-oai)\n\n- [#22433](https://github.com/openai/codex/pull/22433) Refactor chatwidget protocol flows into modules (phase 3) [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22505](https://github.com/openai/codex/pull/22505) fix: prevent fmt from updating Python SDK lockfile [@jif-oai](https://github.com/jif-oai)\n\n- [#22326](https://github.com/openai/codex/pull/22326) [rollout-trace] Add a trace ID to MCP calls. [@cassirer-openai](https://github.com/cassirer-openai)\n\n- [#20559](https://github.com/openai/codex/pull/20559) config: add strict config parsing [@bolinfest](https://github.com/bolinfest)\n\n- [#22489](https://github.com/openai/codex/pull/22489) Introduce tool exposure for deferred registration [@jif-oai](https://github.com/jif-oai)\n\n- [#22193](https://github.com/openai/codex/pull/22193) fix: drop underscored id headers [@jif-oai](https://github.com/jif-oai)\n\n- [#22246](https://github.com/openai/codex/pull/22246) [codex] Remove unused legacy shell tools [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22520](https://github.com/openai/codex/pull/22520) revert: mark Feature::RemoteControl as removed [@owenlin0](https://github.com/owenlin0)\n\n- [#22513](https://github.com/openai/codex/pull/22513) Revert \"Scope macOS signing secrets to release environment\" [@shijie-oai](https://github.com/shijie-oai)\n\n- [#22514](https://github.com/openai/codex/pull/22514) feat: expose multi-agent v2 as model-only tools [@jif-oai](https://github.com/jif-oai)\n\n- [#22366](https://github.com/openai/codex/pull/22366) Pass Codex product SKU to ChatGPT backend [@ericning-o](https://github.com/ericning-o)\n\n- [#22519](https://github.com/openai/codex/pull/22519) Deprecate TurnContext cwd and resolve_path [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22518](https://github.com/openai/codex/pull/22518) Refactor chatwidget settings surfaces into modules (phase 4) [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21479](https://github.com/openai/codex/pull/21479) [codex] Scope Windows sandbox write-root capability SIDs [@adrianbravo-oai](https://github.com/adrianbravo-oai)\n\n- [#22353](https://github.com/openai/codex/pull/22353) windows-sandbox: fail elevated setup when firewall policy is ineffective [@iceweasel-oai](https://github.com/iceweasel-oai)\n\n- [#22527](https://github.com/openai/codex/pull/22527) [codex] Reuse Apps MCP path override for plugin-service rollout [@adaley-openai](https://github.com/adaley-openai)\n\n- [#22412](https://github.com/openai/codex/pull/22412) chore(config) rm Feature::CodexGitCommit [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22501](https://github.com/openai/codex/pull/22501) chore(config) rm tools.view_image [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22533](https://github.com/openai/codex/pull/22533) fix: prevent codex-backend from stealing originator [@owenlin0](https://github.com/owenlin0)\n\n- [#22408](https://github.com/openai/codex/pull/22408) Shard Bazel Windows tests across jobs [@starr-openai](https://github.com/starr-openai)\n\n- [#22542](https://github.com/openai/codex/pull/22542) Use selected environment cwd for filesystem helpers [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#20237](https://github.com/openai/codex/pull/20237) Add callback ids to local MCP OAuth redirects [@stevenlee-oai](https://github.com/stevenlee-oai)\n\n- [#22549](https://github.com/openai/codex/pull/22549) Enable plugin hooks by default [@abhinav-oai](https://github.com/abhinav-oai)\n\n- [#22375](https://github.com/openai/codex/pull/22375) Use plugin/list to get list of plugins for mentions [@canvrno-oai](https://github.com/canvrno-oai)\n\n- [#21235](https://github.com/openai/codex/pull/21235) [codex] Fix TUI wrapping for external borrowed slices [@canvrno-oai](https://github.com/canvrno-oai)\n\n- [#22336](https://github.com/openai/codex/pull/22336) feat(cli): add codex doctor diagnostics [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#22543](https://github.com/openai/codex/pull/22543) clean up instructions [@sayan-oai](https://github.com/sayan-oai)\n\n- [#21400](https://github.com/openai/codex/pull/21400) Avoid PowerShell profiles in elevated Windows sandbox [@iceweasel-oai](https://github.com/iceweasel-oai)\n\n- [#22528](https://github.com/openai/codex/pull/22528) Make multi_agent_v2 wait_agent timeouts configurable [@andmis](https://github.com/andmis)\n\n- [#22529](https://github.com/openai/codex/pull/22529) Spill oversized PreToolUse additionalContext [@abhinav-oai](https://github.com/abhinav-oai)\n\n- [#22556](https://github.com/openai/codex/pull/22556) feat: namespace in ext [@jif-oai](https://github.com/jif-oai)\n\n- [#22535](https://github.com/openai/codex/pull/22535) Remove resurrected `/collab` slash command [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22537](https://github.com/openai/codex/pull/22537) Refactor chatwidget orchestration into modules (phase 5) [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22564](https://github.com/openai/codex/pull/22564) [codex] Canonicalize shared workspace plugin IDs [@xl-openai](https://github.com/xl-openai)\n\n- [#22559](https://github.com/openai/codex/pull/22559) Add unsigned macOS release artifacts [@shijie-oai](https://github.com/shijie-oai)\n\n- [#22574](https://github.com/openai/codex/pull/22574) Deprecate issue labeler [@maxb-openai](https://github.com/maxb-openai)\n\n- [#22555](https://github.com/openai/codex/pull/22555) Remove connector_openai prefix filtering [@ericning-o](https://github.com/ericning-o)\n\n- [#22580](https://github.com/openai/codex/pull/22580) fix: Block appserver startup if state db can't be opened [@ddr-oai](https://github.com/ddr-oai)\n\n- [#22565](https://github.com/openai/codex/pull/22565) chore(config) rm experimental_use_freeform_apply_patch [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22562](https://github.com/openai/codex/pull/22562) Improve remote-control daemon UX [@owenlin0](https://github.com/owenlin0)\n\n- [#22578](https://github.com/openai/codex/pull/22578) enable/disable remote control at runtime, not via features [@owenlin0](https://github.com/owenlin0)\n\n- [#22573](https://github.com/openai/codex/pull/22573) Simplify TUI startup test coverage [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22594](https://github.com/openai/codex/pull/22594) Relax remote plugin sync gate [@xli-oai](https://github.com/xli-oai)\n\n- [#22587](https://github.com/openai/codex/pull/22587) Defer startup NUX impressions until startup succeeds [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22560](https://github.com/openai/codex/pull/22560) feat: make ToolExecutor an async trait [@jif-oai](https://github.com/jif-oai)\n\n- [#22494](https://github.com/openai/codex/pull/22494) Wire turn item contributors into stream output [@jif-oai](https://github.com/jif-oai)\n\n- [#17141](https://github.com/openai/codex/pull/17141) feat: add layered --profile-v2 config files [@jif-oai](https://github.com/jif-oai)\n\n- [#22643](https://github.com/openai/codex/pull/22643) [codex] treat PowerShell stop-parsing forms as unsupported [@bookholt-oai](https://github.com/bookholt-oai)\n\n- [#22646](https://github.com/openai/codex/pull/22646) Fix abort-path turn extension data plumbing [@jif-oai](https://github.com/jif-oai)\n\n- [#22624](https://github.com/openai/codex/pull/22624) permissions: canonicalize workspace_roots and danger-full-access names [@bolinfest](https://github.com/bolinfest)\n\n- [#22649](https://github.com/openai/codex/pull/22649) Chore: better published unsigned artifacts [@shijie-oai](https://github.com/shijie-oai)\n\n- [#22581](https://github.com/openai/codex/pull/22581) tui: split composer attachment and popup state [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21396](https://github.com/openai/codex/pull/21396) [codex] add plugin marketplace CLI commands [@caseychow-oai](https://github.com/caseychow-oai)\n\n- [#22576](https://github.com/openai/codex/pull/22576) tests: avoid ambient temp sandbox roots [@starr-openai](https://github.com/starr-openai)\n\n- [#22652](https://github.com/openai/codex/pull/22652) [codex] Ignore fsmonitor config in Git metadata reads [@bookholt-oai](https://github.com/bookholt-oai)\n\n- [#22229](https://github.com/openai/codex/pull/22229) fix(tui): render network approval history by target [@fcoury-oai](https://github.com/fcoury-oai)\n\n- [#22547](https://github.com/openai/codex/pull/22547) Prefer the model list fetched from the backend for SIWC users [@jeevnayak](https://github.com/jeevnayak)\n\n- [#22666](https://github.com/openai/codex/pull/22666) [codex] fix plugin CLI active user layer compile [@caseychow-oai](https://github.com/caseychow-oai)\n\n- [#22575](https://github.com/openai/codex/pull/22575) Support explicit MCP OAuth client IDs [@mzeng-openai](https://github.com/mzeng-openai)\n\n- [#22512](https://github.com/openai/codex/pull/22512) test: isolate exec review policy config test [@bolinfest](https://github.com/bolinfest)\n\n- [#22572](https://github.com/openai/codex/pull/22572) Fix remote environment test fixtures [@starr-openai](https://github.com/starr-openai)\n\n- [#22563](https://github.com/openai/codex/pull/22563) tests: isolate codex home for live cli [@starr-openai](https://github.com/starr-openai)\n\n- [#18161](https://github.com/openai/codex/pull/18161) [codex] Support multiple forced ChatGPT workspaces [@rreichel3-oai](https://github.com/rreichel3-oai)\n\n- [#22702](https://github.com/openai/codex/pull/22702) make rust-release-prepare use env secret [@sayan-oai](https://github.com/sayan-oai)\n\n- [#22703](https://github.com/openai/codex/pull/22703) Unqueue plugin list and read requests [@xli-oai](https://github.com/xli-oai)\n\n- [#22687](https://github.com/openai/codex/pull/22687) Fix Windows sandbox clippy clones [@starr-openai](https://github.com/starr-openai)\n\n- [#22711](https://github.com/openai/codex/pull/22711) chore(features) rm Feature::ApplyPatchFreeform [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22717](https://github.com/openai/codex/pull/22717) chore(config) rm windows_wsl_setup_acknowledged [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22695](https://github.com/openai/codex/pull/22695) Trim TUI legacy core helper usage [@etraut-openai](https://github.com/etraut-openai)\n\n- [#21624](https://github.com/openai/codex/pull/21624) Fix /review mode MCP startup render issue [@canvrno-oai](https://github.com/canvrno-oai)\n\n- [#22684](https://github.com/openai/codex/pull/22684) Remove SSE fixture loaders [@pakrym-oai](https://github.com/pakrym-oai)\n\n- [#22730](https://github.com/openai/codex/pull/22730) [codex] Group removed feature flags [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22724](https://github.com/openai/codex/pull/22724) [codex] Remove experimental instructions file config [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22237](https://github.com/openai/codex/pull/22237) Add `user_input_requested_during_turn` to MCP turn metadata [@mchen-oai](https://github.com/mchen-oai)\n\n- [#22737](https://github.com/openai/codex/pull/22737) ci: support signed macOS release promotion [@bolinfest](https://github.com/bolinfest)\n\n- [#22303](https://github.com/openai/codex/pull/22303) Stabilize compact rollback follow-up test [@dylan-hurd-oai](https://github.com/dylan-hurd-oai)\n\n- [#22683](https://github.com/openai/codex/pull/22683) permissions: resolve profile identity with constraints [@bolinfest](https://github.com/bolinfest)\n\n- [#22734](https://github.com/openai/codex/pull/22734) tui: recover local state db startup failures [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22584](https://github.com/openai/codex/pull/22584) [codex] Add opaque desktop config namespace [@guinness-oai](https://github.com/guinness-oai)\n\n- [#22710](https://github.com/openai/codex/pull/22710) Prevent Esc from dismissing or rewinding `/side` [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22704](https://github.com/openai/codex/pull/22704) TUI: split history cells into focused modules [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22611](https://github.com/openai/codex/pull/22611) app-server: use permission ids and runtime workspace roots [@bolinfest](https://github.com/bolinfest)\n\n- [#22612](https://github.com/openai/codex/pull/22612) tui/exec: show effective workspace roots in summaries [@bolinfest](https://github.com/bolinfest)\n\n- [#22788](https://github.com/openai/codex/pull/22788) Fix signed macOS release promotion follow-up jobs [@shijie-oai](https://github.com/shijie-oai)\n\n- [#22647](https://github.com/openai/codex/pull/22647) Reject legacy [profiles] when using profile-v2 [@jif-oai](https://github.com/jif-oai)\n\n- [#22809](https://github.com/openai/codex/pull/22809) [codex] Use compaction_trigger item for remote compaction v2 [@jif-oai](https://github.com/jif-oai)\n\n- [#22636](https://github.com/openai/codex/pull/22636) Simplify tool executor and registry plumbing [@jif-oai](https://github.com/jif-oai)\n\n- [#22820](https://github.com/openai/codex/pull/22820) Remove zombie tools spec module [@jif-oai](https://github.com/jif-oai)\n\n- [#22828](https://github.com/openai/codex/pull/22828) Run compact hooks for remote compaction v2 [@jif-oai](https://github.com/jif-oai)\n\n- [#22841](https://github.com/openai/codex/pull/22841) Move memory prompt injection to app-server extension [@jif-oai](https://github.com/jif-oai)\n\n- [#22789](https://github.com/openai/codex/pull/22789) guardian: use permission profile for review sandbox [@bolinfest](https://github.com/bolinfest)\n\n- [#22656](https://github.com/openai/codex/pull/22656) tui: split remaining composer draft and footer state [@etraut-openai](https://github.com/etraut-openai)\n\n- [#22843](https://github.com/openai/codex/pull/22843) Ignore configured hooks in git helpers [@bookholt-oai](https://github.com/bookholt-oai)\n\n- [#22790](https://github.com/openai/codex/pull/22790) context: remove legacy permissions instructions helper [@bolinfest](https://github.com/bolinfest)\n\n- [#22791](https://github.com/openai/codex/pull/22791) telemetry: tag sandboxes from permission profiles [@bolinfest](https://github.com/bolinfest)\n\n- [#22872](https://github.com/openai/codex/pull/22872) Forward apps MCP product SKU from Codex config [@kumquatexpress](https://github.com/kumquatexpress)\n\n- [#22582](https://github.com/openai/codex/pull/22582) Workflow updates [@viyatb-oai](https://github.com/viyatb-oai)\n\n- [#22792](https://github.com/openai/codex/pull/22792) app-server: stop returning thread permission profiles [@bolinfest](https://github.com/bolinfest)\n\n- [#22795](https://github.com/openai/codex/pull/22795) core: construct test permission profiles directly [@bolinfest](https://github.com/bolinfest)\n\n- [#22900](https://github.com/openai/codex/pull/22900) Disable DMG staging for signed macOS promotion [@shijie-oai](https://github.com/shijie-oai)\n\n- [#22877](https://github.com/openai/codex/pull/22877) feat(app-server): update remote control APIs for better UX [@owenlin0](https://github.com/owenlin0)\n\n- [#22899](https://github.com/openai/codex/pull/22899) [codex] Soften SQLite metadata sync failures [@wiltzius-openai](https://github.com/wiltzius-openai)","publishedAt":"2026-05-18T00:00:00.000Z","url":"https://developers.openai.com/codex/changelog/#github-release-324452638","media":[],"prerelease":false,"source":{"slug":"openai-codex-changelog","name":"Codex Changelog","type":"feed"},"org":{"slug":"openai","name":"OpenAI"},"product":{"slug":"codex","name":"Codex"},"coverageCount":0},{"id":"rel_m7_HrSYcYEtZl4brNB9p9","version":null,"type":"feature","title":"May 17, 2026","summary":"**Collapsible Session Folders**\n\nSessions in the left sidebar can now be organized into collapsible folders. Click the chevron to expand or collapse a...","titleGenerated":null,"titleShort":null,"content":"**Collapsible Session Folders**\n\nSessions in the left sidebar can now be organized into collapsible folders. Click the chevron to expand or collapse a folder, and your preference is persisted per organization.\n\n**Archive All Sessions**\n\nA new \"Archive all\" option in the sidebar menu lets you archive all sessions or asks at once, with a confirmation dialog and undo support. Child sessions skip the confirmation step for faster cleanup.\n\n**Sub-Devin Session Filter**\n\nThe sessions page now includes a \"Sub-Devin\" filter that lets you view child sessions independently, with support for combined parent and child filtering.\n\n**Default Member Roles**\n\nEnterprise admins can now configure default roles that are automatically assigned to new organization members on join, with badge display in the members list and safeguards against accidental deletion of roles in use.\n\n**GHES App Registration Restriction**\n\nGitHub Enterprise Server app registration is now restricted to one app per account and host combination, preventing duplicate registrations with a clear error message when a conflict is detected.\n\n**Copyable Organization ID**\n\nYour Organization ID is now displayed with a one-click copy button on both the Settings → General and Settings → Devin API pages, making it easy to share with support or use in API calls.\n\n**Admin-Enforced Settings Lock Icon**\n\nSettings that have been locked by an admin now display a lock icon with an explanatory tooltip, replacing the previous banner-style callout for a cleaner interface.\n\n**MCP OAuth Client Credentials**\n\nWhen installing MCP integrations that don't support Dynamic Client Registration (such as Salesforce), you can now supply your own OAuth client credentials directly in the configuration flow.\n\n**Tavily MCP in Marketplace**\n\nTavily web search is now available in the MCP marketplace, providing AI-optimized real-time web search and content extraction capabilities for your Devin sessions.\n\n**PR Actions & Auto-Review Settings**\n\nThe PR actions menu in Devin Review has been restored with an auto-review toggle and personal settings popover, giving you quick access to review preferences without leaving the review interface.\n\n**Checks Tab Always Visible**\n\nThe Checks tab is now always visible in the embedded PR review experience, and the merge-status popover properly restores the checks UI so you can always see CI status at a glance.\n\n**Improved @-Mention Search**\n\nThe @-mention search in the chat input now uses fuzzy bag-of-words matching, so queries like \"setup-dev\" will find \"setup-windsurf-dev\". Repositories are also ranked first in the dropdown for faster access.\n\n**Slack Improvements**\n\nThis release includes several Slack integration improvements: channel names now resolve correctly even for channels you haven't joined, mentions display as styled blue pill badges, unmapped channel messaging is clearer, the Watch channel option appears at the top of the trigger submenu, stale channel lists are fixed, and duplicate webapp-to-Slack thread posts are suppressed.\n\n**Slack Security Hardening**\n\nEnterprise channel isolation for Slack thread-attach has been hardened with runtime authorization that validates channels against enterprise channel preferences, preventing cross-organization channel access.\n\n**Video Recording Download**\n\nYou can now download session recording videos directly from the video player controls.\n\n**Miscellaneous Improvements**\n\nThis release also includes: file re-upload fix, archived chip now clickable for non-owners with unarchive permission, network config available for finished sessions, test recording viewer close button visibility fix, settings search improvements, back buttons on MCP marketplace and knowledge detail pages, deep mode callout hidden when disabled, repo name truncation so filter stays visible, mobile agent selection single-tap fix, Devin Review file scroll and merge status fixes, skills link fix, Slack support channel in help popover, and wait tool rendered as standalone worklog event.","publishedAt":"2026-05-17T23:06:48.000Z","url":"https://docs.devin.ai/release-notes/overview#may-17-2026","media":[],"prerelease":false,"source":{"slug":"release-notes","name":"Release Notes","type":"feed"},"org":{"slug":"cognition","name":"Cognition"},"product":{"slug":"devin","name":"Devin"},"coverageCount":0},{"id":"rel_bEs_c7MuPoHThPNxqKol-","version":"v2.1.143","type":"feature","title":"v2.1.143","summary":"Plugin dependency enforcement prevents disabling a plugin when another enabled plugin depends on it, and force-enables transitive dependencies on enable. Background sessions now preserve the model and effort level after waking from idle, and a corrupt `.credentials.json` with a non-array `scopes` value that hung the CLI on startup or silently aborted OAuth token refresh is fixed. Plus dozens of smaller fixes across worktree cleanup, PowerShell execution, agent sessions, and MCP configuration persistence.","titleGenerated":"Claude Code v2.1.143 enforces plugin dependencies and hardens background session state","titleShort":"Plugin dependency enforcement; background sessions preserve model settings","content":"## What's changed\n\n- Added plugin dependency enforcement: `claude plugin disable` now refuses when another enabled plugin depends on the target (with a copy-pasteable disable-chain hint), and `claude plugin enable` force-enables transitive dependencies\n- Added projected context cost (per-turn and per-invocation token estimates) to the `/plugin` marketplace browse pane\n- Added `worktree.bgIsolation: \"none\"` setting to let background sessions edit the working copy directly without `EnterWorktree`, for repos where worktrees are impractical\n- PowerShell tool now passes `-ExecutionPolicy Bypass`. Opt out with `CLAUDE_CODE_POWERSHELL_RESPECT_EXECUTION_POLICY=1`\n- Background sessions now preserve the model and effort level you set after waking from idle\n- Shift+Tab in attached agent sessions now includes auto mode in the cycle\n- Fixed a corrupt `.credentials.json` with a non-array `scopes` value hanging the CLI on startup or silently aborting OAuth token refresh\n- Fixed right-click paste in `claude agents` on Windows Terminal and WSL\n- Fixed stop hooks that block repeatedly looping forever — the turn now ends with a warning after 8 consecutive blocks (override via `CLAUDE_CODE_STOP_HOOK_BLOCK_CAP`)\n- Fixed Esc/Ctrl+C not cancelling a pending `/loop` wakeup while Claude is idle between iterations\n- Fixed `/goal` evaluator firing while background shells or delegated subagents are still running\n- Fixed `NO_COLOR`/`FORCE_COLOR` in settings.json `env` stripping Claude Code's own UI colors — they now apply to subprocesses only\n- Fixed agent view spawning repeated PowerShell processes on Windows when listing sessions\n- Fixed `/bg` without a prompt sending \"continue\" to the forked session — the fork now waits for input\n- Fixed `--agent <name>` not finding plugin-contributed agents without the `plugin:` prefix\n- Fixed deleting a session from agent view not removing its transcript file\n- Fixed stale-fragment rendering when scrolling in attached background sessions on Windows Terminal\n- Fixed background agents false-positive worker-stall detection storm after host sleep or macOS App Nap\n- Fixed 5xx error messages pointing at status.claude.com instead of naming the configured gateway or cloud provider\n- The PowerShell tool is now enabled by default on Windows for Bedrock, Vertex, and Foundry users. Opt out with `CLAUDE_CODE_USE_POWERSHELL_TOOL=0`.\n- `claude agents` now accepts `--add-dir`, `--settings`, `--mcp-config`, and `--plugin-dir` and applies them to the dashboard and to background sessions dispatched from it\n- `claude agents` accepts `--permission-mode`, `--model`, `--effort`, and `--dangerously-skip-permissions` to set defaults for sessions dispatched from the view\n- `claude --bg --dangerously-skip-permissions` now persists across retire→wake\n- Fixed background sessions silently capturing IDE file references into the warm spare's input, which caused the reference to be prepended to the next prompt dispatched from `claude agents`\n- Worktree cleanup no longer falls back to `rm -rf` when `git worktree remove` fails, preventing loss of gitignored or in-progress files\n- Fixed background-job sessions on macOS getting \"Operation not permitted\" errors when reading files under `~/Documents`, `~/Desktop`, or `~/Downloads`, even with Full Disk Access granted.\n- `/bg` now preserves `--mcp-config`, `--settings`, `--add-dir`, `--plugin-dir`, and `--strict-mcp-config`, so backgrounded sessions keep their MCP servers and settings across respawn.\n- Background sessions launched from `claude agents` now honor `permissions.defaultMode` from settings.json (was previously overridden to auto mode)\n- Fixed: on Windows, pressing ← in `claude agents` while a response was streaming could leave the agents list unresponsive to all input\n- `/bg` and `←`-detach now preserve `--fallback-model`, so backgrounded workers degrade to the fallback model on overload instead of hard-failing.\n- `/bg` and `←`-detach now preserve `--allow-dangerously-skip-permissions`, so the forked worker keeps bypass-permissions available in its Shift+Tab cycle.\n- Fixed: background daemon spawn now falls back to the running binary when the `~/.local/bin/claude` launcher is missing or non-executable\n- Fixed `claude agents --allow-dangerously-skip-permissions` defaulting dispatched sessions to bypass mode instead of making it available in the permission cycle\n","publishedAt":"2026-05-15T22:28:22.000Z","url":"https://code.claude.com/docs/en/changelog#2-1-143","media":[],"prerelease":false,"source":{"slug":"claude-code","name":"Claude Code","type":"scrape"},"org":{"slug":"anthropic","name":"Anthropic"},"product":{"slug":"claude-code","name":"Claude Code"},"coverageCount":0},{"id":"rel_d153xRBgrvn1wOzlzgo-A","version":"v2.1.142","type":"feature","title":"v2.1.142","summary":"Fast mode now uses Opus 4.7 by default (previously Opus 4.6), with an environment variable override to pin to Opus 4.6 if needed. Fixed MCP_TOOL_TIMEOUT not raising the per-request fetch timeout for remote HTTP and SSE MCP servers, which capped tool calls at 60 seconds regardless of the configured value. Also fixed background sessions disappearing after macOS sleep/wake, daemon crashes after binary upgrades, and numerous plugin and agent-related issues.","titleGenerated":"Claude Code v2.1.142 upgrades fast mode to Opus 4.7 and fixes MCP tool timeout","titleShort":"Fast mode upgraded to Opus 4.7; MCP tool timeout fixed","content":"## What's changed\n\n- Added new `claude agents` flags: `--add-dir`, `--settings`, `--mcp-config`, `--plugin-dir`, `--permission-mode`, `--model`, `--effort`, and `--dangerously-skip-permissions` to configure dispatched background sessions\n- Fast mode now uses Opus 4.7 by default (previously Opus 4.6). Set `CLAUDE_CODE_OPUS_4_6_FAST_MODE_OVERRIDE=1` to pin fast mode to Opus 4.6\n- Plugins with a root-level `SKILL.md` and no `skills/` subdirectory are now surfaced as a skill\n- The `/plugin` details pane and `claude plugin details` now show LSP servers a plugin provides\n- `/web-setup` warns before replacing an existing GitHub App connection\n- Fixed `MCP_TOOL_TIMEOUT` not raising the per-request fetch timeout for remote HTTP and SSE MCP servers, which capped tool calls at 60 seconds regardless of the configured value\n- Fixed background sessions not recognizing pre-existing git worktrees, blocking Edit while EnterWorktree refused to create a duplicate\n- Fixed background sessions disappearing and daemon reconnect failing after macOS sleep/wake — the daemon now detects clock jumps instead of treating them as elapsed idle time\n- Fixed daemon not exiting cleanly after the binary is upgraded (e.g. `brew upgrade`), causing dispatched agents to crash-loop on the deleted path\n- Fixed background agents crash-looping when the Claude-in-Chrome extension is connected without a shared tab\n- Fixed clicking links in an attached `claude agents` session — the background worker's headless browser shim no longer applies while attached\n- Fixed `claude agents` \"v to open in editor\" using the daemon's default editor instead of your shell's `$EDITOR`/`$VISUAL`\n- Fixed `claude agents` deadlocking on Windows with network-drive working directories; Ctrl+C now works during startup\n- Fixed background-color bleed when attaching to a `claude agents` session from Apple Terminal or other 256-color-only terminals\n- Fixed `claude --bg --dangerously-skip-permissions` not persisting across retire/wake\n- Fixed session titles being derived from the URL when the first message is a link\n- Fixed redundant `set_model` requests from remote clients injecting duplicate `/model` breadcrumbs into the transcript\n- Fixed plugins using `skills: [\"./\"]` showing a false \"path escapes plugin directory\" error\n- Fixed plugin cache cleanup deleting the active plugin version directory when no installation metadata is present\n- Fixed `/plugin` browse pane showing \"0 installs\" for newly published plugins\n- Fixed plugin advisories not naming every `plugin.json` key that shadows a default folder\n- Improved reactive compaction: the first summarize attempt now seeds from the original request's overflow size, avoiding a wasted near-full-context retry\n- Improved hook configuration error: configuring a prompt- or agent-type hook for `SessionStart`/`Setup`/`SubagentStart` now shows a clear \"use a command-type hook instead\" error\n- Removed stale `/model claude-sonnet-4-20250514` suggestion from Usage Policy refusal messages\n","publishedAt":"2026-05-14T22:55:10.000Z","url":"https://code.claude.com/docs/en/changelog#2-1-142","media":[],"prerelease":false,"source":{"slug":"claude-code","name":"Claude Code","type":"scrape"},"org":{"slug":"anthropic","name":"Anthropic"},"product":{"slug":"claude-code","name":"Claude Code"},"coverageCount":0},{"id":"rel_Gk2ovh7v5-9L61hiJ6UZx","version":null,"type":"feature","title":"May 13, 2026","summary":"**Snapshot Build Delete**\n\nYou can now delete snapshot builds directly from the build history menu or detail page, with a confirmation dialog to preve...","titleGenerated":null,"titleShort":null,"content":"**Snapshot Build Delete**\n\nYou can now delete snapshot builds directly from the build history menu or detail page, with a confirmation dialog to prevent accidental removal. This makes it easier to clean up old or failed builds without navigating away from your environment settings.\n\n**MCP Multiline Environment Variables**\n\nWhen configuring MCP server connections in the marketplace, you can now enter multiline values for environment variables — such as PEM private keys, JSON service account credentials, and Snowflake key passphrases — without needing to escape or flatten them first.\n\n**Sub-Devin Sidebar Improvements**\n\nSub-Devin sessions spawned by automations can now be pinned and reordered independently in the sidebar, and they appear expanded by default so you can see their status at a glance without clicking to expand.\n\n**Voice Recording While Devin Is Working**\n\nThe microphone button now appears alongside the stop button while Devin is actively working, allowing you to record and send voice follow-ups without waiting for Devin to finish its current task.\n\n**Settings Redesign**\n\nSettings pages have been redesigned with a hub-style layout, improved search across all settings, and a streamlined navigation structure. An announcement dialog introduces the new experience on first visit, and legacy settings URLs automatically redirect to their new locations.\n\n**Archive Active Session Warning**\n\nWhen you archive a session that is still actively working, a warning dialog now informs you that archiving will put both the session and any child sessions to sleep before proceeding.\n\n**Share Session on Mobile**\n\nA new \"Share session\" action is available in the sidebar session menu on mobile devices, making it easy to share session links directly from your phone.\n\n**Devin Review Mobile Improvements**\n\nOn mobile, tapping \"Ask Devin\" on a comment now opens the chat panel directly, pull-to-refresh is available on the review scroll container, and bug/flag tap targets have been fixed so they open on the first tap and reveal the associated comment.\n\n**V3 API Enhancements**\n\nThe V3 API now supports filtering sessions by repository name via the `repo_names` parameter, filtering by archive status via `is_archived`, specifying `devin_mode` when creating sessions, and setting `folder_id` and `is_enabled` when creating or updating knowledge notes.\n\n**Enterprise Member Invite Acknowledgement**\n\nWhen inviting new members to an enterprise organization from the admin panel, an acknowledgement modal now confirms the invitation details before it is sent.\n\n**Rename Context to Skills & Rules**\n\nThe \"Context\" section in settings has been renamed to \"Skills & Rules\" to better describe its purpose of managing Devin's skill definitions and behavioral rules for your organization.\n\n**Blueprint Migration Improvements**\n\nThe blueprint migration page now displays per-repo session counts, supports filtering by repository, and shows a completed state when all migrations are finished, making it easier to track progress across large organizations.\n\n**Miscellaneous Improvements**\n\nThis release also includes: autofocus on confirmation buttons in archive dialogs, plan artifact button polish, configurable CI status in search results, debounced enterprise snapshot builds, server-side event deduplication to prevent duplicate delivery, pinned sessions remaining visible when automations are hidden in the sidebar, removal of the misleading \"Action required\" label for Python sessions awaiting instructions, schedule list cap raised from 50 to 200, monitor trigger cleanup when adding new Slack triggers, repo setup status fix for Dynamic Repo Setup organizations, \"Approve session\" visibility in the sidebar even after all PRs are merged, inline image deduplication by URL, streaming scroll stability fix, high-resolution home screen icon for Android, beta Vite mode build fix, fast mode loading indicator reset on session switch, and sidebar hover cards on expanded non-active sections.","publishedAt":"2026-05-14T06:09:33.000Z","url":"https://docs.devin.ai/release-notes/overview#may-13-2026","media":[],"prerelease":false,"source":{"slug":"release-notes","name":"Release Notes","type":"feed"},"org":{"slug":"cognition","name":"Cognition"},"product":{"slug":"devin","name":"Devin"},"coverageCount":0},{"id":"rel_MzbAaWLcgqFaUq0NdcU6h","version":"v2.1.141","type":"feature","title":"v2.1.141","summary":"Fixed switching permission mode while a tool-permission prompt is open not auto-dismissing the prompt when the new setting permits the tool, and background jobs no longer stay under Working when they finish—they now move to Completed. Plus dozens of fixes across MCP servers, plugin installation, voice mode, and terminal rendering.","titleGenerated":"Claude Code v2.1.141 fixes permission prompt dismissal and background agent state management","titleShort":"Permission prompts auto-dismiss on mode switch; background agents move to Completed properly","content":"## What's changed\n\n- Added `terminalSequence` field to hook JSON output so hooks can emit desktop notifications, window titles, and bells without a controlling terminal\n- Added `CLAUDE_CODE_PLUGIN_PREFER_HTTPS` to clone GitHub plugin sources over HTTPS instead of SSH, for environments without a GitHub SSH key\n- Added `ANTHROPIC_WORKSPACE_ID` environment variable for workload identity federation — scopes the minted token to a specific workspace when the federation rule covers more than one\n- Added `claude agents --cwd <path>` to scope the session list to a directory\n- `/feedback` can now include recent sessions (last 24 hours or 7 days) for issues spanning more than the current session\n- Rewind menu: added \"Summarize up to here\" to compress earlier context while keeping recent turns intact\n- Auto mode permission dialog now explains when a `permissions.ask` rule caused the prompt\n- Restored the \"view diff in your IDE\" option on file-edit permission prompts when an IDE is connected\n- Background agents launched via `/bg` or `←←` now preserve the current permission mode instead of reverting to default\n- `claude agents`: agents that finish work but leave a background shell running now move to Completed instead of staying under Working\n- Improved spinner feedback during long thinking periods — the spinner now warms to amber after 10 seconds to signal Claude is still working\n- Improved plugin menu navigation: `→`/Tab switch tabs, `↑` moves to the tab strip, and tab headers and search box are clickable in fullscreen mode\n- Fixed background side-queries sending an unavailable Haiku model ID on Bedrock/Vertex/Foundry/gateway when no `ANTHROPIC_SMALL_FAST_MODEL` override is set — now falls back to the main-loop model\n- Fixed `claude daemon status` and `/doctor` on Windows throwing when the daemon pipe key file is locked or unreadable — now shows the underlying error instead of an opaque failure\n- Fixed `claude agents` showing the agent-type list instead of the dashboard when launched through a wrapper that adds flags\n- Fixed `claude agents` opening a crashed session firing redundant dispatches when the working directory was deleted\n- Fixed background jobs on a custom `ANTHROPIC_BASE_URL` gateway not getting auto-named — the namer now uses the main model when no Haiku model is configured\n- Fixed `/model` in one session silently changing the autocompact threshold in other concurrent sessions\n- Fixed switching permission mode while a tool-permission prompt is open not auto-dismissing the prompt when the new setting permits the tool\n- Fixed pressing Enter while a permission/dialog prompt is open also submitting text in the input box\n- Fixed hooks receiving a non-existent `transcript_path` after `EnterWorktree` switches the working directory\n- Fixed markdown tables with cell wrapping falling back to the vertical key-value layout instead of rendering as a bordered grid (regression in 2.1.136)\n- Fixed cancelled prompts being removed from Up-arrow history when auto-restored into the input box, avoiding duplicate entries\n- Fixed prompts cancelled with Ctrl+C/Esc before any response being dropped from Up-arrow history\n- Fixed Ctrl+C not interrupting a running turn while in vim INSERT/VISUAL mode\n- Fixed alternative `chat:submit` keybindings (e.g. `meta+enter`, `ctrl+enter`) not working when `enter` is rebound to `chat:newline`\n- Fixed prompt suggestions being silently disabled when an output style was configured\n- Fixed `spinnerVerbs` setting not being honored in turn-completion messages\n- Fixed AskUserQuestion popup hiding the last line of preceding chat content\n- Fixed Web Search status showing \"Did 0 searches\" when searches returned errors\n- Fixed multi-line statusline output dropping or corrupting rows when any line exceeds terminal width\n- Fixed light-ansi theme using invisible white for diff context lines on light backgrounds — now uses black\n- Fixed error overlay dumping minified bundle source that hid the original error message\n- Fixed pressing Enter after typing a feedback survey rating digit submitting it as a chat message instead of the rating\n- Fixed pressing `x` on a selected subagent in the agent panel typing into the prompt instead of stopping the agent\n- Fixed session title being derived from plugin monitor notifications before the user's first prompt\n- Fixed \"Allowed by PermissionRequest hook\" repeating once per tool call under a collapsed read/search group\n- Fixed `/tui` silently dropping running background shells and subagents — now refuses and asks to wait for them to finish\n- Fixed welcome banner showing \"API Usage Billing\" on Bedrock, Vertex, Foundry, and other third-party providers — now shows the provider name\n- Fixed `/mcp` server list not keeping the focused server visible in short terminals in fullscreen mode\n- Fixed redaction in `/feedback` bundles producing invalid JSON for quoted values like session IDs\n- Fixed desktop and third-party provider sessions incorrectly inheriting `apiKeyHelper`/`ANTHROPIC_AUTH_TOKEN` from host managed-settings\n- Fixed early analytics events being silently dropped when fired before logger initialization\n- Fixed `claude plugin install` failing for plugins whose marketplace `ref` no longer exists upstream when a `sha` is also pinned\n- Fixed plugin details pane showing 0 MCP servers for plugins that declare them via `.mcp.json`\n- Fixed plugin MCP servers with unset config variables showing a generic connection failure instead of a \"config issue\" message with a fix-it hint; malformed `.mcp.json` entries no longer drop other MCP servers\n- Fixed MCP server configs using POSIX shell parameter expansions (e.g. `${var%pattern}`) being incorrectly flagged as missing environment variables\n- Fixed MCP HTTP/SSE servers returning 403 on connect showing as \"failed\" instead of \"needs auth\"\n- Fixed remote MCP servers disconnecting unnecessarily when the optional server-events stream failed to reconnect — tool calls continue over POST\n- Fixed Remote Control MCP connectors all failing with 401 when the worker session token rotated mid-session\n- Fixed Remote Control automatically re-enrolling a trusted device when the server rejects a stale token, instead of looping through `/login`\n- Fixed a race where early OTel spans could be silently dropped in SDK/headless mode with beta tracing enabled\n- Fixed custom `voice:pushToTalk` keybindings and `\"space\": null` unbinds being silently ignored\n- Fixed Windows Alt+V image paste reporting \"no image found\" when the clipboard contains a screenshot\n- Fixed SDK \"Claude Code native binary not found\" on Linux when both glibc and musl platform packages are installed\n- Bedrock: `awsCredentialExport` now always runs when configured instead of being skipped when ambient AWS credentials resolve, fixing auth for cross-account access\n- [VSCode] Fixed in-chat mic showing no feedback when the microphone produced only silence — now shows \"No audio detected\"\n- [VSCode] Voice mode: the WSL error now suggests installing `sox libsox-fmt-pulse` for WSLg users\n- `claude agents`: launching a session no longer fails when the pre-warmed background worker is unhealthy — now falls back to a fresh launch\n- `claude agents` no longer shows empty placeholder sessions left over from backgrounding a fresh REPL, and shows onboarding text when entered via ← with no other agents\n- Empty idle background sessions left over from `←` are now automatically retired by the daemon after 5 minutes\n","publishedAt":"2026-05-13T23:19:16.000Z","url":"https://code.claude.com/docs/en/changelog#2-1-141","media":[],"prerelease":false,"source":{"slug":"claude-code","name":"Claude Code","type":"scrape"},"org":{"slug":"anthropic","name":"Anthropic"},"product":{"slug":"claude-code","name":"Claude Code"},"coverageCount":0},{"id":"rel_T9JQ7UI6usAaYrKnI2Z2B","version":null,"type":"feature","title":"Full-screen Tabs and Compact Chats","summary":"This release introduces quality-of-life improvements to the [Agents Window](https://cursor.com/docs/agent/agents-window).\n\n## Full-screen tabs\n\nFull s...","titleGenerated":null,"titleShort":null,"content":"This release introduces quality-of-life improvements to the [Agents Window](https://cursor.com/docs/agent/agents-window).\n\n## Full-screen tabs\n\nFull screen maximizes the right panel so you can focus on a single tab.\n\nFiles, changes, canvases, PRs, browsers, and terminals can expand to fill the entire working area. This replaces the agent chat with a floating prompt bar.\n\nEnter and exit full screen by clicking on the expand/contract button in the panel header, using the command palette, or pressing \\`Cmd/Ctrl+Shift+M\\`.\n\n## Compact chat responses\n\nCompact chats give you a tighter view of your agent conversations so you can read threads more quickly without losing important context.\n\nCustomize tool call density to control how much of the agent's tool activity is shown in each response:\n\n- Compact: shows concise results with minimal tool traces\n- Balanced: includes important intermediate steps\n- Detailed: provides near-complete step-by-step context\n\nImprovements (8)\n\n- Improved PR tabs by adding clearer review states, better reviewer/thread visibility, and more predictable PR tab actions.\n- Improved long-chat scrolling to make it smoother, added better undo grouping in prompt input, and improved behavior while streaming.\n- Added clearer status text for background/resumed tasks.\n- Added cleaner environment/repo selection and better persistence when switching contexts.\n- Improved MCP auth token lifecycle handling.\n- Removed noisy in-app terminal notifications and improved shortcut behavior.\n- Clarified model naming and selection behavior in the model picker and added stronger fallback handling.\n- Improved search and navigation to make it faster and more reliable in large workspaces.\n\nBug Fixes (9)\n\n- Fixed PR tab bugs affecting branch lookup, header state, and diff loading.\n- Fixed background task reliability issues like resume failures, interrupt edge cases, and incorrect status scoping on resumed subagents.\n- Fixed cloud agents bugs blocking setup, state merge/persistence bugs, and multi-repo identity issues.\n- Fixed MCP/OAuth reliability bugs like transient 401/stale-token cases and large-token handling edge cases.\n- Fixed edge cases around slash menu + approval regressions, ask-question flow issues, and paste-chunk handling.\n- Fixed keyboard shortcuts bugs in modals, vim/emacs caret style leakage, and other key handling.\n- Fixed hook invocation/path-length issues and Git prompt-related regressions.\n- Fixed model-routing mismatches, proxy body normalization, and thought-chunk forwarding issues.\n- Fixed webhook auth/hostname resolution, GHES installation persistence, and mirrored-repo behavior.","publishedAt":"2026-05-13T00:00:00.000Z","url":"https://cursor.com/changelog/3-4","media":[],"prerelease":false,"source":{"slug":"cursor-changelog","name":"Cursor Changelog","type":"feed"},"org":{"slug":"cursor","name":"Cursor"},"product":null,"coverageCount":0},{"id":"rel_Z48HZJ7K3LYD3_8oqBYMj","version":null,"type":"feature","title":"Development environments for cloud agents","summary":"To take engineering tasks from start to finish, agents need a development environment similar to the setup on your laptop: cloned repositories, instal...","titleGenerated":null,"titleShort":null,"content":"To take engineering tasks from start to finish, agents need a development environment similar to the setup on your laptop: cloned repositories, installed dependencies, credentials for internal toolchains, and access to build systems.\n\nThis release introduces new tools for teams to configure development environments for their agents. Cursor also can use these tools to set up and maintain environments for you. Together, this makes it easier for teams to run fleets of parallelized agents that handle tasks from end-to-end, inside development environments you fully control.\n\n## Multi-repo environments\n\nCloud agents and automations now support multi-repo environments, building off our work on [multi-root workspaces](https://cursor.com/changelog/04-24-26#multi-root-workspaces-in-agents-window). You can configure a single environment with all the repositories an agent needs for its work, with re-use across sessions.\n\n## Environment configuration as code\n\nTo make it easier to change, debug, and review environment definitions, we have improved Dockerfile-based configuration.\n\nThis includes support for build secrets, making it easy to securely access private package registries directly from your Dockerfiles. Build secrets are scoped to the build step and aren't passed to the running agent's environment.\n\n![Environment configuration as code](https://ptht05hbb1ssoooe.public.blob.vercel-storage.com/assets/blog/macbook-pro-14-234-1-.png)\n\nWe've also upgraded layer caching, so that only the updated layers of your image rebuild when you change the Dockerfile. Builds that hit the cache run 70% faster.\n\n## Improved agent-led environment setup\n\nAs Cursor configures your environment, it will ask you questions, flag missing credentials, and validate that your environment is set up properly.\n\n![Improved agent setup](https://ptht05hbb1ssoooe.public.blob.vercel-storage.com/assets/blog/improved-agent-setup.png)\n\nCursor will always show you the version of the environment your agent is running in. If your environment configuration fails, it will default to a base image with clear warning signs so that your cloud agents can keep running instead of immediately failing.\n\n## Environment governance and security controls\n\nEvery development environment now has its own version history that users can review and roll back. Admins can also restrict rollback permissions to admins only. An audit log captures every action team members take on environments, giving security teams full visibility into who changed what.\n\nEgress and secrets can now be scoped at the development environment level. Secrets configured for one environment aren't accessible from any other.\n\nLearn more about agent development environments in our [announcement](https://cursor.com/blog/cloud-agent-development-environments) and [docs](https://cursor.com/docs/cloud-agent/setup).","publishedAt":"2026-05-13T00:00:00.000Z","url":"https://cursor.com/changelog/05-13-26","media":[{"type":"image","url":"https://ptht05hbb1ssoooe.public.blob.vercel-storage.com/assets/blog/macbook-pro-14-234-1-.png","alt":"Environment configuration as code"},{"type":"image","url":"https://ptht05hbb1ssoooe.public.blob.vercel-storage.com/assets/blog/improved-agent-setup.png","alt":"Improved agent setup"}],"prerelease":false,"source":{"slug":"cursor-changelog","name":"Cursor Changelog","type":"feed"},"org":{"slug":"cursor","name":"Cursor"},"product":null,"coverageCount":0},{"id":"rel_HrppzJ9-TER4fqgK99msb","version":null,"type":"feature","title":"Codex mobile documentation","summary":"New documentation covers using Codex from the ChatGPT mobile app, including setup steps, connected-host behavior, security requirements, and troubleshooting for common connection issues.","titleGenerated":"Codex adds mobile documentation for ChatGPT app setup and troubleshooting","titleShort":"Mobile documentation for ChatGPT app integration","content":"# Codex mobile documentation\n\nAdded documentation for using Codex from the ChatGPT mobile app, including setup\nsteps, connected-host behavior, security requirements, and troubleshooting for\ncommon connection issues.","publishedAt":"2026-05-13T00:00:00.000Z","url":"https://developers.openai.com/codex/changelog/#codex-2026-05-13-app","media":[],"prerelease":false,"source":{"slug":"openai-codex-changelog","name":"Codex Changelog","type":"feed"},"org":{"slug":"openai","name":"OpenAI"},"product":{"slug":"codex","name":"Codex"},"coverageCount":0}],"pagination":{"nextCursor":"2026-05-13T00:00:00.000Z|2026-05-15T01:00:50.985Z|rel_HrppzJ9-TER4fqgK99msb","limit":20}}