releases.shpreview
OpenAI/Codex Changelog

Codex Changelog

Mon
Wed
Fri
JunJulAugSepOctNovDecJanFebMarAprMay
Less
More
Releases58Avg18/moVersionsv0.115.0 to v5.4
HighlightsAll Releases

Sites plugin launches in preview; build and deploy web apps

# Build and deploy websites with Sites [**Sites**](/codex/sites) is now available in preview in the Codex app. Use the Sites plugin to create, save, deploy, and inspect websites, dashboards, internal tools, web apps, and games hosted by OpenAI. Open **Sites** in the app sidebar to return to your projects and manage hosted environment variables and secrets. ChatGPT Business workspaces include Sites by default. ChatGPT Enterprise admins can enable Sites for the appropriate roles through role-based access control (RBAC).

Face ID lock; Windows SSH support added

# ChatGPT for iOS ### New features - Added an optional Face ID or passcode lock for Codex. - Added a new settings screen for choosing Queue or Steer as the default follow-up behavior and toggling line wrapping for code diffs. - Added support for connecting to Windows machines over SSH. ### Improvements and bug fixes - Added support for `/side ` to start a side conversation with an initial question. - Improved follow-up prompts, the Codex home screen, and viewing changed files. - Fixed issues with reconnecting, archiving threads, loading tasks, and connecting to hosts.

Amazon Bedrock integration ships

# Use Codex with Amazon Bedrock Codex can now use supported OpenAI models available through Amazon Bedrock. Configure [Amazon Bedrock as your model provider](/codex/amazon-bedrock) to run Codex locally with AWS-managed authentication, account controls, and billing.

Command safety hardened; sessions now archivable

v0.136.0

New Features

  • TUI markdown now keeps web links clickable with OSC 8 metadata, and cramped tables switch to readable key/value records without losing link targets. (#24472, #24636, #24825)
  • Sessions can now be archived from the TUI with /archive or from the CLI with codex archive / codex unarchive; archived sessions are protected from resume/fork until restored. (#25027, #25021)
  • App-server integrations can resume a thread with its initial turns page, see richer MCP server status, and launch stdio mode with codex app-server --stdio. (#23534, #24698, #24940)
  • Remote execution setup now supports CODEX_API_KEY registration for approved OpenAI hosts, while remote-control websockets use short-lived server tokens instead of ChatGPT access tokens. (#24666, #24141)
  • Windows admins get an alpha codex sandbox setup --elevated provisioning path, plus requirements support for allowed Windows sandbox implementations. (#24831, #23766)
  • A feature-gated standalone image generation extension can run through the native Codex image artifact completion pipeline. (#24723, #24972)

Bug Fixes

  • ChatGPT auth refreshes tokens before the five-minute expiry window and shows a relogin-required path for reused refresh tokens instead of collapsing into a generic cloud error. (#23546, #24830)
  • Command-safety hardening prevents /diff from running repository-provided Git helpers/hooks, avoids PowerShell parser execution on non-Windows hosts, and rejects browser-origin exec-server websocket handshakes. (#24954, #24946, #24947)
  • Sandboxed commands clean up more reliably after interruptions or denied Windows network attempts, and deny read rules stay enforced for safe-command and approval-bypass paths. (#22729, #19880, #23943)
  • Resumed TUI sessions seed prompt history from the session transcript, multiline hook output renders as separate rows, and Vim normal-mode editing behaves correctly. (#24298, #24965, #25022)
  • App-server filesystem watchers debounce later batches correctly, and standalone web search calls now show and restore completed search activity. (#24716, #24693)
  • Bedrock auth now falls back to AWS_REGION / AWS_DEFAULT_REGION, and unsupported Bedrock GPT service tiers are no longer advertised or sent. (#25171, #25318)

Documentation

  • Python SDK beta docs and package metadata now present the standard pip install openai-codex path, refreshed quickstarts, API reference, FAQ, and examples. (#24836, #24866, #24868, #24870)
  • Python SDK examples and docs now use the public CodexConfig name for configuring Codex / AsyncCodex. (#24800)
  • The bundled OpenAI Docs skill was updated with current Codex manual routing and a cached manual fetch helper. (#24914)
  • Built-in tool schema descriptions now clarify defaults, optional fields, bounds, and enums across shell, Code Mode, MCP, image, goal, plan, multi-agent, and related tools. (#24794)
  • App-server and exec-server docs now cover API-key remote registration, --stdio, runtime extra skill roots, and remote-control server-token behavior. (#24666, #24940, #24977, #24141)

Chores

  • Python SDK releases can now be staged and published independently from runtime releases using python-v* tags while preserving the reviewed runtime dependency pin. (#24828, #24872)
  • Updated MCP dependencies to rmcp 1.7.0 and refreshed compatibility code. (#24763)
  • Refreshed Amazon Bedrock catalog metadata, including GPT-5.5, removal of unsupported OSS entries, and default-tier-only GPT model behavior. (#24701, #24960, #25318)
  • Removed the stale app-server debug-client pieces and cleaned up the workspace after deletion. (#25063, #25064, #25065, #25066, #25067, #25068, #25069, #25070, #25075)
  • Trimmed CI/build maintenance by moving Bazel Windows jobs to Codex runners, removing the libubsan workaround, and reverting the startup benchmark that broke musl builders. (#24952, #24782, #24937)

Changelog

Full Changelog: rust-v0.135.0...rust-v0.136.0

Computer use; remote control now work on Windows

# Computer use and mobile access on Windows ### New features - [Computer Use](/codex/app/computer-use) now works on Windows. Codex can operate Windows desktop apps by seeing, clicking, and typing in the foreground while it works. - [Remote control](/codex/remote-connections) now supports Windows devices. You can start Codex work on a Windows device from ChatGPT on iOS or Android, or from a Mac running Codex, and check its progress remotely. - The [Profile section](/codex/app/settings#profile) now shows your profile details, usage stats, and token activity. ### Performance improvements and bug fixes - Additional performance improvements and bug fixes.

Doctor command gets environment diagnostics; vim mode gains text objects; TUI rendering stabilized

v0.135.0

New Features

  • codex doctor now reports richer environment, Git, terminal, app-server, and thread inventory diagnostics for support cases. (#24261, #24311, #24305)
  • /status shows remote connection details and server version when the TUI is connected over a remote transport. (#24420)
  • Vim mode gained text-object editing, improved word/line-end behavior, and a configurable interrupt-turn binding. (#24382, #24380, #24766)
  • /permissions now understands named permission profiles and displays configured custom profiles. (#21559)
  • Packaged Codex builds can discover and use the bundled patched zsh helper across supported macOS and Linux targets. (#23756, #24171)
  • The Python SDK now exposes friendly Sandbox presets for thread and turn APIs. (#24772)

Bug Fixes

  • Markdown tables and multiline lists render more readably in the TUI, with better column sizing and app-style table formatting. (#24489, #24346, #24351)
  • TUI output is more stable on macOS and Zellij, avoiding stderr/composer corruption and raw-output overlap. (#24459, #24479, #24593)
  • Slash-command completion now preserves existing draft text for commands that accept inline arguments. (#23950)
  • Older tmux/iTerm control-mode sessions no longer lose normal Ctrl-C handling from unsupported keyboard enhancement setup. (#24371)
  • App mentions now exclude inaccessible or disabled apps instead of offering unusable $ suggestions. (#24625)
  • Resume flows now include non-interactive exec sessions when requested and honor cwd overrides for idle cached threads. (#24503, #24528)

Documentation

  • Clarified image-viewing tool detail behavior and removed stale TUI composer documentation references. (#23949, #24641)
  • Updated Python SDK docs, examples, and notebook content to use the new sandbox preset API. (#24772)

Chores

  • Updated Rust toolchain pins and SQLx/SQLite dependencies. (#24684, #24728)
  • Moved memory runtime state into a dedicated SQLite database. (#24591)
  • Removed remaining legacy config-profile consumers and routed more TUI config/plugin state through app-server-owned APIs. (#24076, #24254, #24255, #24265, #24266, #24257)
  • Centralized Responses retry handling and MCP tool naming logic to reduce duplicated internal plumbing. (#24131, #21576)

Changelog

Full Changelog: rust-v0.134.0...rust-v0.135.0

Search conversation history; --profile becomes primary selector

v0.134.0

New Features

  • Added search across local conversation history, including case-insensitive content matches with result previews. (#23519, #23921)
  • Made --profile the primary profile selector across CLI, TUI permissions, and sandbox flows, with legacy profile configs rejected through migration guidance. (#23708, #23883, #23890, #24051, #24055, #24059, #24067, #24110)
  • Improved MCP setup with per-server environment targeting and OAuth options for streamable HTTP servers. (#23583, #24120)
  • Made connector tool schemas more reliable by preserving local $ref/$defs structures and compacting oversized schemas before exposure. (#23357, #23904)
  • Let read-only MCP tools run concurrently when they advertise readOnlyHint. (#23750)
  • Added richer extension and hook context, including conversation history for extension tools and subagent identity in hook inputs. (#22882, #23963)

Bug Fixes

  • Improved remote reliability by reconnecting stale exec-server websocket clients, retrying remote control immediately after auth recovery, and retrying remote compaction v2 streams. (#23867, #23775, #23951)
  • Fixed Windows TUI rendering corruption by restoring virtual terminal mode before drawing. (#24082)
  • Displayed workspace-specific usage-limit messages for credit and spend-cap failures. (#24114)
  • Allowed plugin skills to reuse shared plugin-level icon assets. (#23776)
  • Preserved active permission profile metadata when syncing auto-review runtime settings. (#23956)
  • Ensured Node-based tools honor Codex’s managed network proxy environment. (#23905)

Documentation

  • Documented the curl and PowerShell installer paths in the README. (#24106)
  • Updated developer docs to prefer just test over direct cargo test for repo-local test runs. (#23910)
  • Added profile migration documentation links to relevant config errors. (#23879)

Chores

  • Simplified release packaging around canonical native artifacts, reusable DotSlash fetching, and a new macOS x64 zsh artifact. (#23833, #23836, #24129, #24165)
  • Added release-build support for Codex-produced V8 artifacts. (#23934)
  • Added image re-encoding benchmarks and connector-style JSON schema policy fixtures. (#23935, #24152)
  • Improved tracing and analytics for websocket requests, turn starts, and remote compaction v2. (#23581, #23980, #24146)

Changelog

Full Changelog: rust-v0.133.0...rust-v0.134.0

Spotlight and Shortcuts integration; side conversations launch

# ChatGPT for iOS ### New features - Added Spotlight and Shortcuts support for opening Codex Mobile directly. - Added browsing for archived Codex threads. - Added `/side` for opening a side conversation. - Added options to save or copy rendered images. ### Improvements and bug fixes - Improved iPad keyboard shortcuts. - Improved setup and relaunch reliability. - Fixed issues with task progress, loading archived threads, previewing code changes, and switching hosts.

Appshots launch; goal mode exits beta; remote computer use enabled

# Appshots, goal mode, and more [Appshots](/codex/appshots) are now available in the Codex app on macOS. Press both Command keys to send the frontmost app window to Codex with a screenshot and available text, so Codex can work from context in another app without you copying, pasting, or describing it manually. This launch also includes: - [Goal mode](/codex/prompting#goal-mode) is no longer an experimental feature and is available in the Codex app, IDE extension, and CLI. With Goal mode, you can have Codex drive toward a specific objective for hours or even days. - [Remote computer use](/codex/app/computer-use#locked-use), so Codex can use desktop apps after your Mac locks, including remotely via Codex Mobile. Codex scopes locked use to active, trusted computer use turns and includes safeguards such as short-lived authorization, covered displays, relock on local input, and manual-unlock fallback. - [Plugin sharing](/codex/plugins/build#share-a-local-plugin-with-your-workspace) through marketplace sources is available for ChatGPT Business. Enterprise support is coming soon. Teams can distribute reusable plugin bundles that include skills, app integrations, and MCP servers. - [Advanced in-app browser annotations](/codex/app/browser#styling-feedback) let you tweak styling such as font size, colors, and spacing directly using annotations. This gives Codex a clearer signal for changes. - Browser-use improvements across in-app browser & Chrome: - Codex can now download and extract all image assets from a page much more quickly. - Codex can now extract structured data from pages more effectively and find information more quickly with a read-only JS sandbox. - Chrome extension will create less clutter when using it. Codex will no longer create tab groups when taking over existing tabs, and at the end of a task for handoff. Instead, it uses tab icons to indicate status. - Significantly improved reliability for browser use. We fixed bugs on Windows, flaky availability of the plugin to non geo-blocked regions, and many other issues impacting performance.

Goals now on by default; plugin discovery and permission profiles expanded

v0.133.0

New Features

  • Goals are now enabled by default, backed by dedicated storage, and track progress across active turns. (#23300, #23685, #23696, #23732)
  • codex remote-control now runs like a foreground command, waits for readiness, reports machine status, and keeps explicit daemon-style start/stop commands. (#22878)
  • Permission profiles gained list APIs, inheritance, managed requirements.toml support, runtime refresh behavior, and stronger Windows sandbox integration. (#22928, #23412, #22270, #23433, #22931, #23715)
  • Plugin discovery is easier to inspect, with marketplace-aware list output, installed versions, visible marketplace roots, and remote collection support. (#23372, #23584, #23727, #23730)
  • Extensions can observe more lifecycle events, including subagent start/stop, tool execution, turn metadata, and async approval/turn processing. (#22782, #22873, #23309, #23688, #23690, #23692)

Bug Fixes

  • Fixed TUI startup choosing the wrong working directory when reusing a local app-server socket. (#23538)
  • Fixed plan-mode free-form answers so modified Enter keys, like Shift+Enter, no longer submit unexpectedly. (#23536)
  • Removed stale background terminal poll events after a process exits. (#23231)
  • Preserved raw code-mode exec output unless an explicit output token limit is requested. (#23564)
  • Made AGENTS instruction loading more reliable, including local global reads and warnings for invalid UTF-8 instead of silent drops. (#23343, #23232)
  • Fixed app-server startup/shutdown races, empty resume/fork paths, plugin upgrade failures, and realtime v1 websocket compatibility. (#23516, #23578, #23400, #23356, #23771)

Documentation

  • Added clearer plugin-creator guidance for updating and reinstalling local personal plugins. (#23542)
  • Expanded app-server/API docs and schema coverage around managed permission profile requirements. (#23433, #23555)

Chores

  • Added a canonical Codex package archive pipeline and moved installers, npm packages, DotSlash, and SDK runtimes toward that shared layout. (#23513, #23582, #23586, #23596, #23635, #23636, #23637, #23638, #23786)
  • Fixed Linux Python runtime wheel tags so glibc-based systems can install the runtime artifacts. (#21812)
  • Improved release and CI reliability with package-builder tests, prebuilt resource packaging, DotSlash zstd handling, platform-sharded Rust tests, and Codex Linux release runners. (#23760, #23759, #23752, #23358, #23761)

Changelog

Full Changelog: rust-v0.132.0...rust-v0.133.0

Python SDK gains first-class auth; TUI startup faster

v0.132.0

New Features

  • The Python SDK now supports first-class authentication, including API key login, ChatGPT browser and device-code flows, account inspection, and logout APIs. (#23093)
  • Python turn APIs are easier to use for text-only workflows: you can pass a plain string as input, and handle-based runs now return a richer TurnResult with collected items, timing, and usage data. (#23151, #23162)
  • codex exec resume now accepts --output-schema, so resumed automations can keep session context while still enforcing structured JSON output. (#23123)
  • TUI startup is faster because terminal capability probes are now batched instead of waiting on several serial checks before the first interactive frame. (#23175)
  • Remote executor registration can now use standard Codex auth instead of a separate registry credential flow. (#22769)
  • App-server turns can preserve requested image fidelity, including original-resolution local images, across user inputs and image-producing tools. (#20693)

Bug Fixes

  • Goal continuations now stop when they hit usage limits or a repeated blocker instead of looping and burning more tokens, and completion responses phrase usage more naturally. (#23094, #22907)
  • The session picker is easier to trust: renamed threads now show name (thread-id) in resume hints, and pasted text works in the picker search box. (#23234, #23338)
  • Multi-session TUI flows are more reliable: in-progress MCP calls stay marked as active during replay, and elicitation replies are sent back to the thread that requested them. (#23236, #23241)
  • Remote sessions now keep websocket connections alive and show repo-relative diff paths again instead of /tmp/...-prefixed paths. (#23226, #23261)
  • Windows installs are more robust: codex doctor now detects npm-managed installs correctly, and MSVC release binaries no longer depend on separately installed VC++ runtime DLLs. (#22967, #22905)
  • TUI polish fixes include immediate shutdown feedback on exit, hiding the ChatGPT usage link for non-OpenAI providers, and keeping a cleared Fast tier from reappearing after side-thread resume. (#23323, #23127, #23121)

Documentation

  • The Python SDK docs, FAQ, and examples were refreshed around the new auth flow and turn APIs, with clearer setup guidance and simpler text-only examples. (#22941, #23093, #23151, #23162)

Chores

  • Memory summaries are now versioned and rebuilt when the stored format is stale, which should keep long-lived memory context leaner and more predictable. (#23148)

Changelog

Full Changelog: rust-v0.131.0...rust-v0.132.0

iOS notifications now open completed tasks directly

# ChatGPT for iOS ### New features - Added support for opening completed Codex tasks directly from iOS notifications. - Added the ability to open changed files directly while reviewing a task. ### Improvements and bug fixes - Improved task resume, reconnection, and foreground reliability. - Improved task progress updates, code review, and message composition.

TUI gains session controls; remote workflows support daemon management; Python SDK moves to openai-codex

v0.131.0

New Features

  • The TUI now offers richer session controls and display: data-driven service-tier commands, blended token usage, permissions/approval mode, effective workspace roots, and responsive Markdown tables. (#21745, #21906, #21991, #21669, #21677, #22052, #22612)

  • @ mentions now search files, directories, plugins, and skills in one picker, backed by app-server plugin metadata. (#19068, #22375)

  • Plugin workflows gained marketplace CLI commands, version-aware sharing, share checkout, clearer shared-workspace buckets, and default-enabled plugin hooks. (#21396, #22397, #22425, #22435, #22549)

  • Remote workflows now support daemon-managed codex remote-control, runtime enable/disable APIs, status reads, and registry-backed/configured remote environments. (#20718, #22218, #22562, #22578, #22877, #20667, #21323)

  • The Python SDK moved to openai-codex / openai_codex, with pinned runtime-generated types, concurrent turn routing, approval modes, and integration coverage. (#21778, #21891, #21893, #21896, #21905, #21910, #22014)

  • Added codex doctor for support-ready diagnostics across runtime, auth, terminal, network, config, and local state. (#22336)

Bug Fixes

  • Fixed several TUI interaction and rendering issues, including URL wrapping, light-mode selection contrast, Shift+Enter in tmux, /review MCP startup status, /side Esc handling, and network approval history text. (#21760, #21950, #21943, #21624, #22710, #22229)

  • Hardened Windows sandbox behavior around deny-read rules, scoped write roots, ineffective firewall policy, and PowerShell edge cases. (#18202, #21479, #22353, #21400, #22643)

  • Preserved managed read restrictions during permission escalation and cleaned up workspace-root permission profile resolution. (#15977, #22624, #22683)

  • Made app-server and local state startup safer by preserving SQLite data, failing closed when state cannot open, adding recovery paths, and softening optional metadata sync failures. (#21831, #21847, #22580, #22734, #22899)

  • Improved Git and auth reliability by using root worktree hooks consistently, ignoring repo hook/fsmonitor config in helper commands, binding local MCP OAuth callbacks, and revoking superseded login tokens. (#21969, #22843, #22652, #20237, #21747)

  • Reduced remote and Windows cleanup friction with longer exec-server transport timeouts, quieter taskkill cleanup, and non-queued plugin reads. (#21825, #21759, #22058, #22703)

Documentation

  • Clarified that general Codex product docs should not be added to this repo, while app-server API docs remain in scope. (#21772)

  • Updated plugin-creator guidance for the simplified local plugin handoff links. (#22240)

  • Documented new app-server/API contracts for remote environments and the desktop-owned config namespace. (#21323, #22584)

Chores

Changelog

Full Changelog: rust-v0.130.0...rust-v0.131.0

Amazon Bedrock setup guide published

# Added Amazon Bedrock setup guidance We added [Amazon Bedrock setup guidance](/codex/amazon-bedrock) for teams that want to use Codex with supported OpenAI models available through AWS-managed infrastructure.

Hook trust review added; desktop paste and link regressions fixed

# Codex app ### New features - Added an in-app trust review flow for hooks and kept Hooks settings reachable even before hooks are fully configured. ### Performance improvements and bug fixes - Restored tooltip-wrapped dropdowns that could stop opening after the tooltip rewrite. - Preserved in-progress message edits across thread switches. - Fixed several desktop workflow regressions, including `Ctrl+V` paste in the Windows terminal, opening modified external links outside the in-app browser, and keeping feedback slash commands attached to the right thread. - Improved loading and panel polish by showing model loading while a thread resumes, hiding unavailable model controls during load, and bundling summary-panel layout and hover fixes. - Kept the Computer Use settings control visible even when uninstalled and disabled problematic extension hover panels. - Additional performance improvements and bug fixes.

App-server config changes no longer require restart; remote-control command added

v0.130.0

New Features

  • Plugin details now show bundled hooks, and plugin sharing exposes link metadata plus discoverability controls. (#21447, #21495, #21637)

  • Added codex remote-control as a simpler entrypoint for starting a headless, remotely controllable app-server. (#21424)

  • App-server clients can page large threads with unloaded, summary, or full turn item views. (#21566)

  • Bedrock auth can now use AWS console-login credentials from aws login profiles. (#21623)

  • view_image can resolve files through the selected environment for multi-environment sessions. (#21143)

Bug Fixes

  • Live app-server threads now pick up config changes without requiring a restart. (#21187)

  • Turn diffs stay accurate across apply-patch operations, including partial failures that still mutated files. (#21180, #21518)

  • Thread summaries, renames, resume, and fork paths work better through ThreadStore, including threads without local rollout paths. (#21264, #21265, #21266)

  • Remote compaction now emits response.processed for v2 streams and avoids sending service_tier on API-key compact requests. (#21642, #21676)

  • Windows sandbox setup now grants sandbox users access to the desktop runtime binary cache. (#21564)

  • Removed stale “research preview” wording from the codex exec startup banner. (#21683)

Documentation

  • Fixed issue templates so CLI reports keep the intended guidance, labels apply correctly, and feature requests link to the right contributing docs. (#21685, #21686, #21688)

  • Updated install and tooling docs to consistently use cargo install --locked. (#21592)

Chores

  • Added a faster Cargo profiling build profile and disabled empty doctest targets to speed up Rust development loops. (#21574, #21584)

  • Hardened dependency and CI hygiene with fully qualified GitHub Action pins, a Dependabot cooldown, and a cargo-shear upgrade. (#21436, #21547, #21599)

  • Simplified internal surfaces by removing unused device-key APIs, extra skills roots, the remote thread-store implementation, and string-keyed MCP tool maps. (#21487, #21485, #21596, #21454)

  • Added configurable OpenTelemetry trace metadata and richer review/feedback analytics for better debugging and triage. (#21556, #18747, #21434, #21498)

Changelog

Full Changelog: rust-v0.129.0...rust-v0.130.0

Adds modal Vim editing and improves plugin workspace sharing

v0.129.0

New Features

  • The TUI now supports modal Vim editing in the composer, including /vim, default-mode config, and Vim-specific keymap contexts. (#18595)

  • TUI workflows are easier to resume and copy from with a redesigned resume/fork picker, raw scrollback mode, /ide context injection, and workspace-aware /diff. (#20065, #20819, #20294, #21001)

  • The status line can show theme-aware colors plus optional PR and branch-change summaries, and /keymap debug helps inspect terminal key events. (#19631, #20892, #20794)

  • Plugin management now supports workspace sharing, share access controls, source filtering, local share path tracking, marketplace removal/upgrades, remote bundle sync, and admin-disabled status handling. (#20278, #21124, #21419, #20560, #19843, #20478, #20268, #20298)

  • Hooks can be browsed and toggled from /hooks, can run before/after compaction, and can add PreToolUse context; Codex Apps auth and eligible MCP elicitations now surface through TUI/Guardian flows. (#19882, #19905, #20692, #19193, #19431)

  • Experimental goals are now discoverable, stay paused across resume unless the user opts back in, and show clearer validation and multi-day duration output. (#20083, #20790, #20746, #20558)

Bug Fixes

  • /copy works better in tmux, Alt+Enter and modified Delete/Backspace keys behave correctly, and Windows typing/paste latency was reduced. (#20207, #20535, #21058, #18914)

  • Large paste placeholders and Ctrl+C-stashed drafts now survive clear/editor workflows without corrupting draft history. (#21091, #21190, #21351, #21397)

  • TUI startup and accessibility were tightened by bounding terminal probes, clearing the first inline viewport render, and honoring animations = false for live rows. (#20654, #21450, #20564)

  • Linux sandbox startup is more reliable across older bwrap, slow mount probes, symlink-protected paths, and shared /tmp setups. (#20628, #20111, #21127, #21234)

  • Windows sandbox and exec policy now handle named pipes, ConPTY teardown, PowerShell-wrapped allow rules, worktree safe.directory, and unsafe Git options more reliably. (#20270, #20685, #20336, #21409, #21275)

  • Fixed custom CA login behind TLS-inspecting proxies, Bedrock runtime endpoint reporting, dangerous project config keys, heredoc redirect approval matching, and unbounded MCP/hook output growth. (#20676, #20275, #20098, #20113, #20260, #21069)

Documentation

  • Updated the embedded OpenAI Docs sample skill so API-key setup guidance stays aligned with other docs variants. (#21263)

  • Documented how generated git commit attribution is gated by codex_git_commit and configured in config.toml. (#21379)

  • Removed local-only planning/spec docs and redirected config docs toward the maintained external documentation surface. (#20896)

Chores

  • Linux releases now build, publish, bundle, and verify a standalone bwrap fallback for npm and DotSlash installs. (#21255, #21256, #21257, #21312, #21285)

  • Vendored Bubblewrap was updated to 0.11.2, including upstream security changes around setuid support. (#21389)

  • Windows Bazel CI now uses faster cross-compilation for tests, clippy, and release-build checks, and Bazel now runs sharded Rust integration tests. (#20585, #20701, #21057)

  • App-server and protocol internals were split and slimmed down, including transport extraction, protocol module decomposition, thread/message history moves, and tool-handler cleanup. (#20324, #20325, #20348, #20545, #21251, #21278, #21395)

  • Analytics and diagnostics coverage expanded for tool lifecycles, goals, plugin skills, thread sources, service tiers, and PR issue labeling. (#17089, #17090, #20799, #20923, #20949, #20969, #20893)

Changelog

Full Changelog: rust-v0.128.0...rust-v0.129.0

Last Checked
3h ago
Tracking since May 19, 2025
.json·.md·.atom