New features

• Added rate-limit reset banking for Plus and Pro users, including one free reset at launch and referral invitations for earning more during the current promotion. Eligible Business members can invite coworkers to earn shared workspace credits through a separate referral program.
• Added Developer mode for Browser use in Chrome and the Codex in-app browser. It gives Codex controlled Chrome DevTools Protocol (CDP) access for performance profiling and deeper debugging of network traffic, console output, runtime errors, and page state.
• Added the /init command to the app composer for creating project instructions with the same initialization workflow as the Codex CLI.
• Added customizable macOS Dock icons with light and dark Codex variants.
• Added Computer Use for Enterprise users outside the European Economic Area, the United Kingdom, and Switzerland.
• Added support for configuring per-app access controls for Computer Use on Windows.
• Added an Unread chats section to the command menu, with the most recently updated unread chat selected by default.

Performance improvements and bug fixes

• Made Browser use up to 2x faster through CDP and DOM snapshot optimizations that reduce browser round trips.
• Made command, browser, integration, and source activity summaries easier to understand, and improved how completed chats present files, automations, and other durable output.
• Improved plugin management by including workspace plugins, refreshing plugin state more reliably after installation or removal, and letting you upload a new version of an already-shared plugin without changing its access.
• Improved usage-limit errors with inline plan and workspace guidance, including reset timing when available.
• Added Cmd+Enter and Ctrl+Enter as shortcuts for submitting custom approval feedback.
• Fixed Browser use download handling and improved Developer mode recovery and diagnostics.
• Fixed scheduled automations so they honor the selected approval mode, and fixed manual project ordering, Browser tab dragging, MCP app sizing after right-pane transitions, and clickable ChatGPT thread mentions.
• Fixed issues affecting background agent tab restoration, commit and pull request message generation, sidebar pull request status updates, Codex Mobile QR pairing, remote-control MFA, remote SSH installation and connection, updater prompts, and overlay positioning at non-default zoom levels.
• Additional performance improvements and bug fixes.

New Features

• The /app command can now hand off the current CLI thread into Codex Desktop on macOS and native Windows, and Windows workspace launches can open directly into Desktop instead of stopping at a manual prompt. (#25638, #26500)
• Local image attachments and standalone image generations now expose their saved file paths to the model, which makes follow-up edits and file references more reliable. (#25944, #25947)
• Reasoning effort selection is more flexible: the TUI adds fallback shortcuts for terminals that miss Alt bindings, and model-defined effort levels now flow through in the order advertised by the model. (#25623, #26444, #26446)
• App-server integrations can now read account token usage, and Codex auth supports v2 personal access tokens in CLI and app-server flows. (#25344, #25731)
• Plugin automation got richer structured output: add/remove and marketplace commands support --json, plugin list JSON includes marketplace source, and plugin detail data now exposes default prompts, remote MCP servers, and unavailable app templates. (#26631, #26417, #25887, #26453, #26317)

Bug Fixes

• Goal workflows are more predictable: multiline paste in /goal edit no longer submits early, idle auto-turns stay out of Plan mode, and goals stop auto-continuing after terminal turn failures. (#26047, #26147, #26690)
• Forked threads now keep user-renamed titles instead of falling back to the original first-prompt name. (#26075)
• The TUI no longer adds extra blank space while streaming, and cancelled prompts reopen with the cursor at the end so you can keep editing naturally. (#26636, #26457)
• TUI config write failures now show the underlying cause, making validation problems and read-only filesystem issues much easier to diagnose. (#26537)
• Startup is more resilient across environments, with support for /usr/bin/bash, shorter Linux proxy socket paths, and pre-refresh of expired OAuth-backed MCP credentials. (#26538, #26553, #26482)
• Workspace instruction loading is more accurate for remote and symlinked workspaces, so the right AGENTS.md files are picked up consistently. (#26205, #26465)

Documentation

• The CLI README was refreshed to remove stale guidance and better match the current documentation flow. (#26313)

Chores

• TUI startup does less repeated plugin work by reusing discovery results and loading only hook metadata on the critical path. (#26469, #26272)
• resume --last now finds the newest matching session through the state DB first, which speeds up restore on large local histories. (#26462)
• Large MCP/Ollama streams and long message histories process much faster thanks to optimized byte scanning. (#26265)

Changelog

Full Changelog:
rust-v0.137.0...rust-v0.138.0
nit: small prompt update for MAv2 (#26179) @jif-oai
feat: guard git enrichment (#26175) @jif-oai
Fix multiline paste in /goal edit (#26047) @etraut-openai
core: stop threading SandboxPolicy through exec (#25700) @bolinfest
[codex] Copy user Bazel settings into Codex worktrees (#25925) @anp-oai
[codex] Pin Python SDK to runtime 0.137.0a4 (#26216) @aibrahim-oai
Preserve remote plugin default prompts (#25887) @ericning-o
Expose local image paths to models (#25944) @won-openai
[profile-switcher][rust] -- [1/2] Add app-server account session protocol (#25469) @dhruvgupta-oai
Fix forked thread name inheritance (#26075) @etraut-openai
Restore Windows coverage for code-mode image generation exposure (#25960) @won-openai
[codex] Split Python runtime release workflow (#26226) @aibrahim-oai
feat: catalog multi-agent v2 config (#26254) @jif-oai
Rewrite oversized tool outputs during remote compaction (#26251) @pakrym-oai
codex-pr-body: avoid confidential references (#26260) @anp-oai
Use Windows setup marker as completion signal (#26074) @abhinav-oai
log plugin MCP server names (#26002) @chrisdong-oai
fix(tui): add reasoning effort fallback shortcuts (#25623) @fcoury-oai
feat(tui): add /app desktop handoff (#25638) @fcoury-oai
cli: add package path from install context (#26189) @bolinfest
[codex-analytics] report compaction request token counts (#25946) @rhan-oai
feat: catalog multi-agent v2 config (#26252) @viyatb-oai
[codex] Deduplicate skill load warnings (#26698) @xl-openai
Remove just bench-smoke from just test. (#26716) @anp-oai

New Features

• Code mode can now call standalone web search directly, including from nested JavaScript tool calls, and receive plaintext search results. (#26719)
• Tool and connector input schemas now preserve oneOf and allOf, and large schemas keep more shallow structure when compacted, improving compatibility with richer MCP tools. (#24118, #27084)
• codex doctor now includes editor and pager environment details in the local report while redacting raw values in JSON output. (#27081)
• Plugin marketplace automation is more informative and responsive: codex plugin marketplace list --json now includes each marketplace source, and plugin lists can return from the cached remote catalog before refreshing in the background. (#27009, #26932)

Bug Fixes

• codex resume --last "..." and codex fork --last "..." now treat the trailing argument as the initial prompt instead of misreading it as a session ID. (#26818)
• MCP startup warnings from subagents now stay in the thread that owns them, avoiding duplicate parent-thread alerts and stuck startup spinners in the TUI. (#26639)
• Image edits now use the exact referenced image file paths instead of guessing from conversation history, so attached-image edits land on the intended input. (#26486)
• Bare URLs with ~ in the path are now linkified end to end in the TUI instead of being truncated before the tilde. (#27088)
• Thread resets such as /new, /clear, and /fork no longer drop cloud-managed requirements or feature flags during TUI config reloads. (#25177)
• Sandbox execution now preserves approved escalation decisions and enforces configured proxy-only networking more consistently. (#24981, #27035)

Chores

• Release builds once again publish separate symbol archives with line tables, improving post-release crash symbolication without bringing back the earlier full-debug build slowdown. (#26202)
• The embedded V8 toolchain was updated to rusty_v8 149.2.0. (#26464)

Changelog

Full Changelog: rust-v0.138.0...rust-v0.139.0

fix(remote-control): preserve enrollment on generic websocket 404s (#26741) @apanasenko-oai

fix(core-plugins): send Codex product SKU to plugin-service (#26804) @ericning-o

build(v8): update rusty_v8 to 149.2.0 (#26464) @cconger

ci: use bazel environment for BuildBuddy secret (#26895) @bolinfest

fix: preserve approval sandbox decisions in unified exec (#24981) @bolinfest

fix(tui): accept prompts with resume and fork (#26818) @fcoury-oai

deps: update starlark to 0.14.2 (#24820) @bolinfest

fix(tui): scope MCP startup status by thread (#26639) @fcoury-oai

[codex] Enable standalone web search in code mode (#26719) @rka-oai

feat: add v2 agent residency lru (#26632) @jif-oai

Ignore proc-macro-error2 advisory (#26974) @jif-oai

feat: count V2 concurrency by active execution (#26969) @jif-oai

Rename multi-agent v2 close_agent to interrupt_agent (#26994) @jif-oai

Avoid reopening v2 descendants on resume (#26997) @jif-oai

[codex] Exclude external tool output from memories (#26821) @rka-oai

[codex] Restore release symbol artifacts with line tables (#26202) @nornagon-openai

fix(app-server): avoid blocking connection cleanup (#26852) @apanasenko-oai

Add HTTP window ID to Responses client metadata (#26923) @ningyi-oai

[codex-analytics] report compaction analytics details (#26680) @rhan-oai

[codex] Speed up external agent session imports (#26637) @stefanstokic-oai

[plugins] Expose marketplace source in marketplace list JSON (#27009) @mpc-oai

ci: template custom runner names by repo (#27024) @bolinfest

fix: preserve auto review across config and delegation (#26230) @viyatb-oai

[codex] Clarify PR babysitter state mutations (#27038) @anp-oai

[codex] Calm multi-agent v2 usage prompts (#27037) @jif-oai

Pair thread environment settings (#26687) @pakrym-oai

cli: add -P sandbox permissions profile alias (#27054) @bolinfest

Enforce configured network proxy in codex sandbox (#27035) @viyatb-oai

Route image edits through referenced file paths (#26486) @won-openai

[codex-analytics] stop sending codex error subreason (#27060) @rhan-oai

[codex] Require complete main-agent skill reads (#27044) @fchen-oai

feat: support oneOf and allOf in tool input schemas (#24118) @celia-oai

[codex] Prune stale curated plugin caches (#26934) @xl-openai

Use cached remote plugin catalog for plugin list (#26932) @xl-openai

[codex] Add OTEL counter descriptions (#26091) @richardopenai

feat(doctor): report editor and pager environment (#27081) @fcoury-oai

chore: preserve one more schema layer during large tool compaction (#27084) @celia-oai

Add typed file URIs (#26840) @anp-oai

fix(tui): linkify complete bare URLs with tildes (#27088) @fcoury-oai

Show effective sandbox modes in /debug-config (#27068) @canvrno-oai

Add extra config to StoredThread, leave empty for now (#27092) @kumquatexpress

Update web search citation prompt (#27096) @yuning-oai

Preserve cloud requirements across TUI thread resets (#25177) @canvrno-oai

[codex] Remove remote compaction failure log (#27106) @pakrym-oai

New features

• Added Migrate to Codex flows for importing supported setup from Claude Code and Claude Cowork, including during onboarding.
• Revamped plugins screen with separate tabs, marketplace and category filters, keyboard navigation, and clearer install actions.
• Expanded Settings search to find options from more panels, including Git and pets.

Performance improvements and bug fixes

• Fixed goal timer overlap in narrow layouts.
• Reduced unread notifications while an active goal continues running.
• Kept review diff ordering consistent with the file tree.
• Improved window rendering on systems that don’t support translucent backdrops, including Windows 10.
• Additional performance improvements and bug fixes.

New features

• Added activity insights and share cards to the Profile section. You can review Codex usage highlights and save a profile card; sharing is available on consumer ChatGPT plans.

Performance improvements and bug fixes

• Improved Computer Use startup readiness and appshot error reporting.
• Fixed browser and review UI issues, including fullscreen browser composer controls, hex color swatches, terminal scrollbar alignment, and animated diff stat alignment.
• Expanded onboarding with more role choices so Codex can tailor first-run suggestions more accurately.
• Fixed configuration writes after plugin installation.
• Additional performance improvements and bug fixes.

New Features

• TUI controls now support F13-F24 keybindings, paste in searchable menus, and a compact reasoning-only status/title item (#25329, #25400, #25504).
• Enterprise/admin flows now show monthly credit limits and can apply cloud-managed config bundles, including EDU workspaces (#24812, #24617, #24619, #24620, #24622, #25963).
• Remote-control clients can start pairing and list or revoke controller grants through app-server v2 RPCs (#25675, #25785).
• Plugin workflows gained machine-readable codex plugin list --json output and cached remote catalog suggestions (#25330, #25457).
• Hosted web and image tools are available in more code-mode flows, with standalone web searches able to run in parallel (#25176, #25702, #25890, #25923).
• Multi-agent v2 keeps runtime choice with each thread and exposes cleaner follow-up and metadata defaults for spawned agents (#25266, #25636, #25720, #25721, #25722, #25841, #26114).

Bug Fixes

• Cancelling a submitted prompt before visible output now restores the draft, attachments, and collaboration mode for editing (#25316).
• Slash-command filtering and footer shortcut hints now reset or render according to the current UI state (#25492, #25625).
• Platform reliability improved for macOS app launches and Windows SQLite startup, thread resume, and sandbox setup refreshes (#25485, #25490, #25509, #25949).
• Plugin loading preserves app manifest order, deduplicates local/remote curated installs, and treats malformed skills fields as warnings (#25491, #25681, #25717, #25782).
• Permission requests and approvals now carry environment identity, and managed MITM proxying exports readable CA bundles to child commands (#25850, #25858, #25862, #22668).
• Local session history is safer for compressed rollouts, renamed titles, pathless side-chat reloads, and stack-heavy startup/config rebuilds (#25087, #25624, #25661, #25814, #25844, #25847).

Documentation

• Added app-server docs and generated schema updates for monthly credit limits, remote-control RPCs, and environment-scoped permission approvals (#24812, #25675, #25785, #25862).
• Moved repo review rules and contributor conventions into AGENTS.md, including Rust test-module layout and Python 3 compatibility guidance (#25682, #25690, #25738).

Chores

• Root formatting and Justfile workflows are more complete and Windows-aware (#24983, #25165, #25683).
• Rust CI and release workflows use the git CLI for Cargo fetches to avoid intermittent libgit2/submodule failures (#25644, #25775).
• Python SDK releases now publish runtime wheels from the SDK workflow and pin to a glibc-compatible runtime package (#25906, #25907).
• Bazel CI’s BuildBuddy wrapper was reintroduced with Windows-safe process handling and validation (#25915).
• Shared prompts, context fragments, and skills plumbing moved into dedicated crates/extension paths to reduce codex-core coupling (#25151, #25953, #25959, #26106, #26122, #26167).

Changelog

Full Changelog:
rust-v0.136.0...rust-v0.137.0

feat(tui): allow function keys through f24 in keymaps (#25329) @fcoury-oai
Add config bundle transport types (#24617) @joeflorencio-openai
Add build_unsigned_archive release mode (#25435) @shijie-oai
Gate automatic idle turns in Plan mode (#26147) @jif-oai
Fix forked thread name inheritance (#26075) @etraut-openai
Optimize unbounded byte scans with memchr (#26265) @charliemarsh-oai
Clean up Rust release workflow (#26335) @shijie-oai
Add rollout compression counters (#25679) @jif-oai
Fix stale TestAppServer rename in plugin_list test (#26505) @bolinfest
Make plugin hooks uncacheable (#26610) @pakrym-oai
Publish release symbol artifacts (#25649) @nornagon-openai
Fix stale TUI thread status confusion (#26181) @jif-oai
Fix cancel turn crash (#26636) @fcoury-oai
Fix plugin manifest ordering (#25701) @xl-openai
Use plugin discovery cache aggressively (#26719) @rka-oai
feat: allow hotreloading in AppServerConfig (#26743) @pakrym-oai
Redesign Hooks API (#26818) @fcoury-oai
Relax Windows sandbox requirements (#26835) @bolinfest
Fix TUI concurrency (#26585) @etraut-openai
Fix TUI unstable rendering (#26947) @canvrno-oai

New Features

• TUI markdown now keeps web links clickable with OSC 8 metadata, and cramped tables switch to readable key/value records without losing link targets. (#24472, #24636, #24825)
• Sessions can now be archived from the TUI with /archive or from the CLI with codex archive / codex unarchive; archived sessions are protected from resume/fork until restored. (#25027, #25021)
• App-server integrations can resume a thread with its initial turns page, see richer MCP server status, and launch stdio mode with codex app-server --stdio. (#23534, #24698, #24940)
• Remote execution setup now supports CODEX_API_KEY registration for approved OpenAI hosts, while remote-control websockets use short-lived server tokens instead of ChatGPT access tokens. (#24666, #24141)
• Windows admins get an alpha codex sandbox setup --elevated provisioning path, plus requirements support for allowed Windows sandbox implementations. (#24831, #23766)
• A feature-gated standalone image generation extension can run through the native Codex image artifact completion pipeline. (#24723, #24972)

Bug Fixes

• ChatGPT auth refreshes tokens before the five-minute expiry window and shows a relogin-required path for reused refresh tokens instead of collapsing into a generic cloud error. (#23546, #24830)
• Command-safety hardening prevents /diff from running repository-provided Git helpers/hooks, avoids PowerShell parser execution on non-Windows hosts, and rejects browser-origin exec-server websocket handshakes. (#24954, #24946, #24947)
• Sandboxed commands clean up more reliably after interruptions or denied Windows network attempts, and deny read rules stay enforced for safe-command and approval-bypass paths. (#22729, #19880, #23943)
• Resumed TUI sessions seed prompt history from the session transcript, multiline hook output renders as separate rows, and Vim normal-mode editing behaves correctly. (#24298, #24965, #25022)
• App-server filesystem watchers debounce later batches correctly, and standalone web search calls now show and restore completed search activity. (#24716, #24693)
• Bedrock auth now falls back to AWS_REGION/AWS_DEFAULT_REGION, and unsupported Bedrock GPT service tiers are no longer advertised or sent. (#25171, #25318)

Documentation

• Python SDK beta docs and package metadata now present the standard pip install openai-codex path, refreshed quickstarts, API reference, FAQ, and examples. (#24836, #24866, #24868, #24870)
• Python SDK examples and docs now use the public CodexConfig name for configuring Codex/AsyncCodex. (#24800)
• The bundled OpenAI Docs skill was updated with current Codex manual routing and a cached manual fetch helper. (#24914)
• Built-in tool schema descriptions now clarify defaults, optional fields, bounds, and enums across shell, Code Mode, MCP, image, goal, plan, multi-agent, and related tools. (#24794)
• App-server and exec-server docs now cover API-key remote registration, --stdio, runtime extra skill roots, and remote-control server-token behavior. (#24666, #24940, #24977, #24141)

Chores

• Python SDK releases can now be staged and published independently from runtime releases using python-v* tags while preserving the reviewed runtime dependency pin. (#24828, #24872)
• Updated MCP dependencies to rmcp 1.7.0 and refreshed compatibility code. (#24763)
• Refreshed Amazon Bedrock catalog metadata, including GPT-5.5, removal of unsupported OSS entries, and default-tier-only GPT model behavior. (#24701, #24960, #25318)
• Removed the stale app-server debug-client pieces and cleaned up the workspace after deletion. (#25063, #25064, #25065, #25066, #25067, #25068, #25069, #25070, #25075)
• Trimmed CI/build maintenance by moving Bazel Windows jobs to Codex runners, removing the libubsan workaround, and reverting the startup benchmark that broke musl builders. (#24952, #24782, #24937)

Changelog

Full Changelog:

rust-v0.135.0...rust-v0.136.0

fix(linux-sandbox): preserve shell cleanup on interruption (#22729) @viyatb-oai

feat(tui): add OSC 8 web links to rich content (#24472) @fcoury-oai

feat(tui): render cramped markdown tables as key-value records [2 of 2] (#24636) @fcoury-oai

Allow API-key auth for remote exec-server registration (#24666) @sdcoffey

Gate goal usage limits with new error signals (#24665) @jif-oai

Add app-server startup benchmark crate (#24651) @anp-oai

Update rmcp to 1.7.0 (#24763) @anp-oai

ci: build Codex package archives in release workflow (#23582) @bolinfest

fix(tui): restore cancelled prompt cursor at end (#26457) @fcoury-oai

fix(tui): avoid doubled blank rows while streaming (#26636) @fcoury-oai

Use deep links for macOS codex app paths (#25485) @etraut-openai

tui: keep inaccessible apps out of mentions (#24625) @canvrno-oai

fix(shell-env): use prepended PATH for exec env shells (#26465) @anp-oai

Remove stale debug-client CLI entrypoint (#25068) @jif-oai

feat(tui): add named permission profile picker (#24571) @viyatb-oai

fix(tui): clarify footer shortcut overlay hints (#25649) @fcoury-oai

fix(tui): clarify footer shortcut overlay hints (#25649) @fcoury-oai

fix: remove stale signal in core sandbox (#24969) @pakrym-oai

New features

• Computer Use now works on Windows. Codex can operate Windows desktop apps by seeing, clicking, and typing in the foreground while it works.
• Remote control now supports Windows devices. You can start Codex work on a Windows device from ChatGPT on iOS or Android, or from a Mac running Codex, and check its progress remotely.
• The Profile section now shows your profile details, usage stats, and token activity.
• Added thread coordination for local projects and worktrees, including separate background threads when explicitly requested.
• Expanded search for past Codex app threads to include conversation content and Git branch names.
• Added stable identicons for background subagents across the app.
• Improved keyboard shortcut settings with keypress search and a reset-all action.
• Improved Chrome context capture for Google Docs, Sheets, and Slides tabs.

Performance improvements and bug fixes

• Additional performance improvements and bug fixes.

New Features

• codex doctor now reports richer environment, Git, terminal, app-server, and thread inventory diagnostics for support cases. (#24261, #24311, #24305)
• /status shows remote connection details and server version when the TUI is connected over a remote transport. (#24420)
• Vim mode gained text-object editing, improved word/line-end behavior, and a configurable interrupt-turn binding. (#24382, #24380, #24766)
• /permissions now understands named permission profiles and displays configured custom profiles. (#21559)
• Packaged Codex builds can discover and use the bundled patched zsh helper across supported macOS and Linux targets. (#23756, #24171)
• The Python SDK now exposes friendly Sandbox presets for thread and turn APIs. (#24772)
• install.sh / install.ps1 supports a non-interactive installation mode when CODEX_NON_INTERACTIVE=1 is set. (#21567)

Bug Fixes

• Markdown tables and multiline lists render more readably in the TUI, with better column sizing and app-style table formatting. (#24489, #24346, #24351)
• TUI output is more stable on macOS and Zellij, avoiding stderr/composer corruption and raw-output overlap. (#24459, #24479, #24593)
• Slash-command completion now preserves existing draft text for commands that accept inline arguments. (#23950)
• Older tmux/iTerm control-mode sessions no longer lose normal Ctrl-C handling from unsupported keyboard enhancement setup. (#24371)
• App mentions now exclude inaccessible or disabled apps instead of offering unusable $ suggestions. (#24625)
• Resume flows now include non-interactive exec sessions when requested and honor cwd overrides for idle cached threads. (#24503)

Documentation

• Clarified image-viewing tool detail behavior and removed stale TUI composer documentation references. (#23949, #24641)
• Updated Python SDK docs, examples, and notebook content to use the new sandbox preset API. (#24772)

Chores

• Updated Rust toolchain pins and SQLx/SQLite dependencies. (#24684, #24728)
• Moved memory runtime state into a dedicated SQLite database. (#24591)
• Removed remaining legacy config-profile consumers and routed more TUI config/plugin state through app-server-owned APIs. (#24076, #24254, #24255, #24265, #24266, #24257)
• Centralized Responses retry handling and MCP tool naming logic to reduce duplicated internal plumbing. (#24131, #21576)

Changelog

Full Changelog:

rust-v0.134.0...rust-v0.135.0

fix(remote-control): cap reconnect backoff (#24164) @apanasenko-oai

package: include zsh fork in Codex package (#23756) @bolinfest

feat(doctor): add environment diagnostics (#24261) @fcoury-oai

Report app-server version in codex doctor (#24311) @etraut-openai

fixes in permissions and vim mode (#24382, #24380, #24766) @etraut-openai

install.sh supports non-interactive mode (#21567) @etraut-openai

improve CLI for Python SDK Sandbox presets (#24772) @aibrahim-oai

more fixes in TUI output and markdown rendering (#24459, #24479) @fcoury-oai

fix(tui): restore cancelled prompt cursor at end (#26457) @fcoury-oai

fix: markdown rendering and UI stability (#24489, #24346, #24351) @fcoury-oai

fix: resume flow includes non-interactive exec sessions (#24503) @etraut-openai

SQLx/SQLite updates (#24684, #24728) @bolinfest

moved memory runtime state to SQLite DB (#24591) @jif-oai

removed legacy config-profile consumers (#24254, #24076) @etraut-openai

centralized retry and MCP tool naming (#24131, #21576) @rhan-oai

New Features

• Added search across local conversation history, including case-insensitive content matches with result previews. (#23519, #23921)
• Made --profile the primary profile selector across CLI, TUI permissions, and sandbox flows, with legacy profile configs rejected through migration guidance. (#23708, #23883, #23890, #24051, #24055, #24059, #24067, #24110)
• Improved MCP setup with per-server environment targeting and OAuth options for streamable HTTP servers. (#23583, #24120)
• Made connector tool schemas more reliable by preserving local $ref / $defs structures and compacting oversized schemas before exposure. (#23357, #23904)
• Let read-only MCP tools run concurrently when they advertise readOnlyHint. (#23750)
• Added richer extension and hook context, including conversation history for extension tools and subagent identity in hook inputs. (#22882, #23963)

Bug Fixes

• Improved remote reliability by reconnecting stale exec-server websocket clients, retrying remote control immediately after auth recovery, and retrying remote compaction v2 streams. (#23867, #23775, #23951)
• Fixed Windows TUI rendering corruption by restoring virtual terminal mode before drawing. (#24082)
• Displayed workspace-specific usage-limit messages for credit and spend-cap failures. (#24114)
• Allowed plugin skills to reuse shared plugin-level icon assets. (#23776)
• Preserved active permission profile metadata when syncing auto-review runtime settings. (#23956)
• Ensured Node-based tools honor Codex’s managed network proxy environment. (#23905)

Documentation

• Clarified image-viewing tool detail behavior and removed stale TUI composer documentation references. (#23949, #24641)

Chores

• Simplified release packaging around canonical native artifacts, reusable DotSlash fetching, and a new macOS x64 zsh artifact. (#23833, #23836, #24129, #24165)
• Added release-build support for Codex-produced V8 artifacts. (#23934)
• Added image re-encoding benchmarks and connector-style JSON schema policy fixtures. (#23935, #24152)
• Improved tracing and analytics for websocket requests, turn starts, and remote compaction v2. (#23581, #23980, #24146)

Changelog

Full Changelog:
rust-v0.133.0...rust-v0.134.0

Trace logical websocket request after untraced warmup (#23581) @jif-oai

feat: guard git enrichment (#26175) @jif-oai

fix multiline paste in /goal edit (#26047) @etraut-openai

fixes in permissions and vim mode (#24382, #24380, #24766) @etraut-openai

install.sh supports non-interactive mode (#21567) @etraut-openai

improve CLI for Python SDK Sandbox presets (#24772) @aibrahim-oai

more fixes in TUI output and markdown rendering (#24459, #24479) @fcoury-oai

fix(tui): restore cancelled prompt cursor at end (#26457) @fcoury-oai

fix: markdown rendering and UI stability (#24489, #24346, #24351) @fcoury-oai

fix: resume flow includes non-interactive exec sessions (#24503) @etraut-openai

SQLx/SQLite updates (#24684, #24728) @bolinfest

moved memory runtime state to SQLite DB (#24591) @jif-oai

removed legacy config-profile consumers (#24254, #24076) @etraut-openai

centralized retry and MCP tool naming (#24131, #21576) @rhan-oai

New Features

• The Python SDK now supports first-class authentication, including API key login, ChatGPT browser and device-code flows, account inspection, and logout APIs. (#23093)
• Python turn APIs are easier to use for text-only workflows: you can pass a plain string as input, and handle-based runs now return a richer TurnResult with collected items, timing, and usage data. (#23151, #23162)
• codex exec resume now accepts --output-schema, so resumed automations can keep session context while still enforcing structured JSON output. (#23123)
• TUI startup is faster because terminal capability probes are now batched instead of waiting on several serial checks before the first interactive frame. (#23175)
• Remote executor registration can now use standard Codex auth instead of a separate registry credential flow. (#22769)
• App-server turns can preserve requested image fidelity, including original-resolution local images, across user inputs and image-producing tools. (#20693)

Bug Fixes

• Goal continuations now stop when they hit usage limits or a repeated blocker instead of looping and burning more tokens, and completion responses phrase usage more naturally. (#23094, #22907)
• The session picker is easier to trust: renamed threads now show name (thread-id) in resume hints, and pasted text works in the picker search box. (#23234, #23338)
• Multi-session TUI flows are more reliable: in-progress MCP calls stay marked as active during replay, and elicitation replies are sent back to the thread that requested them. (#23236, #23241)
• Remote sessions now keep websocket connections alive and show repo-relative diff paths again instead of /tmp/... -prefixed paths. (#23226, #23261)
• Windows installs are more robust: codex doctor now detects npm-managed installs correctly, and MSVC release binaries no longer depend on separately installed VC++ runtime DLLs. (#22967, #22905)
• TUI polish fixes include immediate shutdown feedback on exit, hiding the ChatGPT usage link for non-OpenAI providers, and keeping a cleared Fast tier from reappearing after side-thread resume. (#23323, #23127, #23121)

Documentation

• The Python SDK docs, FAQ, and examples were refreshed around the new auth flow and turn APIs, with clearer setup guidance and simpler text-only examples. (#22941, #23093, #23151, #23162)

Chores

• Memory summaries are now versioned and rebuilt when the stored format is stale, which should keep long-lived memory context leaner and more predictable. (#23148)

Changelog

Full Changelog:

rust-v0.131.0...rust-v0.132.0

Preserve image detail in app-server inputs (#20693) @fjord-oai

... [truncated for brevity]

New Features

• Goals are now enabled by default, backed by dedicated storage, and track progress across active turns. (#23300, #23685, #23696, #23732)
• codex remote-control now runs like a foreground command, waits for readiness, reports machine status, and keeps explicit daemon-style start/stop commands. (#22878)
• Permission profiles gained list APIs, inheritance, managed requirements.toml support, runtime refresh behavior, and stronger Windows sandbox integration. (#22928, #23412, #22270, #23433, #22270, #22931, #23715)
• Plugin discovery is easier to inspect, with marketplace-aware list output, installed versions, visible marketplace roots, and remote collection support. (#23372, #23584, #23727, #23730)
• Extensions can observe more lifecycle events, including subagent start/stop, tool execution, turn metadata, and async approval/turn processing. (#22782, #22873, #23309, #23688, #23690, #23692)

Bug Fixes

• Fixed TUI startup choosing the wrong working directory when reusing a local app-server socket. (#23538)
• Fixed plan-mode free-form answers so modified Enter keys, like Shift+Enter, no longer submit unexpectedly. (#23536)
• Removed stale background terminal poll events after a process exits. (#23231)
• Preserved raw code-mode exec output unless an explicit output token limit is requested. (#23564)
• Made AGENTS instruction loading more reliable, including local global reads and warnings for invalid UTF-8 instead of silent drops. (#23343, #23232)
• Fixed app-server startup/shutdown races, empty resume/fork paths, plugin upgrade failures, and realtime v1 websocket compatibility. (#23516, #23578, #23400, #23356, #23771)

Documentation

• Added clearer plugin-creator guidance for updating and reinstalling local personal plugins. (#23542)
• Expanded app-server/API docs and schema coverage around managed permission profile requirements. (#23433, #23555)

Chores

• Updated Rust toolchain pins and SQLx/SQLite dependencies. (#24684, #24728)
• Moved memory runtime state into a dedicated SQLite database. (#24591)
• Removed remaining legacy config-profile consumers and routed more TUI config/plugin state through app-server-owned APIs. (#24076, #24254, #24255, #24265, #24266, #24257)
• Centralized Responses retry handling and MCP tool naming logic to reduce duplicated internal plumbing. (#24131, #21576)

Changelog

Full Changelog: rust-v0.132.0...rust-v0.133.0

Appshots are now available in the Codex app on macOS. Press both Command keys to send the frontmost app window to Codex with a screenshot and available text, so Codex can work from context in another app without you copying, pasting, or describing it manually.

This launch also includes:

• Goal mode is no longer an experimental feature and is available in the Codex app, IDE extension, and CLI. With Goal mode, you can have Codex drive toward a specific objective for hours or even days.
• Remote computer use, so Codex can use desktop apps after your Mac locks, including remotely via Codex Mobile. Codex scopes locked use to active, trusted computer use turns and includes safeguards such as short-lived authorization, covered displays, relock on local input, and manual-unlock fallback.
• Plugin sharing through marketplace sources is available for ChatGPT Business. Enterprise support is coming soon. Teams can distribute reusable plugin bundles that include skills, app integrations, and MCP servers.
• Advanced in-app browser annotations let you tweak styling such as font size, colors, and spacing directly using annotations. This gives Codex a clearer signal for changes.
• Browser-use improvements across in-app browser & Chrome:
  • Codex can now download and extract all image assets from a page much more quickly.
  • Codex can now extract structured data from pages more effectively and find information more quickly with a read-only JS sandbox.
• Chrome extension will create less clutter when using it. Codex will no longer create tab groups when taking over existing tabs, and at the end of a task for handoff. Instead, it uses tab icons to indicate status.
• Significantly improved reliability for browser use. We fixed bugs on Windows, flaky availability of the plugin to non geo-blocked regions, and many other issues impacting performance.