chore(release): bump version to v2.3.0-beta.3

Author: ndycode

.codex-plugin/plugin.json

@@ -1,9 +1,10 @@
 {
   "name": "codex-multi-auth",
-  "version": "2.3.0-beta.2",
+  "version": "2.3.0-beta.3",
   "description": "Install and operate codex-multi-auth for the official @openai/codex CLI with multi-account OAuth rotation, switching, health checks, and recovery tools.",
   "interface": {
     "composerIcon": "./assets/codex-multi-auth-icon.svg"
   },
   "skills": "./skills/"
 }
+

AGENTS.md

@@ -4,7 +4,7 @@ Generated: 2026-04-25
 Commit: a87e005
 Validated: 2026-06-10 against commit 98d9819 (repo audit; claims re-checked against the tree, content not regenerated)
 Branch: main
-Package version: 2.3.0-beta.2
+Package version: 2.3.0-beta.3
 
 ## OVERVIEW
 
@@ -128,3 +128,4 @@ npm run vendor:verify    # vendored dependency provenance check
 - App bind state/logs: `~/.codex/multi-auth/app-bind/`.
 - Prompt templates sync from Codex CLI GitHub releases with ETag caching.
 - Historical audit evidence under `docs/audits/evidence/` is snapshot evidence, not current architecture guidance.
+

CHANGELOG.md

@@ -7,6 +7,26 @@ This repository's current stable release line is `2.x`.
 Current stable release notes live in `docs/releases/`.
 This top-level changelog preserves the foundational `0.x` milestones and points older iteration history to `docs/releases/legacy-pre-0.1-history.md`.
 
+## [2.3.0-beta.3] - 2026-06-11
+
+Stream backpressure fix, deduplication fixpoint, retry-loop consolidation, typed errors, 20 new test suites, dead code pruned.
+See [docs/releases/v2.3.0-beta.3.md](docs/releases/v2.3.0-beta.3.md) for full details.
+
+### Fixed
+
+- Stream forwarding stalling for slow clients (backpressure not respected)
+- Multi-tier account deduplication requiring more than one pass
+- Storage spy cascades in test suite from leaked `fs` mocks
+
+### Improved
+
+- `CodexValidationError` on rotation-proxy startup guards (#586)
+- `StorageError` on unreadable config save aborts (#588)
+- Last two hand-rolled retry loops migrated to shared `withRetry`
+- 20 new direct test suites; property-based dedup coverage
+
+---
+
 ## [2.3.0-beta.2] - 2026-06-11
 
 Repository audit (34 PRs), 4 correctness bug fixes, security hardening, and major

README.md

@@ -383,7 +383,7 @@ codex-multi-auth doctor --json
 
 ## Release Notes
 
-- Current prerelease: [docs/releases/v2.3.0-beta.2.md](docs/releases/v2.3.0-beta.2.md) — install via `npm i -g codex-multi-auth@beta`
+- Current prerelease: [docs/releases/v2.3.0-beta.3.md](docs/releases/v2.3.0-beta.3.md) — install via `npm i -g codex-multi-auth@beta`
 - Current stable: [docs/releases/v2.2.2.md](docs/releases/v2.2.2.md) — install via `npm i -g codex-multi-auth`
 - Previous stable: [docs/releases/v2.2.1.md](docs/releases/v2.2.1.md)
 - Previous stable: [docs/releases/v2.2.0.md](docs/releases/v2.2.0.md)

docs/README.md

@@ -32,8 +32,8 @@ Public documentation for the `codex-multi-auth` Codex CLI multi-account OAuth ma
 
 | Document | Focus |
 | --- | --- |
-| [releases/v2.3.0-beta.2.md](releases/v2.3.0-beta.2.md) | Current prerelease notes (install via `npm i -g codex-multi-auth@beta`) |
-| [releases/v2.3.0-beta.1.md](releases/v2.3.0-beta.1.md) | Prior prerelease notes |
+| [releases/v2.3.0-beta.3.md](releases/v2.3.0-beta.3.md) | Current prerelease notes (install via `npm i -g codex-multi-auth@beta`) |
+| [releases/v2.3.0-beta.2.md](releases/v2.3.0-beta.2.md) | Prior prerelease notes |
 | [releases/v2.2.2.md](releases/v2.2.2.md) | Current stable release notes (install via `npm i -g codex-multi-auth`) |
 | [releases/v2.2.1.md](releases/v2.2.1.md) | Prior stable release notes |
 | [releases/v2.2.0.md](releases/v2.2.0.md) | Prior stable release notes |
@@ -133,3 +133,4 @@ Public documentation for the `codex-multi-auth` Codex CLI multi-account OAuth ma
 - Contribution policy: [../CONTRIBUTING.md](../CONTRIBUTING.md)
 - Code of conduct: [../CODE_OF_CONDUCT.md](../CODE_OF_CONDUCT.md)
 - Security policy: [../SECURITY.md](../SECURITY.md)
+

docs/releases/v2.3.0-beta.3.md

@@ -0,0 +1,49 @@
+## Runtime Rotation
+
+### Bugfixes
+
+- Fixed stream forwarding stalling indefinitely for slow clients. `forwardStreamingResponse` now checks the return value of `res.write()` and awaits `drain` before reading the next upstream chunk, preventing unbounded in-process buffering when the client socket falls behind.
+
+### Improvements
+
+- Converted the two startup guards in `startRuntimeRotationProxy` from bare `Error` throws to `CodexValidationError` with machine-readable `field`/`expected`/`context` metadata. Error messages are byte-identical; callers can now branch on `instanceof CodexValidationError` and stable field names instead of message text (audit §4.3, #586).
+
+## Storage
+
+### Bugfixes
+
+- Fixed multi-tier account deduplication. `deduplicateAccountsByIdentity` now runs fixpoint iteration: a single pass was not enough when a newest-wins merge could install an account that itself duplicated an earlier survivor through a different identity tier (e.g. an email-tier merge installs an account whose `accountId + refreshToken` already matches an earlier entry). The wrapper now loops until the array is stable; every pass strictly shrinks it by at least one entry, so it terminates in at most `accounts.length` passes.
+- Added `vi.restoreAllMocks()` to `storage.test.ts` `afterEach` to prevent a failing test's leaked `fs` spy from cascading into every subsequent storage test in the same worker.
+
+### Improvements
+
+- Migrated the last two hand-rolled retry loops to the shared `withRetry` helper in `lib/fs-retry.ts`: the temp→final account-save rename (`storage.ts`) and the config env-path CAS loop (`config.ts`). Inter-attempt delay schedules are unchanged; only the wasted trailing sleep after a final failure is removed.
+- Converted `savePluginConfig`'s "unreadable config file" abort from a bare `Error` to a typed `StorageError` with `code: "UNREADABLE"` and the file path. Callers can now branch on `instanceof StorageError` instead of message text (#588, audit §4.3).
+
+## Security
+
+### Improvements
+
+- All atomic write helpers now use `crypto.randomBytes` instead of `Math.random()` for staging-path nonces, preventing a local attacker from predicting the next staging path (#517).
+
+## Code Quality
+
+### Improvements
+
+- Removed 852 lines of dead code: seven orphaned modules with no live importers deleted (#554, #558).
+- Pruned unused exports and types flagged by knip; added `knip.jsonc` config for ongoing dead-code analysis (#555, #556, #557).
+- `isRetryableStorageWriteError`, `copyDashboardSettingValue`, `mergeDashboardSettingsForKeys`, and `DEFAULT_STATUSLINE_FIELDS` exported from their respective modules for direct test access.
+- Synced plugin manifest and `AGENTS.md` package-version claim to `v2.3.0-beta.3`.
+
+## Testing
+
+### Improvements
+
+- 20 new direct test suites covering: login-oauth, login-menu actions/flow/data, persist-selected, health-check, forecast-report-shared, settings write-queue, rotation selection/state/token-refresh, auth-menu builder, model-fallback property, write-queue property, rate-limit helpers, usage-ledger redaction, settings preview builders, and settings-hub shared helpers.
+- Property-based test suite for `deduplicateAccountsByIdentity`: covers order-independence and convergence across all permutations using fast-check.
+- `shouldRetryFileOperation`, `fs-retry`, and `temp-path` covered with new unit suites.
+
+## Notes
+
+- Prerelease published under the `beta` dist-tag (`npm i -g codex-multi-auth@beta`).
+- The #509 sequential drain-first feature and all fixes from `2.3.0-beta.2` are included.

package-lock.json

@@ -1,6 +1,6 @@
 {
 	"name": "codex-multi-auth",
-	"version": "2.3.0-beta.2",
+	"version": "2.3.0-beta.3",
 	"description": "Codex CLI multi-account OAuth manager with account switching, health checks, runtime rotation, diagnostics, and recovery tools for @openai/codex",
 	"main": "./dist/index.js",
 	"types": "./dist/index.d.ts",