codex

New Features

• The TUI now has quick reasoning controls: Alt+, lowers reasoning, Alt+. raises it, and accepted model upgrades now reset reasoning to the new model’s default instead of carrying over stale settings. (#18866, #19085)
• App-server sessions can now manage multiple environments and choose an environment and working directory per turn, which makes multi-workspace and remote setups easier to target precisely. (#18401, #18416)
• Added first-class Amazon Bedrock support for OpenAI-compatible providers, including AWS SigV4 signing and AWS credential-based auth. (#17820)
• Remote plugin marketplaces can now be listed and read directly, with more reliable detail lookups and larger result pages. (#18452, #19079)
• Hooks are now stable, can be configured inline in config.toml and managed requirements.toml, and can observe MCP tools as well as apply_patch and long-running Bash sessions. (#18893, #18385, #18391, #18888, #19012)
• Eligible ChatGPT plans now default to the Fast service tier unless you explicitly opt out. (#19053)

Bug Fixes

• Preserved Cloudflare cookies across approved ChatGPT hosts, reducing auth breakage in HTTP-backed ChatGPT flows. (#17783)
• Fixed remote app-server reliability issues so websocket events keep draining under load and shutdown no longer fails when the remote worker exits during cleanup. (#18932, #18936)
• Fixed permission-mode drift so /permissions changes survive side conversations and updated Full Access state is correctly reflected in MCP approval handling. (#18924, #19033)
• Fixed wait_agent so it returns promptly when mailbox work is already queued instead of waiting for a fresh notification or timing out. (#18968)
• Fixed local stdio MCP launches for relative commands without an explicit cwd, bringing fallback path resolution in line with CLI behavior. (#19031)
• Startup now fails less often on managed config edge cases: unknown feature requirements warn instead of aborting, and cloud-requirements errors are clearer about what failed. (#19038, #19078)

Changelog

Full Changelog: https://github.com/openai/codex/compare/rust-v0.123.0...rust-v0.124.0

• #18870 Load app-server config through ConfigManager @pakrym-oai
• #18866 feat(tui): shortcuts to change reasoning level temporarily @fcoury-oai
• #18430 app-server: implement device key v2 methods @euroelessar
• #18757 fix: fully revert agent identity runtime wiring @efrazer-oai
• #17783 Preserve Cloudfare HTTP cookies in codex @shijie-oai
• #18876 [rollout_trace] Add rollout trace crate @cassirer-openai
• #18401 Support multiple managed environments @starr-openai
• #18797 Allow guardian bare allow output @maja-openai
• #18886 Normalize /statusline & /title items @canvrno-oai
• #18768 [codex] Tighten external migration prompt tests @alexsong-oai
• #18909 Update /statusline and /title snapshots @canvrno-oai
• #18867 sandboxing: materialize cwd-relative permission globs @bolinfest
• #18915 fix: windows snapshot for external_agent_config_migration::tests::prompt_snapshot did not match windows output @bolinfest
• #18416 Add turn-scoped environment selections @starr-openai
• #18391 fix(core): emit hooks for apply_patch edits @fcoury-oai
• #18916 test(core): move prompt debug coverage to integration suite @bolinfest
• #17820 feat: add AWS SigV4 auth for OpenAI-compatible model providers @celia-oai
• #18913 bazel: run wrapped Rust unit test shards @bolinfest
• #18452 feat: Support remote plugin list/read. @xl-openai
• #18936 Fix remote app-server shutdown race @bolinfest
• #18871 refactor: add agent identity crate @efrazer-oai
• #18276 exec-server: carry filesystem sandbox profiles @bolinfest
• #18926 ci: keep argument comment lint checks materialized @bolinfest
• #18935 Keep TUI status surfaces in sync @etraut-openai
• #18923 chore(tui) debug-config guardian_policy_config @dylan-hurd-oai
• #18943 tests: serialize process-heavy Windows CI suites @bolinfest
• #18934 [codex] Clean guardian instructions @dylan-hurd-oai
• #18948 chore: remove unused Bedrock auth lazy loading @celia-oai
• #18277 core: derive active permission profiles @bolinfest
• #18785 feat: add explicit AgentIdentity auth mode @efrazer-oai
• #18953 use long-lived sessions for codex sandbox windows @iceweasel-oai
• #18278 app-server: expose thread permission profiles @bolinfest
• #17693 [codex-analytics] guardian review analytics events emission @rhan-oai
• #17695 [codex-analytics] guardian review truncation @rhan-oai
• #17696 [codex-analytics] guardian review TTFT plumbing and emission @rhan-oai
• #18962 nit: expose lib @jif-oai
• #18502 Support multiple cwd filters for thread list @acrognale-oai
• #18968 fix: wait_agent timeout for queued mailbox mail @jif-oai
• #18971 fix: cargo deny @jif-oai
• #18973 chore: prep memories for AB @jif-oai
• #18852 [codex] Update imagegen system skill @vb-openai
• #18865 Stage publishable Python runtime wheels @sdcoffey
• #18932 TUI: Keep remote app-server events draining @etraut-openai
• #18877 [rollout_trace] Record core session rollout traces @cassirer-openai
• #18959 feat(auto-review) policy config @dylan-hurd-oai
• #18955 Add plumbing to approve stored Auto-Review denials @won-openai
• #18999 arg0: keep dispatch aliases alive during async main @bolinfest
• #18925 feat: Fairly trim skill descriptions within context budget @xl-openai
• #18890 feat(auto-review) short-circuit @dylan-hurd-oai
• #18279 app-server: accept permission profile overrides @bolinfest
• #18582 [2/4] Implement executor HTTP request runner @aibrahim-oai
• #18197 feat: add guardian network approval trigger context @viyatb-oai
• #19033 Fix MCP permission policy sync @leoshimo-oai
• #19016 exec-server: expose arg0 alias root to fs sandbox @bolinfest
• #19036 Overlay state DB git metadata for filtered thread lists @joeytrasatti-openai
• #18956 [Codex] Register browser requirements feature keys @khoi-oai
• #19043 Update bundled OpenAI Docs skill freshness check @kkahadze-oai
• #18504 Rebrand approvals reviewer config to auto-review @won-openai
• #19046 exec-server: require explicit filesystem sandbox cwd @bolinfest
• #18280 clients: send permission profiles to app-server @bolinfest
• #18281 rollout: persist turn permission profiles @bolinfest
• #18888 hooks: emit Bash PostToolUse when exec_command completes via write_stdin @eternal-openai
• #19056 Rename approvals reviewer variant to auto-review @won-openai
• #18583 [3/4] Add executor-backed RMCP HTTP client @aibrahim-oai
• #19059 core: box multi-agent wrapper futures @bolinfest
• #19031 Fix relative stdio MCP cwd fallback @mzeng-openai
• #19063 chore(auto-review) feature => stable @dylan-hurd-oai
• #19050 feat(request-permissions) approve with strict review @dylan-hurd-oai
• #19067 test: set Rust test thread stack size @bolinfest
• #19072 tui: fix approvals popup disabled shortcut test @bolinfest
• #18893 codex: support hooks in config.toml and requirements.toml @eternal-openai
• #18282 protocol: report session permission profiles @bolinfest
• #19053 Default Fast service tier for eligible ChatGPT plans @shijie-oai
• #19055 Add safety check notification and error handling @etraut-openai
• #18283 app-server: accept command permission profiles @bolinfest
• #19012 Mark codex_hooks stable @abhinav-oai
• #18924 TUI: preserve permission state after side conversations @etraut-openai
• #19071 Add computer_use feature requirement key @leoshimo-oai
• #19079 Use remote plugin IDs for detail reads and enlarge list pages @xl-openai
• #19038 feat: Warn and continue on unknown feature requirements @xl-openai
• #19078 Clarify cloud requirements error messages @gverma-openai
• #19085 Persist target default reasoning on model upgrade @shijie-oai
• #19086 app-server: include filesystem entries in permission requests @bolinfest
• #18385 Support MCP tools in hooks @abhinav-oai
• #19113 Fix auto-review config compatibility across protocol and SDK @won-openai