Claude finished @phernandez's task in 1m 6s —— View job

PR Review: fix(plugins): include codex in shared version bump

Tasks

• Gather context and read changed files
• Review code quality and standards
• Review testing coverage
• Review architecture and compatibility
• Post final review

Summary

This PR wires up the Codex plugin manifest (plugins/codex/.codex-plugin/plugin.json) into the shared update_versions.py release path, so it stays in lockstep with Claude Code, Hermes, and OpenClaw on every release. The version is correctly initialized to 0.21.6 and the pre-release (beta/rc) normalization follows the same npm-semver path as OpenClaw.

Overall this is a clean, well-scoped change. One minor observation and the checklist below.

Code Review Checklist

Code Quality & Standards

• Follows Basic Memory coding conventions
• Type annotations maintained (dict[str, Any], Callable, etc.)
• 100-character line length respected
• No commented-out code
• Fail-fast: update_text already raises SystemExit on no-match; update_json propagates JSON parse errors

Testing & Documentation

• test_update_versions_writes_npm_semver_prerelease — asserts Codex gets 0.21.3-beta.1 (npm semver), matching OpenClaw behavior
• _seed_repo seeded with Codex manifest, scoped correctly
• _codex_plugin_version helper added and used consistently
• test_scope_packages_leaves_core_untouched and test_scope_core_leaves_packages_untouched — both extended with Codex assertions; scope isolation verified
• 100% test coverage maintained — existing parametrized test_npm_package_version_maps_python_prereleases already covers the conversion function used by Codex; rc normalization is covered transitively
• Release docs updated in beta.md and release.md

Architecture

• npm_package_version(version) reuse for Codex is the correct pattern — same strict-semver requirement as OpenClaw
• set_package_version (simple data["version"] = version) is the right mutator since plugin.json uses a flat version field
• justfile release/beta targets now include plugins/codex/.codex-plugin/plugin.json in the commit file list — consistent with the other artifacts

Security & Performance

• No secrets or credentials
• No performance concerns in a release-only script

Compatibility

• Path objects used throughout — Windows-safe
• No emojis or non-ASCII in code output paths

Observations

Correct use of npm_package_version for Codex (not just version):
scripts/update_versions.py:138-141 correctly applies npm_package_version(version) rather than the raw Python version string. This is the same treatment as OpenClaw and is essential: 0.21.3b1 would be invalid semver in a Codex manifest, but 0.21.3-beta.1 is valid. The PR note mentions the adversarial review caught this — good catch, and it's handled correctly here.

_codex_plugin_version helper naming is clear (test_update_versions.py:122-124). Not a generic _plugin_version2 — reads well alongside _plugin_version (which targets the Claude Code plugin specifically).

Minor: test_update_versions_writes_npm_semver_prerelease doesn't assert rc conversion for Codex, but that's acceptable: npm_package_version is already unit-tested parametrically for rc, and both Codex and OpenClaw call the same function. Adding a parallel v0.21.3rc1 assertion would be redundant.

Verdict: Looks good to merge. The change is minimal, correct, and fully tested. The pre-release semver normalization is handled properly and the lockstep discipline is preserved across all plugin artifacts.