Codex

🔧 Codex 更新 rust-v0.118.0 发布日期: 2026-04-01 ⚠️ 新版本发布 New Features Windows sandbox runs can now enforce proxy-only networking with OS-level egress rules, instead of relying on environment variables alone. (#12220) App-server clients can now start ChatGPT sign-in with a device code flow, which helps when browser callback login is unreliable or unavailable. (#15525) codex exec now supports the prompt-plus-stdin workflow, so you can pipe input and still pass a separate prompt on the command line. (#15917) Custom model providers can now fetch and refresh short-lived bearer tokens dynamically, instead of being limited to static credentials from config or environment variables. (#16286, #16287, #16288) Bug Fixes Project-local .codex files are now protected even on first creation, closing a gap where the initial write could bypass normal approval checks. (#15067) Linux sandbox launches are more reliable because Codex once again finds a trusted system bwrap on normal multi-entry PATHs. (#15791, #15973) The app-server-backed TUI regained several missing workflows: hook notifications replay correctly, /copy and /resume <name> work again, /agent no longer shows stale threads, and the skills picker scrolls past the first page. (#16013, #16021, #16050, #16014, #16109, #16110) MCP startup is more robust: local servers get a longer startup window, and failed handshakes surface warnings in the TUI again instead of looking like clean startups. (#16080, #16041) On Windows, apply_patch is less likely to fail because it no longer adds redundant writable roots that could trigger unnecessary ACL churn. (#16030) Changelog #15891 [plugins] Polish tool suggest prompts. @mzeng-openai #15791 fix: resolve bwrap from trusted PATH entry @viyatb-oai #15900 skills: remove unused skill permission metadata @bolinfest #15811 app-server: Split transport module @euroelessar #15067 Protect first-time project .codex creation across Linux and macOS sandboxes @rreichel3-oai #15903 [codex] import token_data from codex-login directly @bolinfest #15897 sandboxing: use OsString for SandboxCommand.program @bolinfest #15910 docs: update AGENTS.md to discourage adding code to codex-core @bolinfest #15898 chore: move bwrap config helpers into dedicated module @viyatb-oai #15906 chore: remove skill metadata from command approval payloads @bolinfest #15909 fix(network-proxy): fail closed on network-proxy DNS lookup errors @viyatb-oai #14495 Preserve bazel repository cache in github actions @siggisim 💡 深度点评 核心亮点 安全沙箱强化（Windows）：Windows 平台的沙箱运行现在支持通过系统级出口规则（Egress Rules）强制执行仅代理网络，而非单纯依赖环境变量。这一改进显著提升了网络隔离的严密性，防止了潜在的绕过风险。 (#12220) 动态身份验证支持：自定义模型供应商现在可以动态获取并刷新短效 Bearer Token。相比此前仅支持配置文件或环境变量中的静态凭据，这一变化为集成企业级 IAM（身份访问管理）和更安全的认证流提供了可能。 (#16286, #16288) CLI 流水线能力增强：codex exec 现已支持“Prompt + Stdin”工作流。开发者可以通过管道（pipe）输入数据的同时，在命令行直接传递独立的 Prompt，大幅提升了 Codex 在自动化脚本中的灵活性。 (#15917) 值得注意的修复 首创配置文件安全保护：修复了项目本地 .codex 文件在首次创建时可能绕过审批检查的漏洞，确保从文件诞生起就受沙箱策略保护。 (#15067) MCP 启动鲁棒性提升：为本地 MCP 服务器提供了更长的启动窗口期，并修复了握手失败被误判为正常启动的问题。现在 TUI 能正确显示握手警告，便于开发者排查插件初始化故障。 (#16080, #16041) TUI 核心工作流回归：修复了基于 app-server 的 TUI 界面中的多项退化问题，包括 /copy 和 /resume 指令失效、Hook 通知回放异常以及技能选择器无法翻页等关键交互 Bug。 (#16013, #16021, #16109) 个人评价 Rust-v0.118.0 是一个侧重于“工程健壮性”的更新版本。它没有堆砌新的模型功能，而是将重心放在了沙箱安全性、认证机制动态化以及 TUI 交互的稳定性上。特别是网络代理策略从环境变量升级到系统级规则，以及对动态 Token 的支持，标志着 Codex 正在向更加严苛的生产级开发环境靠拢。对于重度依赖 CLI 自动化的用户来说，codex exec 的流水线优化也是非常实用的改进。 ...

🔧 Codex 更新 rust-v0.116.0 发布日期: 2026-03-26 📋 版本维护 New Features App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952) Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878) Added a userpromptsubmit hook so prompts can be blocked or augmented before execution and before they enter history. (#14626) Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827) Bug Fixes Fixed a first-turn stall where websocket prewarm could delay turn/start; startup now times out and falls back cleanly. (#14838) Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892) Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system bwrap when available. (#14849, #14890, #14963) Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843) Documentation Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446) Chores Pinned the setup-zig GitHub Action to an immutable SHA for more reproducible CI. (#14858) Changelog #14717 Move TUI on top of app server (parallel code) @etraut-openai #14665 Use request permission profile in app server @mousseau-oai #14826 Fixed build failures related to PR 14717 @etraut-openai #14833 fix(core): fix sanitize name to use ‘_’ everywhere @apanasenko-oai #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai #14851 Add exit helper to code mode scripts @pakrym-oai #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai #14652 Apply argument comment lint across codex-rs @bolinfest #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai #14861 Add marketplace display names to plugin/list @xl-openai #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai 💡 深度点评 以下是对 Codex Rust-v0.116.0 版本的技术点评： ...

🔧 Codex 更新 rust-v0.116.0 发布日期: 2026-03-25 📋 版本维护 New Features App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952) Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878) Added a userpromptsubmit hook so prompts can be blocked or augmented before execution and before they enter history. (#14626) Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827) Bug Fixes Fixed a first-turn stall where websocket prewarm could delay turn/start; startup now times out and falls back cleanly. (#14838) Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892) Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system bwrap when available. (#14849, #14890, #14963) Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843) Documentation Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446) Chores Pinned the setup-zig GitHub Action to an immutable SHA for more reproducible CI. (#14858) Changelog #14717 Move TUI on top of app server (parallel code) @etraut-openai #14665 Use request permission profile in app server @mousseau-oai #14826 Fixed build failures related to PR 14717 @etraut-openai #14833 fix(core): fix sanitize name to use ‘_’ everywhere @apanasenko-oai #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai #14851 Add exit helper to code mode scripts @pakrym-oai #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai #14652 Apply argument comment lint across codex-rs @bolinfest #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai #14861 Add marketplace display names to plugin/list @xl-openai #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai 💡 深度点评 Opening authentication page in your browser. Do you want to continue? [Y/n]: ...

🔧 Codex 更新 rust-v0.116.0 发布日期: 2026-03-23 📋 版本维护 New Features App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952) Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878) Added a userpromptsubmit hook so prompts can be blocked or augmented before execution and before they enter history. (#14626) Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827) Bug Fixes Fixed a first-turn stall where websocket prewarm could delay turn/start; startup now times out and falls back cleanly. (#14838) Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892) Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system bwrap when available. (#14849, #14890, #14963) Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843) Documentation Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446) Chores Pinned the setup-zig GitHub Action to an immutable SHA for more reproducible CI. (#14858) Changelog #14717 Move TUI on top of app server (parallel code) @etraut-openai #14665 Use request permission profile in app server @mousseau-oai #14826 Fixed build failures related to PR 14717 @etraut-openai #14833 fix(core): fix sanitize name to use ‘_’ everywhere @apanasenko-oai #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai #14851 Add exit helper to code mode scripts @pakrym-oai #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai #14652 Apply argument comment lint across codex-rs @bolinfest #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai #14861 Add marketplace display names to plugin/list @xl-openai #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai 💡 深度点评 核心亮点 Prompt 拦截与预处理钩子（userpromptsubmit） 新版本引入了 userpromptsubmit 钩子，允许在 Prompt 正式执行以及进入历史记录之前对其进行拦截、阻断或增强。这一特性为开发者提供了极高的灵活度，可用于在输入阶段动态注入上下文、实施安全过滤或进行自定义的格式化处理。 插件生态体验闭环 插件系统的自动化程度显著提升。Codex 现在支持自动提示安装缺失的插件或连接器，并引入了远程状态同步功能（针对安装/卸载操作）。配合新支持的建议白名单（suggestion allowlist），大幅降低了多端环境下插件配置的一致性维护成本。 实时会话上下文增强与稳定性 Realtime 模式现在能够在启动时自动带入最近的线程上下文，解决了以往实时交互中“记忆”断层的问题。此外，通过优化音频播放期间的逻辑，减少了自中断现象，提升了语音交互的连贯性。 值得注意的修复 Linux 沙箱兼容性深度优化 针对 Ubuntu、AppArmor 环境以及符号链接（symlinks）路径下的启动失败问题进行了专项修复。通过优先调用系统自带的 bwrap 以及优化写权限根目录的处理，显著提升了 Linux 环境下隔离运行的稳定性。 消除首轮交互延迟 修复了由于 Websocket 预热（prewarm）导致的 turn/start 挂起问题。现在启动过程具备更清晰的超时退避机制，确保在预热失败时能快速回退，避免用户感知的卡顿。 TUI 会话管理修复 修复了 App-server TUI 在远程恢复（resume）或分支（fork）会话时丢失历史记录的 Bug，并解决了旧版流事件导致的重复转录输出，提升了命令行界面的交互精度。 个人评价 v0.116.0 版本展现了从“工具”向“平台”演进的明确趋势。通过开放 userpromptsubmit 钩子和完善插件远程同步，Codex 正在强化其作为开发工作流底层的可扩展性。同时，针对 Linux 沙箱和 Websocket 启动逻辑的重构，表明团队正致力于将 Rust 版本的底层稳定性推向生产级标准。整体来看，这是一个侧重于架构稳固与开发者控制力的关键增量版本。 ...

🔧 Codex 更新 rust-v0.116.0 发布日期: 2026-03-22 📋 版本维护 New Features App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952) Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878) Added a userpromptsubmit hook so prompts can be blocked or augmented before execution and before they enter history. (#14626) Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827) Bug Fixes Fixed a first-turn stall where websocket prewarm could delay turn/start; startup now times out and falls back cleanly. (#14838) Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892) Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system bwrap when available. (#14849, #14890, #14963) Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843) Documentation Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446) Chores Pinned the setup-zig GitHub Action to an immutable SHA for more reproducible CI. (#14858) Changelog #14717 Move TUI on top of app server (parallel code) @etraut-openai #14665 Use request permission profile in app server @mousseau-oai #14826 Fixed build failures related to PR 14717 @etraut-openai #14833 fix(core): fix sanitize name to use ‘_’ everywhere @apanasenko-oai #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai #14851 Add exit helper to code mode scripts @pakrym-oai #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai #14652 Apply argument comment lint across codex-rs @bolinfest #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai #14861 Add marketplace display names to plugin/list @xl-openai #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai 💡 深度点评 核心亮点 TUI 认证与 Onboarding 流程优化：App-server TUI 现在支持通过设备代码（Device-code）进行 ChatGPT 登录，并能自动刷新现有 Token。这显著降低了开发者在命令行环境下的认证门槛，提升了首次配置的成功率。 插件生态体验闭环：新版本增强了插件设置的智能化，支持自动引导安装缺失的插件或连接器，并引入了配置化的建议白名单。同时，插件的安装与卸载状态实现了远程同步（Remote Sync），确保了跨设备环境的一致性。 可扩展的 Prompt 生命周期钩子：新增了 userpromptsubmit Hook。开发者可以在用户 Prompt 执行及进入历史记录之前对其进行拦截、阻断或增强。这为构建自定义安全护栏、自动添加上下文信息等高级用例提供了底层支持。 值得注意的修复 Linux 沙箱稳定性提升：针对 Ubuntu/AppArmor 宿主机以及存在软链接、缺少可写根目录的复杂环境进行了优化。通过优先调用系统原生的 bwrap（Bubblewrap），大幅改善了 Linux 环境下的沙箱启动可靠性。 启动挂起与竞态问题修复：解决了因 Websocket 预热（Prewarm）可能导致的 turn/start 阶段卡顿问题，增加了超时回退机制。此外，修复了 Agent 任务结束时的竞态条件，减少了工作线程的状态轮询损耗，使整体响应更敏捷。 Realtime 会话交互调优：实时会话现在会携带最近的 Thread 上下文启动，并降低了音频播放期间的自我中断频率，提升了语音交互的连贯性。 个人评价 Codex Rust-v0.116.0 是一个侧重「工程化细节打磨」的版本。核心改动集中在提升 TUI 易用性、加固沙箱环境以及完善插件系统的生命周期管理，而非单纯的功能堆砌。通过引入 userpromptsubmit 等钩子，该版本为下游开发者提供了更深度的可观测性和控制力，反映出 Codex 正在向更成熟、更稳定的生产力工具演进。 ...

🔧 Codex 更新 rust-v0.116.0 发布日期: 2026-03-21 📋 版本维护 New Features App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952) Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878) Added a userpromptsubmit hook so prompts can be blocked or augmented before execution and before they enter history. (#14626) Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827) Bug Fixes Fixed a first-turn stall where websocket prewarm could delay turn/start; startup now times out and falls back cleanly. (#14838) Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892) Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system bwrap when available. (#14849, #14890, #14963) Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843) Documentation Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446) Chores Pinned the setup-zig GitHub Action to an immutable SHA for more reproducible CI. (#14858) Changelog #14717 Move TUI on top of app server (parallel code) @etraut-openai #14665 Use request permission profile in app server @mousseau-oai #14826 Fixed build failures related to PR 14717 @etraut-openai #14833 fix(core): fix sanitize name to use ‘_’ everywhere @apanasenko-oai #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai #14851 Add exit helper to code mode scripts @pakrym-oai #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai #14652 Apply argument comment lint across codex-rs @bolinfest #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai #14861 Add marketplace display names to plugin/list @xl-openai #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai 💡 深度点评 核心亮点 App-server TUI 交互与认证升级：新版本显著增强了终端界面的易用性，支持通过设备代码（Device-code）进行 ChatGPT 登录，并实现了现有 Token 的自动刷新。这意味着开发者在使用 TUI 模式时，认证流程更加无缝，减少了手动维护凭据的中断感。 插件系统（Plugin）闭环体验：Codex 现在能主动提示安装缺失的插件或连接器，并支持配置建议白名单。更关键的是，插件的安装/卸载状态支持远程同步（remote sync），这为多端开发环境的一致性提供了基础保障。 可编程钩子 userpromptsubmit：新增的钩子允许在 Prompt 执行及存入历史记录之前进行拦截或增强。这一特性为企业级安全审计、动态上下文注入或自定义指令过滤提供了极高的灵活性，标志着 Codex 正在从工具向平台化演进。 值得注意的修复 冷启动性能优化：修复了因 WebSocket 预热（prewarm）导致的首次交互卡顿（first-turn stall）。现在启动逻辑增加了超时机制及平滑降级处理，确保了 turn/start 的响应速度。 Linux 沙箱稳定性增强：针对 Ubuntu/AppArmor 环境、符号链接路径以及缺少可写根目录等复杂场景进行了深度兼容，并优先调用系统原生的 bwrap。这解决了长期困扰 Linux 用户的沙箱启动失败问题。 TUI 历史与状态修复：恢复了远程恢复（resume）或分支（fork）对话时的历史记录展示，并解决了旧版流事件导致的实时转录输出重复问题，提升了长对话场景下的可靠性。 个人评价 Codex rust-v0.116.0 是一个侧重于「体验磨平」与「工程化落地」的版本。通过引入 userpromptsubmit 钩子和完善插件同步机制，Codex 在可定制性上迈出了一大步。同时，对认证流程的优化和沙箱稳定性的修复，反映出团队正致力于将工具从「能用」推向「生产环境可靠」。整体而言，该版本通过一系列底层异步逻辑的解耦（如 Realtime 会话优化）和认证 UX 的改进，大幅提升了开发者在复杂项目中的操作流畅度。 ...

🔧 Codex 更新 rust-v0.116.0 发布日期: 2026-03-20 ⚠️ 新版本发布 New Features App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952) Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878) Added a userpromptsubmit hook so prompts can be blocked or augmented before execution and before they enter history. (#14626) Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827) Bug Fixes Fixed a first-turn stall where websocket prewarm could delay turn/start; startup now times out and falls back cleanly. (#14838) Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892) Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system bwrap when available. (#14849, #14890, #14963) Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843) Documentation Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446) Chores Pinned the setup-zig GitHub Action to an immutable SHA for more reproducible CI. (#14858) Changelog #14717 Move TUI on top of app server (parallel code) @etraut-openai #14665 Use request permission profile in app server @mousseau-oai #14826 Fixed build failures related to PR 14717 @etraut-openai #14833 fix(core): fix sanitize name to use ‘_’ everywhere @apanasenko-oai #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai #14851 Add exit helper to code mode scripts @pakrym-oai #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai #14652 Apply argument comment lint across codex-rs @bolinfest #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai #14861 Add marketplace display names to plugin/list @xl-openai #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai 💡 深度点评 核心亮点 插件系统自动化与远程同步：新版本显著提升了插件配置的丝滑度。现在支持自动提示安装缺失的插件或连接器，并引入了远程同步（Remote Sync）功能，使得插件的安装/卸载状态可以在不同设备间保持一致。此外，新增的建议白名单机制进一步增强了插件生态的可控性。 Prompt 级拦截与增强能力：引入了 userpromptsubmit 钩子。开发者现在可以在提示词正式进入历史记录或执行之前，对其进行拦截、阻断或动态增强。这一特性为实现提示词合规检查、自动化上下文注入提供了更底座化的支持。 实时会话与 TUI 交互优化：Realtime 模式现在支持携带近期线程上下文启动，减少了语音播放时的自我中断问题。同时，App-server TUI 增加了设备码（Device-code）登录方式，并支持 ChatGPT Token 自动刷新，大幅优化了长效使用的认证体验。 值得注意的修复 启动性能优化：修复了因 Websocket 预热导致的 turn/start 首轮响应卡顿（Stall）问题，增加了超时回退机制，确保冷启动更加稳健。 Linux 沙箱兼容性增强：解决了在 Ubuntu/AppArmor 环境下，因符号链接（Symlinked）或缺少可写根目录导致的沙箱启动失败问题。通过优先调用系统自带的 bwrap，提升了跨发行版的运行稳定性。 TUI 会话状态恢复：修复了在远程 Resume 或 Fork 会话时 TUI 界面无法正确恢复历史记录的 Bug，并清理了 legacy stream 导致的重复转录输出。 个人评价 Codex Rust-v0.116.0 是一个从「单机工具」向「平台化管理」迈进的稳健版本。核心更新集中在开发者体验（DX）的打磨上，特别是插件远程同步和更灵活的 Hook 机制，意味着它正在为更复杂的企业级集成和多端同步场景做准备。Linux 沙箱兼容性的补齐和 Websocket 预热问题的修复，反映出团队在处理大规模生产环境落地的底层稳定性上投入了大量精力。整体而言，这是一个侧重于提高环境配置下限、拓展工程化集成上限的成熟更替。 ...

🔧 Codex 更新 rust-v0.115.0 发布日期: 2026-03-19 📋 版本维护 New Features Supported models can now request full-resolution image inspection through both view_image and codex.emitImage(..., detail: "original"), which helps with precision visual tasks. (#14175) js_repl now exposes codex.cwd and codex.homeDir, and saved codex.tool(...) / codex.emitImage(...) references keep working across cells. (#14385, #14503) Realtime websocket sessions gained a dedicated transcription mode, plus v2 handoff support through the codex tool, with a unified [realtime] session config. (#14554, #14556, #14606) The v2 app-server now exposes filesystem RPCs for file reads, writes, copies, directory operations, and path watching, and there is a new Python SDK for integrating with that API. (#14245, #14435) Smart Approvals can now route review requests through a guardian subagent in core, app-server, and TUI, reducing repeated setup work on follow-up approvals. (#13860, #14668) App integrations now use the Responses API tool-search flow, can suggest missing tools, and fall back cleanly when the active model does not support search-based lookup. (#14274, #14287, #14732) Bug Fixes Spawned subagents now inherit sandbox and network rules more reliably, including project-profile layering, persisted host approvals, and symlinked writable roots. (#14619, #14650, #14674, #14807) js_repl no longer hangs when dynamic tool responses contain literal U+2028 or U+2029 characters. (#14421) The TUI no longer stalls on exit after creating subagents, and interrupting a turn no longer tears down background terminals by default. (#14816, #14602) codex exec --profile once again preserves profile-scoped settings when starting or resuming a thread. (#14524) MCP and elicitation flows are more robust, with safer tool-name normalization and preserved tool_params in approval prompts. (#14491, #14605, #14769) The local network proxy now serves CONNECT traffic as explicit HTTP/1, improving compatibility with HTTP proxy clients. (#14395) Chores The subagent wait tool is now consistently named wait_agent, aligning it with spawn_agent and send_input. (#14631) Changelog #14395 fix(network-proxy): serve HTTP proxy listener as HTTP/1 @viyatb-oai #14385 Add js_repl cwd and homeDir helpers @fjord-oai #14376 Keep agent-switch word-motion keys out of draft editing @joshka-oai #14175 Let models opt into original image detail @fjord-oai #14382 check for large binaries in CI @owenlin0 #14392 chore(app-server): stop emitting codex/event/ notifications @owenlin0 #14274 feat: search_tool migrate to bring you own tool of Responses API @apanasenko-oai #14174 refactor: centralize filesystem permissions precedence @viyatb-oai #14394 chore(app-server): delete unused rpc methods from v1.rs @owenlin0 #14171 fix: align core approvals with split sandbox policies @viyatb-oai #14410 Make collab model metadata accurate on completion @aibrahim-oai #14387 feat(app-server): propagate traces across tasks and core ops @owenlin0 💡 深度点评 以下是针对 codex rust-v0.115.0 更新内容的深度点评： ...

🔧 Codex 更新 rust-v0.115.0 发布日期: 2026-03-18 📋 版本维护 New Features Supported models can now request full-resolution image inspection through both view_image and codex.emitImage(..., detail: "original"), which helps with precision visual tasks. (#14175) js_repl now exposes codex.cwd and codex.homeDir, and saved codex.tool(...) / codex.emitImage(...) references keep working across cells. (#14385, #14503) Realtime websocket sessions gained a dedicated transcription mode, plus v2 handoff support through the codex tool, with a unified [realtime] session config. (#14554, #14556, #14606) The v2 app-server now exposes filesystem RPCs for file reads, writes, copies, directory operations, and path watching, and there is a new Python SDK for integrating with that API. (#14245, #14435) Smart Approvals can now route review requests through a guardian subagent in core, app-server, and TUI, reducing repeated setup work on follow-up approvals. (#13860, #14668) App integrations now use the Responses API tool-search flow, can suggest missing tools, and fall back cleanly when the active model does not support search-based lookup. (#14274, #14287, #14732) Bug Fixes Spawned subagents now inherit sandbox and network rules more reliably, including project-profile layering, persisted host approvals, and symlinked writable roots. (#14619, #14650, #14674, #14807) js_repl no longer hangs when dynamic tool responses contain literal U+2028 or U+2029 characters. (#14421) The TUI no longer stalls on exit after creating subagents, and interrupting a turn no longer tears down background terminals by default. (#14816, #14602) codex exec --profile once again preserves profile-scoped settings when starting or resuming a thread. (#14524) MCP and elicitation flows are more robust, with safer tool-name normalization and preserved tool_params in approval prompts. (#14491, #14605, #14769) The local network proxy now serves CONNECT traffic as explicit HTTP/1, improving compatibility with HTTP proxy clients. (#14395) Chores The subagent wait tool is now consistently named wait_agent, aligning it with spawn_agent and send_input. (#14631) Changelog #14395 fix(network-proxy): serve HTTP proxy listener as HTTP/1 @viyatb-oai #14385 Add js_repl cwd and homeDir helpers @fjord-oai #14376 Keep agent-switch word-motion keys out of draft editing @joshka-oai #14175 Let models opt into original image detail @fjord-oai #14382 check for large binaries in CI @owenlin0 #14392 chore(app-server): stop emitting codex/event/ notifications @owenlin0 #14274 feat: search_tool migrate to bring you own tool of Responses API @apanasenko-oai #14174 refactor: centralize filesystem permissions precedence @viyatb-oai #14394 chore(app-server): delete unused rpc methods from v1.rs @owenlin0 #14171 fix: align core approvals with split sandbox policies @viyatb-oai #14410 Make collab model metadata accurate on completion @aibrahim-oai #14387 feat(app-server): propagate traces across tasks and core ops @owenlin0 💡 深度点评 以下是对 Codex Rust-v0.115.0 更新内容的深度点评： ...

🔧 Codex 更新 rust-v0.115.0 发布日期: 2026-03-17 ⚠️ 新版本发布 New Features Supported models can now request full-resolution image inspection through both view_image and codex.emitImage(..., detail: "original"), which helps with precision visual tasks. (#14175) js_repl now exposes codex.cwd and codex.homeDir, and saved codex.tool(...) / codex.emitImage(...) references keep working across cells. (#14385, #14503) Realtime websocket sessions gained a dedicated transcription mode, plus v2 handoff support through the codex tool, with a unified [realtime] session config. (#14554, #14556, #14606) The v2 app-server now exposes filesystem RPCs for file reads, writes, copies, directory operations, and path watching, and there is a new Python SDK for integrating with that API. (#14245, #14435) Smart Approvals can now route review requests through a guardian subagent in core, app-server, and TUI, reducing repeated setup work on follow-up approvals. (#13860, #14668) App integrations now use the Responses API tool-search flow, can suggest missing tools, and fall back cleanly when the active model does not support search-based lookup. (#14274, #14287, #14732) Bug Fixes Spawned subagents now inherit sandbox and network rules more reliably, including project-profile layering, persisted host approvals, and symlinked writable roots. (#14619, #14650, #14674, #14807) js_repl no longer hangs when dynamic tool responses contain literal U+2028 or U+2029 characters. (#14421) The TUI no longer stalls on exit after creating subagents, and interrupting a turn no longer tears down background terminals by default. (#14816, #14602) codex exec --profile once again preserves profile-scoped settings when starting or resuming a thread. (#14524) MCP and elicitation flows are more robust, with safer tool-name normalization and preserved tool_params in approval prompts. (#14491, #14605, #14769) The local network proxy now serves CONNECT traffic as explicit HTTP/1, improving compatibility with HTTP proxy clients. (#14395) Chores The subagent wait tool is now consistently named wait_agent, aligning it with spawn_agent and send_input. (#14631) Changelog #14395 fix(network-proxy): serve HTTP proxy listener as HTTP/1 @viyatb-oai #14385 Add js_repl cwd and homeDir helpers @fjord-oai #14376 Keep agent-switch word-motion keys out of draft editing @joshka-oai #14175 Let models opt into original image detail @fjord-oai #14382 check for large binaries in CI @owenlin0 #14392 chore(app-server): stop emitting codex/event/ notifications @owenlin0 #14274 feat: search_tool migrate to bring you own tool of Responses API @apanasenko-oai #14174 refactor: centralize filesystem permissions precedence @viyatb-oai #14394 chore(app-server): delete unused rpc methods from v1.rs @owenlin0 #14171 fix: align core approvals with split sandbox policies @viyatb-oai #14410 Make collab model metadata accurate on completion @aibrahim-oai #14387 feat(app-server): propagate traces across tasks and core ops @owenlin0 💡 深度点评 核心亮点 v2 App-server 能力边界扩张与 Python SDK 发布 v2 版本的应用服务器现在正式开放了文件系统的 RPC 接口，涵盖读写、复制、目录操作及路径监听（Path Watching）。配套推出的 Python SDK 标志着 Codex 正在从单一的任务执行工具向可集成的后端服务演进，开发者可以更方便地将 Codex 的能力嵌入到自定义的自动化工作流中。 Smart Approvals 引入 Guardian 守护代理 针对多代理（Multi-agent）协作场景，Smart Approvals 现在支持通过核心层、应用服务器及 TUI 中的 Guardian 子代理进行请求路由。这一改进显著减少了在处理连续审批时的重复设置工作，提升了复杂决策链路下的交互效率。 高精度视觉任务支持 新版本允许模型通过 view_image 或 codex.emitImage(..., detail: "original") 显式请求全分辨率图像检查。这对于需要处理代码截图、UI 设计稿比对等高精度视觉识别任务的开发者来说，解决了以往缩略图细节丢失的痛点。 值得注意的修复 子代理沙箱与网络规则继承优化：修复了子代理在继承沙箱规则、项目配置层（Project-profile layering）以及符号链接根目录权限时的一致性问题，确保了多代理环境下的安全隔离与权限对齐。 TUI 交互稳定性提升：解决了在创建子代理后 TUI 退出时可能出现的卡死问题；同时，现在中断（Interrupt）操作默认不再强制关闭后台终端，保护了运行中的长时任务状态。 MCP 与 Elicitation 流程加固：对 MCP 工具名称进行了更严格的标准化处理，并确保在审批提示中完整保留 tool_params，提升了与外部协议交互时的鲁棒性。 个人评价 rust-v0.115.0 是一个侧重于「工程化落地」的迭代版本。通过发布 Python SDK 和开放文件系统 RPC，Codex 展现了其作为底层 Agent 基础设施的潜力，而不仅仅是一个交互式终端。同时，Guardian 代理的加入和沙箱继承规则的完善，说明开发团队正在深耕复杂的多代理协作场景，致力于在效率与安全性之间寻求更好的平衡。整体来看，这个版本为构建更复杂的 Agentic Workflow 夯实了基础。 ...

🔧 Codex 更新 rust-v0.114.0 发布日期: 2026-03-16 📋 版本维护 New Features Added an experimental code mode for more isolated coding workflows. (#13418) Added an experimental hooks engine with SessionStart and Stop hook events. (#13276) WebSocket app-server deployments now expose GET /readyz and GET /healthz on the same listener for easier health checks. (#13782) Added a config switch to disable bundled system skills entirely. (#13792) Handoffs now carry realtime transcript context, which improves continuity when work is transferred between turns. (#14132) Improved the $ mention picker by clearly labeling Skills, Apps, and Plugins, and by surfacing plugins first. (#14147, #14163) Bug Fixes Fixed a Linux tmux crash caused by concurrent user-shell lookups. (#13900) Fixed apps being enabled in unsupported sessions by tightening the enablement check. (#14011) Fixed reopened threads getting stuck as in-progress after quitting mid-run and then resuming later. (#14125) Fixed permission handling so legacy workspace-write behavior is preserved and newer permission profiles degrade more safely on older builds. (#13957, #14107) Fixed approval flows so granted permissions persist across turns, work with reject-style configs, and are honored by apply_patch. (#14009, #14055, #14118, #14165) Chores Laid the groundwork for the Python SDK’s generated v2 schema types and pinned platform-specific runtime binaries. (#13953) Changelog #14009 feat(core) Persist request_permission data across turns @dylan-hurd-oai #14136 fix(core): use dedicated types for responsesapi web search tool config @owenlin0 #13782 codex-rs/app-server: add health endpoints for –listen websocket server @maxj-oai #14055 fix(core) RequestPermissions + ApplyPatch @dylan-hurd-oai #14118 feat(approvals) RejectConfig for request_permissions @dylan-hurd-oai #13957 fix(protocol): preserve legacy workspace-write semantics @viyatb-oai #14107 fix: keep permissions profiles forward compatible @viyatb-oai #14147 make dollar-mention always clarify item category (skill, app, plugin) @sayan-oai #14152 Refactor tool output into trait implementations @pakrym-oai #14163 sort plugins first in menu @sayan-oai #13418 Add code_mode experimental feature @pakrym-oai #13276 start of hooks engine @eternal-openai 💡 深度点评 作为 Codex Rust 版本的又一次快速迭代，v0.114.0 在工程化体验和底层架构上做了多项关键调整。以下是针对该版本的深度分析： ...

🔧 Codex 更新 rust-v0.114.0 发布日期: 2026-03-15 📋 版本维护 New Features Added an experimental code mode for more isolated coding workflows. (#13418) Added an experimental hooks engine with SessionStart and Stop hook events. (#13276) WebSocket app-server deployments now expose GET /readyz and GET /healthz on the same listener for easier health checks. (#13782) Added a config switch to disable bundled system skills entirely. (#13792) Handoffs now carry realtime transcript context, which improves continuity when work is transferred between turns. (#14132) Improved the $ mention picker by clearly labeling Skills, Apps, and Plugins, and by surfacing plugins first. (#14147, #14163) Bug Fixes Fixed a Linux tmux crash caused by concurrent user-shell lookups. (#13900) Fixed apps being enabled in unsupported sessions by tightening the enablement check. (#14011) Fixed reopened threads getting stuck as in-progress after quitting mid-run and then resuming later. (#14125) Fixed permission handling so legacy workspace-write behavior is preserved and newer permission profiles degrade more safely on older builds. (#13957, #14107) Fixed approval flows so granted permissions persist across turns, work with reject-style configs, and are honored by apply_patch. (#14009, #14055, #14118, #14165) Chores Laid the groundwork for the Python SDK’s generated v2 schema types and pinned platform-specific runtime binaries. (#13953) Changelog #14009 feat(core) Persist request_permission data across turns @dylan-hurd-oai #14136 fix(core): use dedicated types for responsesapi web search tool config @owenlin0 #13782 codex-rs/app-server: add health endpoints for –listen websocket server @maxj-oai #14055 fix(core) RequestPermissions + ApplyPatch @dylan-hurd-oai #14118 feat(approvals) RejectConfig for request_permissions @dylan-hurd-oai #13957 fix(protocol): preserve legacy workspace-write semantics @viyatb-oai #14107 fix: keep permissions profiles forward compatible @viyatb-oai #14147 make dollar-mention always clarify item category (skill, app, plugin) @sayan-oai #14152 Refactor tool output into trait implementations @pakrym-oai #14163 sort plugins first in menu @sayan-oai #13418 Add code_mode experimental feature @pakrym-oai #13276 start of hooks engine @eternal-openai 💡 深度点评 核心亮点 实验性 Hooks 引擎与 Code Mode 落地：版本引入了 SessionStart 和 Stop 钩子事件，允许开发者在会话生命周期内注入自定义逻辑。配合新增的实验性 Code Mode，Codex 正在尝试提供更纯净、隔离的编码专用工作流，这对于追求高确定性输出的任务至关重要。 会话移交（Handoff）上下文连贯性优化：现在的任务移交能够携带实时转录（Realtime Transcript）上下文。这一改进解决了多轮对话或复杂任务切换时的“断层”感，确保后继步骤能精准继承前序状态，减少了重复指令的输入。 工具发现机制与交互优化：$ 提及菜单（Mention Picker）进行了重构，通过明确标注 Skill、App 和 Plugin 分类，并优先置顶插件，显著提升了开发者在复杂环境下的工具调用效率。此外，允许完全禁用系统内置技能，为构建高度定制化的垂直领域 Agent 提供了可能。 值得注意的修复 权限持久化与审批流修复：修复了权限请求无法跨回合持久化的问题，并确保 apply_patch 等关键操作能正确遵循权限配置（如拒绝逻辑），解决了长会话中频繁授权的体验痛点。 会话恢复状态同步：解决了线程在中断并重新打开后可能卡死在“进行中”状态的 Bug，提升了在不稳定网络或手动中断场景下的任务恢复可靠性。 Linux 环境稳定性：修复了 Linux 下 tmux 因并发用户 Shell 查询导致的崩溃（Segfault），增强了该工具在重度终端用户环境中的健壮性。 个人评价 Codex Rust-v0.114.0 是一个更偏向“生产力基建”的迭代版本。Hooks 引擎的加入标志着它正从一个被动工具向可编程的任务引擎演进。重点优化权限处理和移交上下文，显示出开发团队正在深挖长任务、复杂流场景下的用户痛点。整体价值取向非常清晰：在保持交互灵活性的同时，通过底层重构提供更严谨的权限控制和更稳定的执行环境。 ...

最近看到一篇公众号文章在聊 OpenAI 刚开源的 Symphony。如果只看标题，很容易把它理解成“又一个 AI 编程神器”。但我把它的 GitHub 仓库、SPEC.md 和 Elixir 参考实现说明都过了一遍之后，感觉这项目真正值得看的地方，不是“AI 会不会写代码”，而是： OpenAI 正在尝试把 AI 编程从“对话式辅助”推进到“任务级执行”。 一句话总结： Symphony 不是 IDE 里的代码助手，而是一个围绕 issue、workspace、coding agent、PR、CI 和人工审批构建的任务编排器。 项目地址： GitHub：https://github.com/openai/symphony 先说结论：Symphony 解决的是“管理工作”，不是“补全代码” 今天大多数 AI 编程工具的典型使用方式还是这样： 你在 IDE 或终端里提问 AI 给你一段实现 你审查、纠偏、继续补上下文 AI 再继续写 这种模式当然有效，但本质上还是 人工实时驾驶。 你虽然在用 AI，但注意力并没有真正被解放。你只是把“自己敲代码”变成了“盯着 AI 敲代码”。 Symphony 想解决的正是这个问题。它的目标不是让 AI 把某个函数写得更快，而是把一项工程工作变成一个 可调度、可隔离、可观察、可审批 的自动化执行单元。 也就是说，工程师关注的对象从： “这几行代码怎么写” 转向： “这个任务有没有被正确完成” “交付结果是否可信” “现在是否应该批准合并” 这背后其实是一种非常明确的范式变化： 从管理代码生成过程，转向管理任务完成结果。 Symphony 是怎么工作的 根据 README.md、SPEC.md 和 elixir/README.md，Symphony 的大致工作流程是这样的： 持续轮询任务系统（当前规范版本主要是 Linear） 找出符合条件的 issue 为每个 issue 创建一个独立 workspace 在 workspace 里启动 coding agent 按仓库中的 WORKFLOW.md 指令推进实现 让 agent 生成 PR、CI 状态、review 反馈等结果 把任务交给人工审批或流转到下一状态 如果任务状态改变，比如变成： ...