Skip to content

Releases: ndycode/codex-multi-auth

v1.2.6

06 Apr 11:35
@ndycode ndycode
v1.2.6
e99d641

Choose a tag to compare

View all tags
v1.2.6 Latest
Latest

Release v1.2.6

Release line: stable

This patch release fixes forwarded codex exec runtime observability so real wrapped Codex requests are reflected in codex auth status and codex auth report --json even when the downstream Codex runtime does not update the snapshot itself.

Scope

  • Published package version: 1.2.6
  • Previous stable release: v1.2.5

What Changed

  • fixed wrapped non-auth Codex commands so successful forwarded request traffic increments persisted runtime observability counters
  • added a wrapper fallback path that records forwarded request metrics only when the child Codex process leaves the runtime snapshot unchanged, avoiding double-counting when plugin-side metrics are present
  • preserved the existing codex auth observability behavior while making real codex exec smoke runs visible in codex auth status and codex auth report --json
  • added regression coverage for both missing-child-update and already-updated snapshot cases in the wrapper test suite

Validation

  • npm test -- test/codex-bin-wrapper.test.ts
  • npm run build
  • codex -a never exec --sandbox read-only --color never -o "$env:TEMP\\codex-smoke-last.txt" "Reply with exactly OK and nothing else."
  • codex auth status
  • codex auth report --json

Related

  • Previous release notes: docs/releases/v1.2.5.md
Assets 2
Loading

v1.2.5

06 Apr 10:41
@ndycode ndycode
v1.2.5
67bbe95

Choose a tag to compare

View all tags
v1.2.5

Release v1.2.5

Release line: stable

This patch release follows the merged rebuild from PR #387 and publishes the consolidated request-reliability, runtime observability, and storage-hardening fixes as 1.2.5.

Scope

  • Published package version: 1.2.5
  • Merged PR: #387 release: rebuild open main PR wave with review fixes
  • Merge commit on main: 519e9dffdadef29699f56c361974b68539f4a887
  • Previous stable release: v1.2.4

What Changed

  • added runtime counters, cooldown state, selection reason, and storage-health observability to codex auth status and codex auth report --json, with visible tracking for multi-auth probes and refresh activity
  • added safer live report controls with --max-accounts, --max-probes, and --cached-only so operators can inspect state without probing the full pool
  • disabled default whole-pool replay when every account is rate-limited and capped outbound request attempts per prompt to prevent runaway cross-account retries
  • tightened retry and failover behavior for 429s, upstream 5xx bursts, empty responses, and stream replay so partial output is not re-emitted and aggressive rotation cools down sooner
  • hardened rate-limit handling by keeping persisted cooldown state visible, narrowing 404 remapping to structured quota signals, and feeding overload-style server responses back into quota deferral
  • improved Windows and storage safety with storage-health inspection, atomic cache/runtime snapshot writes, quieter WAL recovery checks, and retried EBUSY / EPERM account cleanup
  • protected live-sync and session-affinity state from stale overlapping writes and expanded regression coverage across retry, observability, storage, and concurrency edge cases

Validation

  • npm publish
  • npm view codex-multi-auth version
  • npm run lint
  • npm run typecheck
  • npm run build

Related

  • PR: https://github.com/ndycode/codex-multi-auth/pull/387
  • Previous release notes: docs/releases/v1.2.4.md
Loading

v1.2.4

05 Apr 13:30
@ndycode ndycode
v1.2.4
478f44c

Choose a tag to compare

View all tags
v1.2.4

Release v1.2.4

Release line: stable

This patch release follows the published v1.2.3 rebuild and lands the post-merge review fixes from PR #356.

Scope

  • Published package version: 1.2.4
  • Merged PR: #356 release: patch post-merge review fixes for v1.2.4
  • Merge commit on main: 688802af72d3129a6357ea3b67e7427da37d0faf
  • Previous stable release: v1.2.3

What Changed

  • added deterministic regressions for flagged-account backup and legacy read retries so transient Windows EBUSY locks stay covered
  • pinned the persistRecoveredBackup -> false path so failed backup persistence does not report a false successful recovery
  • tightened test cleanup so fs.readFile spies are restored from finally and cannot leak across later Vitest cases
  • removed the dead inline return from the Codex wrapper mutator script used by the delayed-write retry regression
  • kept the post-merge review-fix branch validated end-to-end before merging back to main

Validation

  • npm test -- test/storage-flagged.test.ts
  • npm test -- test/codex-bin-wrapper.test.ts
  • npm run clean:repo:check
  • npm run lint
  • npm run typecheck
  • npm run build
  • npm test -- --reporter=dot
  • Full suite passed: 222/222 files, 3313/3313 tests

Related

  • PR: https://github.com/ndycode/codex-multi-auth/pull/356
  • Previous release notes: docs/releases/v1.2.3.md
Loading

v1.2.2

01 Apr 13:29
@ndycode ndycode
v1.2.2
b9c9273
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.2.2

Release v1.2.2

Release line: stable

This release aligns main with the already-published codex-multi-auth@1.2.2 package and lands the account-pool health fix set through the catch-up release PR.

Scope

  • Current package version in package.json is 1.2.2.
  • Merged main commit for this release is b9c92737c468aa06af4569a7120ace30f5fa8269.
  • Carries forward the validated release integration previously published to npm.
  • Canonical command family remains codex auth ....
  • Canonical package name remains codex-multi-auth.

Changes

  • Hardened fast-expiry refresh persistence so refreshed token and account state survive account-pool writes.
  • Realigned account-pool health handling across success healing, guardian penalties, circuit-breaker penalties, and reason-scoped rate limiting.
  • Tightened stable identity reconciliation for guardian refresh outcomes and runtime tracker state.
  • Persisted refreshed auth from forecast and report live probes and improved expired CLI cache hydration.
  • Expanded regression coverage around rotation, guardian scoring, circuit-breaker integration, health probes, storage identity, and CLI forecast/report flows.

Included Merges

  • #336 release: align main with published 1.2.2

Superseded PR Stack

  • #323 fix fast-expiry token refresh persistence in account pool
  • #324 fix stale account pool penalties after successful requests
  • #325 fix: reconcile guardian refresh outcomes by stable identity
  • #326 fix: prefer fresh access tokens during account selection
  • #327 fix: persist refreshed live-probe tokens in forecast commands
  • #328 fix: hydrate newer refresh tokens from expired cli cache
  • #329 fix: graduate refresh guardian failure penalties
  • #330 fix runtime tracker state identity keys
  • #331 fix hybrid selection sticky current account
  • #332 fix rate limit scope by reason
  • #333 fix refresh guardian pool health scoring
  • #334 fix circuit breaker account pool integration

Validation

  • Release branch commit carried into main: 22db10b94e4912c9588d8c6784891708dad9205f
  • npm run clean:repo:check
  • npm run lint
  • npm run typecheck
  • npm run build
  • npm test -- --pool=threads --maxWorkers=1
  • Full suite passed: 221/221 files, 3221/3221 tests
  • npm pack --dry-run

Related

Loading

v1.2.1

23 Mar 15:19
@ndycode ndycode
v1.2.1
ab3ac21

Choose a tag to compare

View all tags
v1.2.1

Release v1.2.1

Release line: stable

This document anchors the current stable release reference used by the docs portal.

Scope

  • Current package version in package.json is 1.2.1.
  • Canonical command family remains codex auth ....
  • Canonical package name remains codex-multi-auth.
  • Carries forward the merged non-dev PR set landed after v1.2.0.

Changes

  • Added codex auth forecast --explain support and related regression coverage.
  • Aligned GPT-5 model routing with current OpenAI defaults.
  • Added package subpath exports and tightened shipped config/public API coverage.
  • Added maintainer runbooks and refreshed onboarding and command guidance.
  • Hardened storage export behavior so empty current pools fail cleanly instead of exporting invalid state.
  • Carried forward remaining non-dev storage/settings hardening work onto fresh main.
  • Hardened CLI manual-login test isolation and fixed the wait-utils fake-timer regression.

Included Merges

  • #318 release: merge current main-target PR set
  • #319 carry forward remaining unique non-dev PR work
  • #320 fix(storage): fail export when current pool is empty
  • #321 test: harden codex manager cli isolation

Validation

  • Merged main commit: 428d3a66006dacaa9de93cfe56c6a38263154886
  • npm run lint
  • npm run typecheck
  • npm run build
  • npm test -- --pool=threads --maxWorkers=1
  • Full suite passed: 221/221 files, 3166/3166 tests

Related

Loading

v1.2.0

20 Mar 13:22
@ndycode ndycode
v1.2.0
046993a

Choose a tag to compare

View all tags
v1.2.0

Release v1.2.0

Release date: 2026-03-20
Channel: latest

Highlights

  • Added headless-friendly auth login with manual callback support for environments where browser launch or the local callback listener is unavailable.
  • Preserved selected workspace routing across retries and fallback paths instead of collapsing back to mutable token-derived identity.
  • Added proxy-compatible upstream transport, workspace-disabled auto-rotation, onboarding restore from the latest saved backup, and restored experimental settings hotkeys.

Install

npm i -g @openai/codex
npm i -g codex-multi-auth

Core Operations

codex auth login
codex auth login --manual
codex auth status
codex auth check --live
codex auth forecast --live

Validation Snapshot

Release gate commands:

  • npm run clean:repo:check
  • npm run lint
  • npm run typecheck
  • npm run build
  • npm test

Broad validation result:

  • repo-hygiene check passed
  • npm run lint passed
  • npm run typecheck passed
  • npm run build passed
  • 106/106 test files passed
  • 2640/2640 tests passed

Merged PRs

  • #132 add manual login mode for headless auth flows
  • #133 preserve selected workspace in request routing
  • #134 add proxy-compatible upstream transport
  • #136 feat: auto-rotate on disabled/expired workspace errors
  • #137 add onboarding restore for latest saved backup
  • #138 fix experimental settings tui hotkeys

Notes

  • This republishes the existing v1.2.0 tag with the final merged PR inventory.
  • The stacked #132, #133, and #134 release content is on main through the release-integration merges captured by the v1.2.0 tag; the temporary git-plan/* stack branches were removed after release cleanup.
  • The validation run on the tagged tree emitted duplicate getCurrentWorkspace test-fixture warnings in test/index.test.ts, but the build and full suite still passed.

Related

Loading

v1.1.11

18 Mar 14:42
@ndycode ndycode
v1.1.11
b918aac
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.1.11

Release v1.1.11

Release date: 2026-03-18
Channel: latest

Highlights

  • Fixed quota-cache key collisions for multi-workspace accounts that share the same email.
  • Rebuilt live quota fallback state after auth check and auth fix refreshes change shared-workspace identity fields.
  • Hardened live quota cache persistence so failed saves do not mutate the loaded cache object during forecast, check, or fix flows.

Install

npm i -g @openai/codex
npm i -g codex-multi-auth

Core Operations

codex auth login
codex auth status
codex auth check --live
codex auth fix --live
codex auth forecast --live

Validation Snapshot

Release gate commands:

  • npm run typecheck
  • npm run build
  • npm test -- test/codex-manager-cli.test.ts test/quota-cache.test.ts test/storage.test.ts test/index.test.ts

Broad validation result:

  • npm run typecheck passed
  • npm run build passed
  • 4/4 targeted test files passed
  • 323/323 targeted tests passed

Merged PRs

  • #122 fix(quota): keep multi-workspace fallbacks distinct

Commits

  • PR #122 fixes same-email multi-workspace quota fallback collisions, stale fallback pruning, and save-isolation behavior across the CLI quota flows.
  • The release prep in this worktree bumps package metadata to 1.1.11 and refreshes the stable release-note links in the root docs surfaces.

Notes

  • Accounts that share an email but belong to different workspaces now prefer accountId-scoped quota cache entries instead of collapsing onto one email-scoped entry.
  • Live quota refresh paths now isolate working cache state before save, so Windows EBUSY or EPERM failures do not mutate the loaded cache in memory.
  • The release includes expanded regression coverage for mixed accountId rows, stale email fallback cleanup, targeted live-probe routing, and Windows save retry behavior.

Related

Loading

v1.1.10

18 Mar 01:16
@ndycode ndycode
v1.1.10
1d404f9

Choose a tag to compare

View all tags
v1.1.10

Release v1.1.10

Release date: 2026-03-18
Channel: latest

Highlights

  • Added codex auth best for forecast-driven active-account switching from the CLI.
  • Hardened live probe refresh handling so rotated access, refresh, and ID tokens stay aligned through the already-best and switch paths.
  • Tightened auth best CLI validation and JSON output coverage for help, malformed flags, null storage, concurrency, and sync-state edge cases.

Install

npm i -g @openai/codex
npm i -g codex-multi-auth

Core Operations

codex auth login
codex auth list
codex auth status
codex auth best --live
codex auth forecast --live

Validation Snapshot

Release gate commands:

  • npm run clean:repo:check
  • npm run typecheck
  • npm run build
  • npm run lint
  • npm test -- test/documentation.test.ts
  • npm test

Broad validation result:

  • repo-hygiene check passed
  • npm run typecheck passed
  • npm run build passed
  • npm run lint passed
  • 19/19 documentation integrity tests passed
  • 105/105 test files passed on two consecutive full-suite runs
  • 2513/2513 tests passed on two consecutive full-suite runs

Merged PRs

  • #120 feat(cli): add codex auth best account switching

Commits

  • PR #120 adds the new codex auth best command and the probe/sync hardening required for safe forecast-driven switching.
  • The release bump in this branch promotes 1.1.10 in package metadata and refreshes the stable release-note links in the root docs surfaces.

Notes

  • codex auth best --live now refreshes probe credentials before reuse and keeps Codex CLI sync state explicit when the current account is already the best account.
  • auth best --json now covers the already-best sync result and null-storage handling without mutating account state on help or malformed invocations.
  • Concurrent live-best runs continue to reuse the queued refresh network call while preserving the documented two-save behavior in the current contract.

Related

Loading

v0.1.9

13 Mar 12:18
@ndycode ndycode
v0.1.9
57b2591
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.1.9

Release date: 2026-03-13
Channel: latest

Highlights

  • Preserved distinct business accounts that share a workspace accountId so no-email login, refresh, and restore paths stop overwriting sibling seats.
  • Aligned guarded identity matching across runtime login, CLI recovery, storage normalization, import preview/apply, and entitlement tracking.
  • Hardened rollback and regression coverage for concurrent persistence, flagged-account recovery, malformed-token rows, and shared-workspace edge cases.

Install

npm i -g @openai/codex
npm i -g codex-multi-auth

Core Operations

codex auth login
codex auth list
codex auth status
codex auth check
codex auth forecast --live

Validation Snapshot

Release gate commands:

  • npm run clean:repo:check
  • npm run audit:ci
  • npm run lint
  • npm test -- test/documentation.test.ts
  • npm test -- test/accounts.test.ts test/oc-chatgpt-import-adapter.test.ts test/index.test.ts test/storage.test.ts test/codex-manager-cli.test.ts test/entitlement-cache.test.ts

Broad validation result:

  • repo-hygiene check passed
  • npm run audit:ci passed at the configured high-severity threshold; the remaining hono advisory stayed below that gate
  • npm run lint passed
  • 19/19 documentation integrity tests passed after promoting the new stable release notes
  • 6/6 targeted shared-account regression suites passed (405/405 tests)

Known baseline blockers observed during release validation:

  • npm run typecheck fails on both origin/main and this release branch because the workspace cannot currently resolve @codex-ai/plugin/tool and already carries unrelated TypeScript errors outside #90
  • npm run build remains blocked by the same pre-existing typecheck baseline

Merged PRs

  • #90 fix: preserve business accounts that share a workspace accountId

Commits

  • PR #90 carries the guarded account-identity matching fixes and regression coverage that preserve shared-workspace business accounts across login, import, flagged recovery, storage normalization, and entitlement tracking.
  • The release bump in this branch promotes 0.1.9 in package metadata and refreshes the stable release-note links in the root docs surfaces.

Notes

  • Bare accountId fallback now only applies when the no-email case is unambiguous.
  • Entitlement cache identity now prefers the fresh email resolved from the latest token material and avoids refresh-token-derived keys.
  • CLI and runtime persistence paths now share the same guarded account matching behavior for shared-workspace business accounts.

Related

Loading

v0.1.8

12 Mar 02:17
@ndycode ndycode
v0.1.8
d761509

Choose a tag to compare

View all tags
v0.1.8

Release date: 2026-03-11
Channel: latest

Highlights

  • Folded the remaining stacked settings and sync work into the stable release, including experimental settings flows, backend primitive extraction, and wrapper non-TTY behavior docs.
  • Hardened account and flagged-account reset recovery so intentional clears suppress stale revival paths even when primary files survive an initial delete failure.
  • Kept Codex CLI sync mirror-only while adding preview-first oc-chatgpt sync, named backup export, and richer target detection on top of the same canonical storage model.

Install

npm i -g @openai/codex
npm i -g codex-multi-auth

Core Operations

codex auth login
codex auth list
codex auth status
codex auth check
codex auth forecast --live

Validation Snapshot

Release gate commands:

  • npm ci
  • npm run clean:repo:check
  • npm run audit:ci
  • npm run typecheck
  • npm run lint
  • npm test
  • npm run build
  • npm run coverage
  • npm run test:model-matrix:smoke

Broad validation result:

  • 105/105 test files passed
  • 2456/2456 tests passed
  • full coverage pass on the all-inclusive release branch
  • model-matrix smoke completed with only skipped cases for the current runtime/account capability set after the entitlement-aware harness fix

Merged PRs

  • #64 test(settings): split persistence regression coverage
  • #65 test(settings): split cli settings harness coverage
  • #61 feat(settings): add experimental settings flows
  • #63 docs(cli): document wrapper non-TTY behavior
  • #71 fix(storage): harden recovery and intentional reset flows
  • #72 fix(sync): keep Codex CLI state mirror-only
  • #74 feat(sync): extract backend primitives for the sync stack

Commits

  • Replacement RC assembled from main plus the original release branch and the previously open stacked branches for #65, #74, #61, and #63.
  • Stack prerequisite work from split/pr58-sync-orchestrator is included because #61 depends on it.
  • Release-only follow-up commit 961c3db formalizes the flagged reset edge-case fix, the entitlement-aware smoke harness update, and the fresh-worktree documentation-test fix needed to keep the validation gate reproducible.
  • Release-only follow-up commit c946d08 adds broad merged-feature regression coverage.
  • Release-only follow-up commit 8ee10e3 restores backup metadata, restore assessment, and transaction-safe named backup export behavior after the all-open merge.

Notes

  • Flagged-account clears now remain suppressed when the reset marker exists, even if the primary flagged file survives an initial delete failure.
  • Smoke-matrix results now distinguish unsupported account/runtime capabilities from true release-blocking failures.
  • The current smoke run was environment-inconclusive rather than failing: no supported live model completed in this account/runtime, but no hard harness or transformer failures remained.
  • Broad release regressions now verify that Codex CLI mirror files cannot mutate canonical storage or unified settings, that flagged reset suppression still holds when mirror files exist, and that the experimental sync/backup stack continues to validate as part of the full merged branch.

Related

Loading