Gilbert Codex v0.5.7

Gilbert Codex v0.5.7 is a desktop reliability update for the Windows public alpha. It keeps the release focused on the real app experience: subscription setup should be understandable, model routes should be clear, workspace tools should be safer and faster, automation output should read like a normal result, and the release docs should match the build a user can actually test.

Release Status

• Version: 0.5.7
• Tag: v0.5.7
• Previous public release: v0.5.6
• Primary packaged target: Windows x64
• Release vehicle: GitHub Actions Release workflow plus Tauri NSIS installer
• Installer family: Gilbert-Codex-0.5.7-x64-setup.exe
• Update feed asset: latest.json
• Updater signature asset: Gilbert-Codex-0.5.7-x64-setup.exe.sig
• Checksum asset: Gilbert-Codex-0.5.7-x64-setup.exe.sha256
• Published SHA-256: pending final release build
• Local validation status: local Windows installer build passed on May 22, 2026

Do not fill the published checksum until the final GitHub Release installer artifact has been built and uploaded. Keep the GitHub Release body aligned with this file.

What Changed

• Clarified subscription setup across the first-run provider dialog and Settings. Install, start, sign-in, model selection, usage/quota, reconnect, uninstall, and fallback states now use subscription-focused wording instead of confusing sandbox labels.
• Added route-source labels for model options so the composer and model picker can distinguish Codex subscription routes, GitHub Copilot routes, Claude/Gemini subscription routes, OpenRouter routes, direct provider APIs, and local model servers.
• Improved 9Router subscription routing selection so connected accounts prefer matching models and Codex context-window controls only appear when a Codex subscription route is active.
• Added guarded local file/folder copy support for workspace tools and registered the desktop command/capability needed to copy binary assets or folders without treating them as text rewrites.
• Made multi-file text writes faster while preserving ordered per-file results, and added stale-edit recovery guidance so failed hash-based edits can re-read and retry instead of stopping early.
• Improved full-computer workspace mode by resolving host roots lazily for precise absolute paths while keeping selected-folder chats project-scoped.
• Hid project-only workspace/Git controls in no-project chats unless a real root or full-computer scope is available, reducing misleading controls in general chats.
• Cleaned provider-visible context by replacing embedded data URLs with compact metadata placeholders in message context, research context, and token estimates.
• Tightened automation prompts and inbox summaries so scheduled task results avoid empty sections, protocol narration, duplicate source sections, and source cards when no web-search tool ran.
• Added tool activity and tool coverage summaries to the coding review panel so users can see reads, searches, edits, terminal runs, browser checks, web use, and missing capability reasons.
• Improved terminal startup resilience with a longer frontend timeout and a native interactive-shell startup timeout, which should reduce false failures on slower Windows shells.
• Updated support/funding defaults and docs so Cash App is the public funding path while Stripe/PayPal remain hosted-link-only and secrets stay out of builds.

Fixed

• Fixed model changes racing against stale active-chat references by applying model/provider updates through the current active chat id.
• Fixed source-card leakage from non-web tool results by only extracting bridge sources from web_search calls.
• Fixed automation outputs that could echo hidden run instructions, include empty blocked-approval sections, or append raw source lists in the final inbox result.
• Fixed context-budget overestimates and prompt bloat caused by large embedded media/data URLs being serialized into text-oriented context.
• Fixed no-project workspace UI that could show project Git controls even when the chat was not tied to a project.
• Fixed local release validation by scoping the default Vitest command to the public src tree so ignored private overlays under .gilbert are not collected as app tests.

Release Notes For Testers

• Build and install the Windows x64 setup executable locally before tagging or publishing.
• Create or sign into a local Gilbert user after install.
• Check Settings > Providers and Settings > Subscriptions for subscription install/sign-in/fallback flow.
• Test a subscription model route and a direct/OpenRouter fallback route so the composer label can be compared.
• Test a no-project chat, a selected-folder project chat, and full-computer mode before release.
• Test a local file copy or binary asset copy only inside approved workspace roots.
• Confirm automation inbox results and coding review activity read cleanly after a tool-using run.

Validation Commands

npm.cmd run build
npm.cmd run rust:fmt:check
npm.cmd run rust:check
npm.cmd run app:installer
npm.cmd test
git diff --check

The GitHub release workflow performs the signed Windows updater build when v0.5.7 is pushed or the workflow is dispatched with this version input. This local prep pass intentionally does not push the update.

Local Prep Validation

Passed on May 22, 2026:

npm.cmd run app:installer
npm.cmd test
npm.cmd run build
npm.cmd run rust:fmt:check
npm.cmd run rust:check
git diff --check

The local installer build generated the Windows NSIS setup executable successfully. rust:check completed with the existing dead-code warning for DictationStopRequest.dictionary. Published release checksums and updater signatures still need to come from the final release artifact.

Known Limits

Windows x64 is the packaged target for this release. macOS support is in development and should be out soon, but it still needs native release validation before it should be presented as official. Linux remains source-first until native packaging and QA are complete.

ChatGPT GPT-5.3 Spark is a known read-only route in this build. It can inspect workspace files, but write/edit tool calls are not completing reliably yet. Use the other available Codex/ChatGPT, OpenRouter, or local routes for file-changing work.

The installer is not Authenticode code-signed unless a release build is produced with a valid code-signing configuration. SmartScreen warnings are expected on some machines.

Private runtime overlays, provider keys, local databases, logs, OAuth secrets, downloaded SDKs, and signing credentials stay out of public Git and should not be bundled except through the intended release workflow or local machine setup.