PR #15275 moves curated plugin sync into startup synchronization and changes it so startup sync tries git-based curated-plugin fetching first, with a fallback path for failures.

Merged PR #15223 restores image-generation items in resumed thread history and preserves the saved paths tied to those earlier outputs.

PR 15262 refines guardian follow-up review behavior by adding a short reminder to follow-up prompts and updating tests/snapshots so reused prior-review context is surfaced more consistently during repeat approvals.

Merged PR #15264 adds a one-time startup remote plugin sync so app-server startup can reconcile curated plugin state automatically.

The PR changes hook initialization so Windows sessions skip lifecycle hook discovery and return with no hooks plus a warning, reflecting that codex_hooks is not supported on Windows yet.

Merged PR #15215 adds a first /plugins browser to both tui and tui_app_server, with listing, search, and read-only plugin detail views.

PR #15199 retools the repository's standard argument-comment lint path to use a checked-in DotSlash package and introduces a separate source-build wrapper path, while fixing rustup/toolchain compatibility in the prebuilt runner.

PR #15233 refactors the exec-server process stack by extracting a shared process interface, wiring Environment and handlers to it, and adding explicit local and remote implementations plus shared execution tests.

This PR reorganizes feature flag definitions and APIs into a new codex-features crate and rewires existing binaries, libraries, and tests to consume that crate instead of feature symbols from codex-core. The change also updates workspace dependencies so features participates as a first-class workspace member and dependency across the Rust workspace.

This PR changes plugin product restrictions from a single empty-list semantics to explicit tri-state behavior: omitted product constraints now mean unrestricted, while an explicit empty list means no products are allowed. That fixes ambiguous plugin marketplace eligibility behavior.

PR #15254 updates the exec pipeline to make output-capture semantics explicit via an ExecCapturePolicy, adding a FullBuffer mode for trusted internal helpers while preserving existing shell-style capped behavior by default.

Merged PR #15195 extends plugin/install so marketplace plugins can install their bundled MCP servers during the install flow instead of leaving that as a separate manual step.

PR #15150 refactors auth ownership in openai/codex by relocating auth implementation details into codex-login and making codex-core re-export a compatibility surface for existing callers.

PR #15021 adds a new Bazel-based workflow for building and packaging rusty_v8, including musl targets for x86_64/aarch64, while removing third_party/v8 from the default CI test path so V8 work is handled by dedicated canary/release flows.

The PR refactors filesystem handling in codex-exec-server behind a shared trait with separate local and remote implementations, and routes execution environment selection through that abstraction.

Merged PR #15222 moves generated-image artifacts out of transient temp paths and into a predictable location under codex_home.

Merged PR #15220 promotes MCP startup progress to a first-class API v2 notification instead of leaving it as a legacy internal event.

This PR shifts MCP tools/call metadata handling so MCP tool calls now carry both session and turn context in the request _meta payload, restoring end-to-end traceability across MCP interactions that previously lacked it.

PR #15217 extends Codex plugin summary payloads with a new required needsAuth boolean so plugin/read/plugin/list style responses can explicitly signal whether an app requires authorization.

PR #15154 updates Codex TUI output so image-generation history entries render saved image locations as full file:// URIs (for example file:///tmp/...) instead of plain local paths, across both TUI binaries.

This PR updates Codex tool descriptions and related tests to give stronger, consistent Windows safety guidance for filesystem-destructive commands, while a small supporting server change fixes construction/default behavior for filesystem access.

This PR refactors terminal-related code by extracting core/src/terminal.rs and its tests into a new terminal-detection workspace crate, then rewires CLI, core, TUI, TUI app server, and MCP-related code to consume the new crate through existing imports and dependency entries.

This PR adds instrumentation to propagate turn.id into app-server request tracing for turn/start, turn/steer, and turn/interrupt, plus tests to verify the attribute is present.

PR #12334 introduces a new TUI /title command and config path so users can control which compact items appear in the terminal window/tab title, with a default spinner,project layout when unset.

The change introduces a new automated_reviewer approval source in Codex’s tool decision telemetry so guardian-reviewed approvals are emitted distinctly from user and config approvals.

PR #15090 expands exec-server from a stub-oriented shape into a real process and filesystem RPC implementation, adding protocol methods, routing, client/server event plumbing, and tests. It also includes a CI cache guard for a specific macOS cross-target build issue.

The PR adds cross-platform release packaging for the argument-comment linter so teams can use a runnable artifact instead of building the linting tool from source.

PR #15196 introduces an experimental experimental_exec_server_url configuration key and wires it into environment/session creation, allowing the remote exec server endpoint to be overridden from defaults.

This PR changes stop-hook continuation behavior so hook-provided continuation text is carried as structured user-context messages (HookPrompt) instead of being treated like hidden developer instruction content, improving turn-loop handling when hooks run multiple times.

This PR rolls back PR #15011’s change that forwarded session and turn metadata as headers on MCP HTTP requests, restoring prior MCP request behavior.

The PR updates phase-2 memory consolidation so the internal sub-agent is configured with generate_memories disabled, and test coverage is adjusted to validate the configured consolidation thread path.

PR #15180 adds a new OpenTelemetry counter that increments when a session starts with an active profile, enabling explicit tracking of profile usage in telemetry pipelines.

PR #15125 migrates Codex’s environment abstraction from the standalone codex-environment crate into codex-exec-server, rewiring core and server crates to import Environment, ExecutorFileSystem, and related helpers from the exec-server boundary instead.

This PR fixes the close/shutdown path for agents by making shutdown operations idempotent when an agent thread is already closed, preventing unnecessary follow-up op dispatch in already-finished states.

Merged PR #15056 adds persisted parent-child agent graph state so close and resume flows can apply to descendant agents instead of treating each agent as an isolated thread.

PR 15041 makes session source a first-class input with --session-source and uses it to filter plugin installation and skill visibility by product, so different Codex surfaces can expose different plugin catalogs.

Merged PR #14988 adds a new thread/shellCommand app-server request and wires app-server-backed TUI ! shell commands through that API, with command execution persisted into thread history.

Merged PR #14970 adds basic directory-mention support by carrying directory vs. file match metadata through fuzzy file search results and related protocol schemas.

Merged PR #15118 adds a Codex-specific turn_id field to the Stop and UserPromptSubmit hook payloads so hook scripts can tie each invocation to a specific conversation turn.

PR #15011 updates Codex's MCP HTTP flow to forward request-scoped headers from the current session/turn into MCP tool metadata lookups and tool calls, with turn-bound lifecycle cleanup and fixes for regressions introduced during rollout.

Merged PR #14632 updates Codex websocket tracing so each response.create request carries W3C trace context in client_metadata, instead of only attaching tracing metadata when the websocket connection starts.

Merged PR #15119 removes deprecated stdio transport support from Codex exec-server and standardizes the binary, library surface, docs, and tests around websocket listen URLs.

Merged PR #15088 adds thread.run(...) and async thread.run(...) to the Python SDK, giving users a simpler path for common prompt-response flows without manually creating and running a turn handle.

Merged PR #15042 adds a featuredPluginIds array to plugin/list responses and wires it to the curated remote plugin service.

PR #15089 adds a new codex-exec-server crate and standalone binary with shared protocol types, Rust client APIs, and stdio/websocket transport support, while keeping exec and filesystem methods stubbed for later PRs.

PR #15104 updates plugin-related flows to use requirement-resolved config for the plugin feature gate, passes config-aware context through skill loading, and makes marketplace discovery tolerate malformed files instead of failing hard.

Merged PR #15100 changes Codex's code-mode apply_patch path to return a dedicated result object instead of flowing through the generic function-tool output path.

This merged PR updates the plan tool path so code-mode calls to tools.update_plan now yield a parseable result payload, and adds a regression test for the nested call shape.

This PR changes realtime handoff handling so transcript entries are only assigned during V1 handoff flow, leaving V2 handoff events to preserve existing transcript state.

This PR changes thread/resume to prefer persisted thread metadata over current config when no explicit resume overrides are provided, so resumed threads inherit the prior model and model_reasoning_effort values by default. It also updates the README to document the resume fallback behavior.

The PR updates Codex’s SQLite logging path so feedback exports persist a rendered log body and apply retention/truncation against that rendered content, aligning exported log output with existing in-memory formatting semantics.

Merged PR #15077 changes realtime handoff payloads so the emitted assistant text is prefixed with an "Agent Final Message": label instead of sending the raw message body alone.

Merged PR #15102 removes the newly introduced custom session_source path from Codex's app-server, protocol schemas, and plugin/skill filtering flow.

Merged PR #15076 adds a startup deprecation notice in the Codex TUI when it finds custom prompts under $CODEX_HOME/prompts, with guidance to migrate them to skills.

Merged PR #15072 makes Codex code mode treat view_image as a structured image producer, so scripts can hand its result directly to image() instead of manually extracting a URL string.

Merged PR #15075 changes Codex code mode so nested tool-call failures propagate as errors you can catch, instead of being folded into normal tool output.

Merged PR #15092 updates the PR CI workflow so the "Stage npm package" step pulls artifacts from Codex 0.115.0 instead of the older 0.74.0 release whose workflow history appears to have aged out.

Merged PR #14945 brings prompt-history recall and persistence to the app-server TUI, so Up/Down navigation and cross-session history now work like the legacy TUI.

This PR reorganizes feature flag definitions and APIs into a new codex-features crate and rewires existing binaries, libraries, and tests to consume that crate instead of feature symbols from codex-core. The change also updates workspace dependencies so features participates as a first-class workspace member and dependency across the Rust workspace.

This PR changes plugin product restrictions from a single empty-list semantics to explicit tri-state behavior: omitted product constraints now mean unrestricted, while an explicit empty list means no products are allowed. That fixes ambiguous plugin marketplace eligibility behavior.

PR #15254 updates the exec pipeline to make output-capture semantics explicit via an ExecCapturePolicy, adding a FullBuffer mode for trusted internal helpers while preserving existing shell-style capped behavior by default.

Merged PR #15195 extends plugin/install so marketplace plugins can install their bundled MCP servers during the install flow instead of leaving that as a separate manual step.

PR #15150 refactors auth ownership in openai/codex by relocating auth implementation details into codex-login and making codex-core re-export a compatibility surface for existing callers.

PR #15021 adds a new Bazel-based workflow for building and packaging rusty_v8, including musl targets for x86_64/aarch64, while removing third_party/v8 from the default CI test path so V8 work is handled by dedicated canary/release flows.

The PR refactors filesystem handling in codex-exec-server behind a shared trait with separate local and remote implementations, and routes execution environment selection through that abstraction.

Merged PR #15222 moves generated-image artifacts out of transient temp paths and into a predictable location under codex_home.

Merged PR #15220 promotes MCP startup progress to a first-class API v2 notification instead of leaving it as a legacy internal event.

This PR shifts MCP tools/call metadata handling so MCP tool calls now carry both session and turn context in the request _meta payload, restoring end-to-end traceability across MCP interactions that previously lacked it.

PR #15217 extends Codex plugin summary payloads with a new required needsAuth boolean so plugin/read/plugin/list style responses can explicitly signal whether an app requires authorization.

PR #15154 updates Codex TUI output so image-generation history entries render saved image locations as full file:// URIs (for example file:///tmp/...) instead of plain local paths, across both TUI binaries.

This PR updates Codex tool descriptions and related tests to give stronger, consistent Windows safety guidance for filesystem-destructive commands, while a small supporting server change fixes construction/default behavior for filesystem access.

This PR refactors terminal-related code by extracting core/src/terminal.rs and its tests into a new terminal-detection workspace crate, then rewires CLI, core, TUI, TUI app server, and MCP-related code to consume the new crate through existing imports and dependency entries.

This PR adds instrumentation to propagate turn.id into app-server request tracing for turn/start, turn/steer, and turn/interrupt, plus tests to verify the attribute is present.

PR #12334 introduces a new TUI /title command and config path so users can control which compact items appear in the terminal window/tab title, with a default spinner,project layout when unset.

The change introduces a new automated_reviewer approval source in Codex’s tool decision telemetry so guardian-reviewed approvals are emitted distinctly from user and config approvals.

PR #15090 expands exec-server from a stub-oriented shape into a real process and filesystem RPC implementation, adding protocol methods, routing, client/server event plumbing, and tests. It also includes a CI cache guard for a specific macOS cross-target build issue.

The PR adds cross-platform release packaging for the argument-comment linter so teams can use a runnable artifact instead of building the linting tool from source.

PR #15196 introduces an experimental experimental_exec_server_url configuration key and wires it into environment/session creation, allowing the remote exec server endpoint to be overridden from defaults.

This PR changes stop-hook continuation behavior so hook-provided continuation text is carried as structured user-context messages (HookPrompt) instead of being treated like hidden developer instruction content, improving turn-loop handling when hooks run multiple times.

This PR rolls back PR #15011’s change that forwarded session and turn metadata as headers on MCP HTTP requests, restoring prior MCP request behavior.

The PR updates phase-2 memory consolidation so the internal sub-agent is configured with generate_memories disabled, and test coverage is adjusted to validate the configured consolidation thread path.

PR #15180 adds a new OpenTelemetry counter that increments when a session starts with an active profile, enabling explicit tracking of profile usage in telemetry pipelines.

PR #15125 migrates Codex’s environment abstraction from the standalone codex-environment crate into codex-exec-server, rewiring core and server crates to import Environment, ExecutorFileSystem, and related helpers from the exec-server boundary instead.

This PR fixes the close/shutdown path for agents by making shutdown operations idempotent when an agent thread is already closed, preventing unnecessary follow-up op dispatch in already-finished states.

Merged PR #15056 adds persisted parent-child agent graph state so close and resume flows can apply to descendant agents instead of treating each agent as an isolated thread.

PR 15041 makes session source a first-class input with --session-source and uses it to filter plugin installation and skill visibility by product, so different Codex surfaces can expose different plugin catalogs.

Merged PR #14988 adds a new thread/shellCommand app-server request and wires app-server-backed TUI ! shell commands through that API, with command execution persisted into thread history.

Merged PR #14970 adds basic directory-mention support by carrying directory vs. file match metadata through fuzzy file search results and related protocol schemas.

Merged PR #15118 adds a Codex-specific turn_id field to the Stop and UserPromptSubmit hook payloads so hook scripts can tie each invocation to a specific conversation turn.

PR #15011 updates Codex's MCP HTTP flow to forward request-scoped headers from the current session/turn into MCP tool metadata lookups and tool calls, with turn-bound lifecycle cleanup and fixes for regressions introduced during rollout.

Merged PR #14632 updates Codex websocket tracing so each response.create request carries W3C trace context in client_metadata, instead of only attaching tracing metadata when the websocket connection starts.

Merged PR #15119 removes deprecated stdio transport support from Codex exec-server and standardizes the binary, library surface, docs, and tests around websocket listen URLs.

Merged PR #15088 adds thread.run(...) and async thread.run(...) to the Python SDK, giving users a simpler path for common prompt-response flows without manually creating and running a turn handle.

Merged PR #15042 adds a featuredPluginIds array to plugin/list responses and wires it to the curated remote plugin service.

PR #15089 adds a new codex-exec-server crate and standalone binary with shared protocol types, Rust client APIs, and stdio/websocket transport support, while keeping exec and filesystem methods stubbed for later PRs.

PR #15104 updates plugin-related flows to use requirement-resolved config for the plugin feature gate, passes config-aware context through skill loading, and makes marketplace discovery tolerate malformed files instead of failing hard.

Merged PR #15100 changes Codex's code-mode apply_patch path to return a dedicated result object instead of flowing through the generic function-tool output path.

This merged PR updates the plan tool path so code-mode calls to tools.update_plan now yield a parseable result payload, and adds a regression test for the nested call shape.

This PR changes realtime handoff handling so transcript entries are only assigned during V1 handoff flow, leaving V2 handoff events to preserve existing transcript state.

This PR changes thread/resume to prefer persisted thread metadata over current config when no explicit resume overrides are provided, so resumed threads inherit the prior model and model_reasoning_effort values by default. It also updates the README to document the resume fallback behavior.

The PR updates Codex’s SQLite logging path so feedback exports persist a rendered log body and apply retention/truncation against that rendered content, aligning exported log output with existing in-memory formatting semantics.

Merged PR #15077 changes realtime handoff payloads so the emitted assistant text is prefixed with an "Agent Final Message": label instead of sending the raw message body alone.

Merged PR #15102 removes the newly introduced custom session_source path from Codex's app-server, protocol schemas, and plugin/skill filtering flow.

Merged PR #15076 adds a startup deprecation notice in the Codex TUI when it finds custom prompts under $CODEX_HOME/prompts, with guidance to migrate them to skills.

Merged PR #15072 makes Codex code mode treat view_image as a structured image producer, so scripts can hand its result directly to image() instead of manually extracting a URL string.

Merged PR #15075 changes Codex code mode so nested tool-call failures propagate as errors you can catch, instead of being folded into normal tool output.

Merged PR #15092 updates the PR CI workflow so the "Stage npm package" step pulls artifacts from Codex 0.115.0 instead of the older 0.74.0 release whose workflow history appears to have aged out.

Merged PR #14945 brings prompt-history recall and persistence to the app-server TUI, so Up/Down navigation and cross-session history now work like the legacy TUI.

Merged PR #15222 moves generated-image artifacts out of transient temp paths and into a predictable location under codex_home.

Merged PR #15220 promotes MCP startup progress to a first-class API v2 notification instead of leaving it as a legacy internal event.

This PR shifts MCP tools/call metadata handling so MCP tool calls now carry both session and turn context in the request _meta payload, restoring end-to-end traceability across MCP interactions that previously lacked it.

PR #15217 extends Codex plugin summary payloads with a new required needsAuth boolean so plugin/read/plugin/list style responses can explicitly signal whether an app requires authorization.

PR #15154 updates Codex TUI output so image-generation history entries render saved image locations as full file:// URIs (for example file:///tmp/...) instead of plain local paths, across both TUI binaries.

This PR updates Codex tool descriptions and related tests to give stronger, consistent Windows safety guidance for filesystem-destructive commands, while a small supporting server change fixes construction/default behavior for filesystem access.

This PR refactors terminal-related code by extracting core/src/terminal.rs and its tests into a new terminal-detection workspace crate, then rewires CLI, core, TUI, TUI app server, and MCP-related code to consume the new crate through existing imports and dependency entries.

This PR adds instrumentation to propagate turn.id into app-server request tracing for turn/start, turn/steer, and turn/interrupt, plus tests to verify the attribute is present.

PR #12334 introduces a new TUI /title command and config path so users can control which compact items appear in the terminal window/tab title, with a default spinner,project layout when unset.

The change introduces a new automated_reviewer approval source in Codex’s tool decision telemetry so guardian-reviewed approvals are emitted distinctly from user and config approvals.

PR #15090 expands exec-server from a stub-oriented shape into a real process and filesystem RPC implementation, adding protocol methods, routing, client/server event plumbing, and tests. It also includes a CI cache guard for a specific macOS cross-target build issue.

The PR adds cross-platform release packaging for the argument-comment linter so teams can use a runnable artifact instead of building the linting tool from source.

PR #15196 introduces an experimental experimental_exec_server_url configuration key and wires it into environment/session creation, allowing the remote exec server endpoint to be overridden from defaults.

This PR changes stop-hook continuation behavior so hook-provided continuation text is carried as structured user-context messages (HookPrompt) instead of being treated like hidden developer instruction content, improving turn-loop handling when hooks run multiple times.

This PR rolls back PR #15011’s change that forwarded session and turn metadata as headers on MCP HTTP requests, restoring prior MCP request behavior.

The PR updates phase-2 memory consolidation so the internal sub-agent is configured with generate_memories disabled, and test coverage is adjusted to validate the configured consolidation thread path.

PR #15180 adds a new OpenTelemetry counter that increments when a session starts with an active profile, enabling explicit tracking of profile usage in telemetry pipelines.

PR #15125 migrates Codex’s environment abstraction from the standalone codex-environment crate into codex-exec-server, rewiring core and server crates to import Environment, ExecutorFileSystem, and related helpers from the exec-server boundary instead.

This PR fixes the close/shutdown path for agents by making shutdown operations idempotent when an agent thread is already closed, preventing unnecessary follow-up op dispatch in already-finished states.

Merged PR #15056 adds persisted parent-child agent graph state so close and resume flows can apply to descendant agents instead of treating each agent as an isolated thread.

PR 15041 makes session source a first-class input with --session-source and uses it to filter plugin installation and skill visibility by product, so different Codex surfaces can expose different plugin catalogs.

Merged PR #14988 adds a new thread/shellCommand app-server request and wires app-server-backed TUI ! shell commands through that API, with command execution persisted into thread history.

Merged PR #14970 adds basic directory-mention support by carrying directory vs. file match metadata through fuzzy file search results and related protocol schemas.

Merged PR #15118 adds a Codex-specific turn_id field to the Stop and UserPromptSubmit hook payloads so hook scripts can tie each invocation to a specific conversation turn.

PR #15011 updates Codex's MCP HTTP flow to forward request-scoped headers from the current session/turn into MCP tool metadata lookups and tool calls, with turn-bound lifecycle cleanup and fixes for regressions introduced during rollout.

Merged PR #14632 updates Codex websocket tracing so each response.create request carries W3C trace context in client_metadata, instead of only attaching tracing metadata when the websocket connection starts.

Merged PR #15119 removes deprecated stdio transport support from Codex exec-server and standardizes the binary, library surface, docs, and tests around websocket listen URLs.

Merged PR #15088 adds thread.run(...) and async thread.run(...) to the Python SDK, giving users a simpler path for common prompt-response flows without manually creating and running a turn handle.

Merged PR #15042 adds a featuredPluginIds array to plugin/list responses and wires it to the curated remote plugin service.

PR #15089 adds a new codex-exec-server crate and standalone binary with shared protocol types, Rust client APIs, and stdio/websocket transport support, while keeping exec and filesystem methods stubbed for later PRs.

PR #15104 updates plugin-related flows to use requirement-resolved config for the plugin feature gate, passes config-aware context through skill loading, and makes marketplace discovery tolerate malformed files instead of failing hard.

Merged PR #15100 changes Codex's code-mode apply_patch path to return a dedicated result object instead of flowing through the generic function-tool output path.

This merged PR updates the plan tool path so code-mode calls to tools.update_plan now yield a parseable result payload, and adds a regression test for the nested call shape.

This PR changes realtime handoff handling so transcript entries are only assigned during V1 handoff flow, leaving V2 handoff events to preserve existing transcript state.

This PR changes thread/resume to prefer persisted thread metadata over current config when no explicit resume overrides are provided, so resumed threads inherit the prior model and model_reasoning_effort values by default. It also updates the README to document the resume fallback behavior.

The PR updates Codex’s SQLite logging path so feedback exports persist a rendered log body and apply retention/truncation against that rendered content, aligning exported log output with existing in-memory formatting semantics.

Merged PR #15077 changes realtime handoff payloads so the emitted assistant text is prefixed with an "Agent Final Message": label instead of sending the raw message body alone.

Merged PR #15102 removes the newly introduced custom session_source path from Codex's app-server, protocol schemas, and plugin/skill filtering flow.

Merged PR #15076 adds a startup deprecation notice in the Codex TUI when it finds custom prompts under $CODEX_HOME/prompts, with guidance to migrate them to skills.

Merged PR #15072 makes Codex code mode treat view_image as a structured image producer, so scripts can hand its result directly to image() instead of manually extracting a URL string.

Merged PR #15075 changes Codex code mode so nested tool-call failures propagate as errors you can catch, instead of being folded into normal tool output.

Merged PR #15092 updates the PR CI workflow so the "Stage npm package" step pulls artifacts from Codex 0.115.0 instead of the older 0.74.0 release whose workflow history appears to have aged out.

Merged PR #14945 brings prompt-history recall and persistence to the app-server TUI, so Up/Down navigation and cross-session history now work like the legacy TUI.