Releases: ndycode/codex-multi-auth
Releases · ndycode/codex-multi-auth
Release list
1.3.1
Runtime Rotation
Features
- Activated GPT-5.5 and GPT-5.5 Pro as first-attempt models on supported Codex runtimes while preserving deterministic fallback behavior for older runtimes and non-entitled accounts. (#435)
Bugfixes
- Fixed unsupported-model retry handling so ChatGPT-backed Codex surfaces fall back to
gpt-5.4only after real upstream unsupported-model or no-access responses. (#435)
Core
Bugfixes
- Hardened request, auth, account, recovery, storage, settings, UI, and shutdown behavior around rate-limit backoff, token redaction, SSE buffering, account removal, manual-paste state, import size caps, Q hotkeys, OAuth state checks, retry writes, and cleanup idempotency. (#414, #417, #418, #419, #420, #421, #423, #424, #425, #426, #427, #428, #429, #431, #432)
Release Hygiene
Improvements
- Removed dead command modules and ghost tests, refreshed hybrid-selector coverage for the null contract, and rolled open fix PRs into a single review branch before the GPT-5.5 activation. (#416, #422, #432)
- Validated the runtime rollout with build and focused model-map, transformer, wrapper, config, capability, fetch-helper, and plugin suites.
1.3.0
Diagnostics
Features
- Added
codex auth why-selectedandcodex auth verify --pathsdiagnostics for account-selection and path-safety inspection. (#410)
Runtime Rotation
Features
- Added a feature-flagged routing mutex and
SelectionRecordplumbing for safer concurrent account selection while keeping the legacy default. (#412)
Core
Bugfixes
- Closed the Phase 1 post-audit hardening set across OAuth URL redaction, redirect URI single source of truth, hybrid-selector null handling, short-429 retry ordering, active-pointer normalization, recovery atomic writes, storage reset ordering, config-conflict surfacing, malformed SSE warnings, and account pointer cleanup. (#394, #395, #396, #397, #398, #399, #401, #402, #403, #404, #413)
Release Hygiene
Bugfixes
- Fixed release hygiene so
pack:checkbuilds first and tests useos.tmpdir. (#400)
Improvements
- Bumped security-sensitive dependency overrides, added audit-invariant regression coverage, moved storage JSON boundaries to Zod
safeParseJson, split the settings hub into focused modules, and validated staging with 3529 passing tests plus real-install smoke. (#392, #407, #409, #411)
Documentation
Improvements
1.2.7
CLI
Features
- Added native official Codex CLI discovery on
PATHso Homebrew and release-binary installs work alongside the existing npm launcher flow. (#391)
Bugfixes
- Fixed wrapper launch behavior to distinguish JavaScript entrypoints from native executables and to avoid POSIX self-wrapper loops or Windows
codex.exeprecedence mistakes. (#391) - Hardened native resolver edge cases and stale test expectations around native Codex path handling. (#391)
Documentation
Improvements
- Updated release notes and stable-history docs for the native Codex CLI compatibility release. (#391)
Release Hygiene
Improvements
1.2.6
Runtime Rotation
Bugfixes
- Fixed wrapped non-auth Codex commands so successful forwarded request traffic increments persisted runtime observability counters.
- Added a wrapper fallback that records forwarded request metrics only when the child Codex process leaves the runtime snapshot unchanged, avoiding double-counting when plugin-side metrics already exist.
- Preserved existing
codex authobservability while making realcodex execsmoke runs visible incodex auth statusandcodex auth report --json.
Documentation
Improvements
- Clarified the
v1.2.5observability wording before shipping the forwarded-observability fix.
Release Hygiene
Improvements
- Added regression coverage for missing-child-update and already-updated snapshot cases in the wrapper suite, then validated with build and real
codex execsmoke checks.
1.2.5
Storage
Bugfixes
- Hardened Windows and storage safety with storage-health inspection, atomic cache/runtime snapshot writes, quieter WAL recovery checks, retried
EBUSY/EPERMcleanup, and safer live-sync/session-affinity writes. (#387)
Runtime Rotation
Bugfixes
- Disabled default whole-pool replay when every account is rate-limited and capped outbound request attempts per prompt to prevent runaway cross-account retries. (#387)
- Tightened retry and failover behavior for 429s, upstream 5xx bursts, empty responses, stream replay, quota deferral, cooldown drift, and 404 usage-limit remapping. (#387)
CLI
Features
- Added runtime counters, cooldown state, selection reason, and storage-health observability to
codex auth statusandcodex auth report --json. (#387) - Added safer live report controls with
--max-accounts,--max-probes, and--cached-onlyfor inspecting state without probing the full pool. (#387)
Release Hygiene
Improvements
- Rebuilt the open main PR wave with review fixes and expanded regression coverage across retry, observability, storage, and concurrency edge cases. (#387)
- Validated the release with publish checks, npm version verification, lint, typecheck, and build.
1.2.4
Storage
Bugfixes
- Fixed flagged-account backup and legacy-read retry regressions so transient Windows
EBUSYlocks remain covered. (#356) - Fixed failed backup persistence so
persistRecoveredBackup -> falsecannot report a false successful recovery. (#356)
Release Hygiene
Bugfixes
- Fixed test cleanup and wrapper mutator behavior by restoring
fs.readFilespies fromfinallyand removing a dead inlinereturn. (#356)
Improvements
- Merged the post-merge review-fix branch, ran focused storage and wrapper suites, repo hygiene, lint, typecheck, build, and the full dot-reporter test suite. (#356)
1.2.2
Auth
Bugfixes
- Hardened fast-expiry refresh persistence so refreshed token and account state survive account-pool writes. (#323)
- Tightened stable identity reconciliation for guardian refresh outcomes, runtime tracker state, fresh-family selection, and expired CLI cache hydration. (#325, #326, #328)
Runtime Rotation
Bugfixes
- Realigned account-pool health handling across success healing, guardian penalties, circuit-breaker penalties, reason-scoped rate limiting, and stale cooldown metadata. (#324, #329)
Release Hygiene
Improvements
- Aligned
mainwith the published1.2.2package and added the stable docs anchor used by the README/docs portal. (#336)
1.2.1
Storage
Bugfixes
- Carried forward remaining non-
devstorage/settings hardening work onto freshmain. (#319)
Quota & Forecast
Features
- Added
codex auth forecast --explainsupport and related regression coverage. (#299)
Documentation
Improvements
- Simplified beginner onboarding, added maintainer runbooks, and refreshed command guidance. (#141, #300)
Release Hygiene
Features
Improvements
- Merged the current main-target PR set and expanded benchmark, renderer, wrapper, runtime, and refactor-guardrail coverage. (#149, #263, #302, #304, #306, #307, #308, #318)
Core
Features
- Aligned GPT-5 model routing with current OpenAI defaults. (#309)
Bugfixes
1.2.0
Auth
Features
- Added headless-friendly manual login mode for environments where browser launch or the local callback listener is unavailable. (#132)
Bugfixes
- Honored explicit no-browser environment toggles and skipped callback waiting in manual login mode. (#132)
Runtime Rotation
Features
- Added proxy-compatible upstream transport, workspace-disabled/expired auto-rotation, onboarding restore from the latest saved backup, and restored experimental settings hotkeys. (#136, #137, #138)
Bugfixes
- Preserved selected workspace routing across retries and fallback paths instead of collapsing back to mutable token-derived identity. (#136)
Release Hygiene
Improvements
- Normalized dependency lockfile state and expanded auth/runtime token identity and browser suppression coverage before the stable release.
1.1.11
Quota & Forecast
Bugfixes
- Fixed quota-cache key collisions for multi-workspace accounts that share the same email. (#122)
- Kept live quota fallback state distinct after
auth checkandauth fixrefreshes change shared-workspace identity fields. (#122) - Hardened live quota cache persistence so failed saves do not mutate the loaded cache object during forecast, check, or fix flows. (#122)