mirror of
https://github.com/pchuan98/codex.git
synced 2026-07-01 00:31:56 +08:00
4dffa496ac2c742e77227deed8a254c4e66d0693
103 Commits
-
pakrym-oai ·
2025-09-14 18:00:23 -07:00 -
fix: use -F instead of -f for force=true in gh call (#3486)
Apparently `-F` is the correct thing to use. From the code sample on https://docs.github.com/en/rest/git/refs?apiVersion=2022-11-28#update-a-reference ```shell gh api \ --method PATCH \ -H "Accept: application/vnd.github+json" \ -H "X-GitHub-Api-Version: 2022-11-28" \ /repos/OWNER/REPO/git/refs/REF \ -f 'sha=aa218f56b14c9653891f9e74264a383fa43fefbd' -F "force=true" ``` Also, I ran the following locally and verified it worked: ```shell export GITHUB_REPOSITORY=openai/codex export GITHUB_SHA=305252b2fb2d57bb40a9e4bad269db9a761f7099 gh api \ repos/${GITHUB_REPOSITORY}/git/refs/heads/latest-alpha-cli \ -X PATCH \ -f sha="${GITHUB_SHA}" \ -F force=true ``` `$GITHUB_REPOSITORY` and `$GITHUB_SHA` should already be available as environment variables for the `run` step without having to be redeclared in the `env` section.
Michael Bolin ·
2025-09-11 11:32:47 -07:00 -
chore: rust-release.yml should update the latest-alpha-cli branch (#3458)
This updates `rust-release.yml` so that the last step of creating a release entails updating the `latest-alpha-cli` branch to point to the tag used to create the latest release. This will facilitate building automation to identify the most recent alpha release of Codex CLI (though note this branch could also point to an official release, as it is implemented today). This introduces a new job, `update-branch`, which depends on the `release` job. I made it separate from the `release` job because `update-branch` needs the `contents: write` permission, so this limits the amount of work we do with that permission. Note I also created a branch protection rule for `latest-alpha-cli` that: - specifies repository admins as the only members of the bypass list - only those with bypass permissions can create, update, or delete this branch - this branch requires a linear history - note that force pushes _are_ allowed This is the first step in fixing https://github.com/openai/codex/issues/3098.
Michael Bolin ·
2025-09-11 08:06:28 -07:00 -
fix: add check to ensure output of generate_mcp_types.py matches codex-rs/mcp-types/src/lib.rs (#3450)
As a follow-up to https://github.com/openai/codex/pull/3439, this adds a CI job to ensure the codegen script has to be updated in order to change `codex-rs/mcp-types/src/lib.rs`.
Michael Bolin ·
2025-09-10 23:31:28 -07:00 -
No fail fast (#3387)
Add --no-fail-fast to the new `nextest`
jif-oai ·
2025-09-09 13:17:14 -07:00 -
chore: try switching to
cargo nextestto speed up CI builds (#3323)I started looking at https://nexte.st/ because I was interested in a test harness that lets a test dynamically declare itself "skipped," which would be a nice alternative to this pattern: https://github.com/openai/codex/blob/4c46490e53076e807fd2068aa68c5a0e636d8b5f/codex-rs/core/tests/suite/cli_stream.rs#L22-L27 ChatGPT pointed me at https://nexte.st/, which also claims to be "up to 3x as fast as cargo test." Locally, in `codex-rs`, I see - `cargo nextest run` finishes in 19s - `cargo test` finishes in 37s Though looking at CI, the wins are quite as big, presumably because my laptop has more cores than our GitHub runners (which is a separate issue...). Comparing the [CI jobs from this PR](https://github.com/openai/codex/actions/runs/17561325162/job/49878216246?pr=3323) with that of a [recent open PR](https://github.com/openai/codex/actions/runs/17561066581/job/49877342753?pr=3321): | | `cargo test` | `cargo nextest` | | ----------------------------------------------- | ------------ | --------------- | | `macos-14 - aarch64-apple-darwin` | 2m16s | 1m51s | | `macos-14 - aarch64-apple-darwin` | 5m04s | 3m44s | | `ubuntu-24.04 - x86_64-unknown-linux-musl` | 2m02s | 1m56s | | `ubuntu-24.04-arm - aarch64-unknown-linux-musl` | 2m01s | 1m35s | | `windows-latest - x86_64-pc-windows-msvc` | 3m07s | 2m53s | | `windows-11-arm - aarch64-pc-windows-msvc` | 3m10s | 2m45s | I thought that, to start, we would only make this change in CI before declaring it the "official" way for the team to run the test suite. Though unfortunately, I do not believe that `cargo nextest` _actually_ supports a dynamic skip feature, so I guess I'll have to keep looking? Some related discussions: - https://internals.rust-lang.org/t/pre-rfc-skippable-tests/14611 - https://internals.rust-lang.org/t/skippable-tests/21260
Michael Bolin ·
2025-09-08 21:39:18 -07:00 -
feat: Run cargo shear during CI (#3338)
Run cargo shear as part of the CI to ensure no unused dependencies
jif-oai ·
2025-09-09 01:05:08 +00:00 -
chore: upgrade to actions/setup-node@v5 (#3316)
Dependabot tried to automatically upgrade us to `actions/setup-node@v5` in https://github.com/openai/codex/pull/3293, but it broke our CI. Note this upgrade has breaking changes: https://github.com/actions/setup-node/releases/tag/v5.0.0 I think the problem was that `v5` was correctly reading our `packageManager` line here: https://github.com/openai/codex/blob/e2b3053b2b9c39fd9a83ec3172318db64d31dc56/package.json#L24 and then tried to run `pnpm`, but couldn't because it wasn't available yet. This PR: - moves `pnpm/action-setup` before `actions/setup-node` - drops `version` from our `pnpm/action-setup` step because it is not necessary when it is specified in `package.json` (which it is in our case), so leaving it here ran the risk of the two getting out of sync - upgrades `actions/setup-node` from `v4` to `v5` - deletes the two custom steps we had to enable Node.js caching since `v5` claims to do this for us now - adds `--frozen-lockfile` to our `pnpm install` invocation, which seemed like something we should have always had there
Michael Bolin ·
2025-09-08 09:34:59 -07:00 -
fix: install zstd on the windows-11-arm image used to cut a release (#3066)
https://github.com/openai/codex/pull/3062 added `windows-11-arm` to the list of images used for building, but the job to build an alpha just failed: https://github.com/openai/codex/actions/runs/17415565601 with this error: ``` Creating archive: codex-aarch64-pc-windows-msvc.exe.zip Add new data to archive: 1 file, 20484096 bytes (20 MiB) Files read from disk: 1 Archive size: 7869619 bytes (7686 KiB) Everything is Ok C:\a\_temp\0e71926f-4d8a-42ae-a337-a9627acc9c57.sh: line 34: zstd: command not found ``` so allegedly this should fix it? I'm surprised this was not necessary for the `windows-latest` image, though.
Michael Bolin ·
2025-09-02 14:23:51 -07:00 -
fix: leverage windows-11-arm for Windows ARM builds (#3062)
This is in support of https://github.com/openai/codex/issues/2979. Once we have a release out, we can update the npm module and the VS Code extension to take advantage of this.
Michael Bolin ·
2025-09-02 12:56:09 -07:00 -
Fix: Adapt pr template with correct link following doc refacto (#2982)
This PR fixes the link of contributing page in Pull Request template to the right one following the migration of the section to a dedicated file. Signed-off-by: lionelchg <lionel.cheng@hotmail.fr>
Lionel Cheng ·
2025-09-02 13:05:52 -04:00 -
fix: try to populate the Windows cache for release builds when PRs are put up for review (#2884)
Windows release builds take close to 12 minutes whereas Mac/Linux are closer to 5. Let's see if this speeds things up?
Michael Bolin ·
2025-08-28 23:48:29 -07:00 -
fix: specify --profile to
cargo clippyin CI (#2871)Today we had a breakage in the release build that went unnoticed by CI. Here is what happened: - https://github.com/openai/codex/pull/2242 originally added some logic to do release builds to prevent this from happening - https://github.com/openai/codex/pull/2276 undid that change to try to speed things up by removing the step to build all the individual crates in release mode, assuming the `cargo check` call was sufficient coverage, which it would have been, had it specified `--profile` This PR adds `--profile` to the `cargo check` step so we should get the desired coverage from our build matrix. Indeed, enabling this in our CI uncovered a warning that is only present in release mode that was going unnoticed.
Michael Bolin ·
2025-08-28 21:43:40 -07:00 -
Add a VS Code Extension issue template (#2853)
Template mostly copied from the bug template
Gabriel Peal ·
2025-08-28 16:56:52 -04:00 -
README / docs refactor (#2724)
This PR cleans up the monolithic README by breaking it into a set navigable pages under docs/ (install, getting started, configuration, authentication, sandboxing and approvals, platform details, FAQ, ZDR, contributing, license). The top‑level README is now more concise and intuitive, (with corrected screenshots). It also consolidates overlapping content from codex-rs/README.md into the top‑level docs and updates links accordingly. The codex-rs README remains in place for now as a pointer and for continuity. Finally, added an extensive config reference table at the bottom of docs/config.md. --------- Co-authored-by: easong-openai <easong@openai.com>
Reuben Narad ·
2025-08-27 10:30:39 -07:00 -
feat: remove the GitHub action that runs Codex for now (#2729)
There are some design issues with this action, so until we work them out, we'll remove this code from the repository to avoid folks from taking a dependency on it.
Michael Bolin ·
2025-08-26 13:44:23 -07:00 -
fix: update build cache key in .github/workflows/codex.yml (#2534)
Change to match `.github/workflows/rust-ci.yml`, which was updated in https://github.com/openai/codex/pull/2242: https://github.com/openai/codex/blob/250ae37c8492f475b5f2af3f7a9f3e96973b2657/.github/workflows/rust-ci.yml#L120-L128
Michael Bolin ·
2025-08-20 15:57:33 -07:00 -
Enable Dependabot updates for Rust toolchain (#2460)
This change allows Dependabot to update the Rust toolchain version defined in `rust-toolchain.toml`. See [Dependabot now supports Rust toolchain updates - GitHub Changelog](https://github.blog/changelog/2025-08-19-dependabot-now-supports-rust-toolchain-updates/) for more details.
Jamie Magee ·
2025-08-19 18:07:21 -07:00 -
chore: upgrade to Rust 1.89 (#2465)
Codex created this PR from the following prompt: > upgrade this entire repo to Rust 1.89. Note that this requires updating codex-rs/rust-toolchain.toml as well as the workflows in .github/. Make sure that things are "clippy clean" as this change will likely uncover new Clippy errors. `just fmt` and `cargo clippy --tests` are sufficient to check for correctness Note this modifies a lot of lines because it folds nested `if` statements using `&&`. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2465). * #2467 * __->__ #2465
Michael Bolin ·
2025-08-19 13:22:02 -07:00 -
fix: prefer
cargo checktocargo buildto save time and space (#2466)The `ubuntu-24.04 - x86_64-unknown-linux-gnu` build is failing with `No space left on device` on #2465, so let's get this in first, which should help. Note that `cargo check` should be faster and use less disk than `cargo build` because it does not write out the object files.
Michael Bolin ·
2025-08-19 12:57:31 -07:00 -
chore(deps): bump actions/checkout from 4 to 5 (#2407)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> <li>Prepare release v4.3.0 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/motss"><code>@motss</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li><a href="https://github.com/mouismail"><code>@mouismail</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p> <h2>v4.2.2</h2> <h2>What's Changed</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.1...v4.2.2">https://github.com/actions/checkout/compare/v4.2.1...v4.2.2</a></p> <h2>v4.2.1</h2> <h2>What's Changed</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1919">actions/checkout#1919</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.0...v4.2.1">https://github.com/actions/checkout/compare/v4.2.0...v4.2.1</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8"><code>08c6903</code></a> Prepare v5.0.0 release (<a href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li> <li><a href="https://github.com/actions/checkout/commit/9f265659d3bb64ab1440b03b12f4d47a24320917"><code>9f26565</code></a> Update actions checkout to use node 24 (<a href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/v4...v5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-08-19 10:28:52 -07:00 -
Release zip archived binaries (#2438)
Adds zip archives to release workflow to improve compatibility (mainly older versions Windows which don't support `tar.gz` or `.zst` out of the box). Test release: https://github.com/UnownPlain/codex/releases/tag/rust-v0.0.0 Test run: https://github.com/UnownPlain/codex/actions/runs/16981943609
UnownPlain ·
2025-08-18 17:43:19 -07:00 -
chore(deps-dev): bump @types/node from 24.2.1 to 24.3.0 in /.github/actions/codex (#2411)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 24.2.1 to 24.3.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-08-18 08:33:17 -07:00 -
fix: include an entry for windows-x86_64 in the generated DotSlash file (#2361)
Now that we are improving our Windows support, we should be including an entry for it in the DotSlash file. Though anyone using the DotSlash file with Windows should use the new Windows shim introduced in https://github.com/facebook/dotslash/pull/46. For more info, see https://dotslash-cli.com/docs/windows/.
Michael Bolin ·
2025-08-15 14:47:36 -07:00 -
fix: trying to simplify rust-ci.yml (#2327)
It turns out that https://github.com/openai/codex/pull/2324 did not quite work as intended. Chat's new idea is to have this catch-all "CI results" job and update our branch protection rules to require this instead.
Michael Bolin ·
2025-08-14 17:44:10 -07:00 -
fix: ensure rust-ci always "runs" when a PR is submitted (#2324)
Our existing path filters for `rust-ci.yml`: https://github.com/openai/codex/blob/235987843c3d6647c0819c1071f9b9f064673e9c/.github/workflows/rust-ci.yml#L1-L11 made it so that PRs that touch only `README.md` would not trigger those builds, which is a problem because our branch protection rules are set as follows: <img width="1569" height="1883" alt="Screenshot 2025-08-14 at 4 45 59 PM" src="https://github.com/user-attachments/assets/5a61f8cc-cdaf-4341-abda-7faa7b46dbd4" /> With the existing setup, a change to `README.md` would get stuck in limbo because not all the CI jobs required to merge would get run. It turns out that we need to "run" all the jobs, but make them no-ops when the `codex-rs` and `.github` folders are untouched to get the best of both worlds. I asked chat how to fix this, as we want CI to be fast for documentation-only changes. It had two suggestions: - Use https://github.com/dorny/paths-filter or some other third-party action. - Write an inline Bash script to avoid a third-party dependency. This PR takes the latter approach so that we are clear about what we're running in CI.
Michael Bolin ·
2025-08-14 17:00:19 -07:00 -
Kazuhiro Sera ·
2025-08-14 12:08:35 +09:00 -
Clarify PR/Contribution guidelines and issue templates (#2281)
Co-authored-by: Dylan <dylan.hurd@openai.com>
Gabriel Peal ·
2025-08-13 21:56:29 -04:00 -
fix: skip
cargo testfor release builds on ordinary CI because it is slow, particularly with --all-features set (#2276)I put this PR together because I noticed I have to wait quite a bit longer on my PRs since we added https://github.com/openai/codex/pull/2242 to catch more build issues. I think we should think about reigning in our use of create features, but this should be good enough to speed things up for now.
Michael Bolin ·
2025-08-13 16:27:20 -07:00 -
Fix build break and build release (#2242)
Build release profile for one configuration.
pakrym-oai ·
2025-08-12 15:56:45 -07:00 -
chore(deps-dev): bump @types/bun from 1.2.19 to 1.2.20 in /.github/actions/codex (#2163)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-08-11 21:54:30 -07:00 -
chore(deps-dev): bump @types/node from 24.1.0 to 24.2.1 in /.github/actions/codex (#2164)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-08-11 17:58:07 -07:00 -
fix: change the model used with the GitHub action from o3 to gpt-5 (#2198)
`gpt-5` has been a valid slug since https://github.com/openai/codex/pull/1942.
Michael Bolin ·
2025-08-11 15:08:58 -07:00 -
fix: improve npm release process (#2055)
This improves the release process by introducing `scripts/publish_to_npm.py` to automate publishing to npm (modulo the human 2fac step). As part of this, it updates `.github/workflows/rust-release.yml` to create the artifact for npm using `npm pack`. And finally, while it is long overdue, this memorializes the release process in `docs/release_management.md`.
Michael Bolin ·
2025-08-08 19:07:36 -07:00 -
chore: remove the TypeScript code from the repository (#2048)
This deletes the bulk of the `codex-cli` folder and eliminates the logic that builds the TypeScript code and bundles it into the release. Since this PR modifies `.github/workflows/rust-release.yml`, to test changes to the release process, I locally commented out all of the "is this commit on upstream `main`" checks in `scripts/create_github_release.sh` and ran: ``` ./codex-rs/scripts/create_github_release.sh 0.20.0-alpha.4 ``` Which kicked off: https://github.com/openai/codex/actions/runs/16842085113 And the release artifacts appear legit! https://github.com/openai/codex/releases/tag/rust-v0.20.0-alpha.4
Michael Bolin ·
2025-08-08 16:09:39 -07:00 -
fix: try building the npm package in CI (#2043)
Historically, the release process for the npm module has been: - I run `codex-rs/scripts/create_github_release.sh` to kick off a release for the native artifacts. - I wait until it is done. - I run `codex-cli/scripts/stage_rust_release.py` to build the npm release locally - I run `npm publish` from my laptop It has been a longstanding issue to move the npm build to CI. I may still have to do the `npm publish` manually because it requires 2fac with `npm`, though I assume we can work that out later. Note I asked Codex to make these updates, and while they look pretty good to me, I'm not 100% certain, but let's just merge this and I'll kick off another alpha build and we'll see what happens?
Michael Bolin ·
2025-08-08 15:17:54 -07:00 -
fix: stop building codex-exec and codex-linux-sandbox binaries (#2036)
Release builds are taking awhile and part of the reason that we are building binaries that we are not really using. Adding Windows binaries into releases (https://github.com/openai/codex/pull/2035) slows things down, so we need to get some time back. - `codex-exec` is basically a standalone `codex exec` that we were offering because it's a bit smaller as it does not include all the bits to power the TUI. We were using it in our experimental GitHub Action, so this PR updates the Action to use `codex exec` instead. - `codex-linux-sandbox` was a helper binary for the TypeScript version of the CLI, but I am about to axe that, so we don't need this either. If we decide to bring `codex-exec` back at some point, we should use a separate instances so we can build it in parallel with `codex`. (I think if we had beefier build machines, this wouldn't be so bad, but that's not the case with the default runners from GitHub.)
Michael Bolin ·
2025-08-08 13:42:33 -07:00 -
feat: include windows binaries in GitHub releases (#2035)
We should stop shipping the old TypeScript CLI to Windows users. I did some light testing of the Rust CLI on Windows in `cmd.exe` and it works better than I expected!
Michael Bolin ·
2025-08-08 13:03:11 -07:00 -
update readme (#1948)
Co-authored-by: Alexander Embiricos <ae@openai.com>
Ed Bayes ·
2025-08-07 11:20:53 -07:00 -
fix: add more instructions to ensure GitHub Action reviews only the necessary code (#1887)
Empirically, we have seen the GitHub Action comment on code outside of the PR, so try to provide additional instructions in the prompt to avoid this.
Michael Bolin ·
2025-08-06 10:39:58 -07:00 -
docs: add more detail to the codex-rust-review (#1875)
This PR attempts to break `codex-rust-review.md` into sections so that it is easier to consume. It also adds a healthy new section on "Assertions in Tests" that has been on my mind for awhile.
Michael Bolin ·
2025-08-06 06:36:10 +00:00 -
fix: only tag as prerelease when the version has an -alpha or -beta suffix (#1872)
Hardcoding to `prerelease: true` is a holdover from before we had migrated to the Rust CLI for releases and decided on how we were doing version numbers. To date, I have had to change the release status from "prerelease" to "actual release" manually through the GitHub Releases web page. This is a semi-serious problem because I've discovered that it messes up Homebrew's automation if the version number _looks_ like a real release but turns out to be a prerelease. The release potentially gets skipped from being published on Homebrew, so it's important to set the value correctly from the start. I verified that `steps.release_name.outputs.name` does not include the `rust-v` prefix from the tag name.
Michael Bolin ·
2025-08-05 23:11:29 -07:00 -
chore(deps-dev): bump typescript from 5.8.3 to 5.9.2 in /.github/actions/codex (#1814)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-08-04 14:25:00 -07:00 -
chore: add support for a new label, codex-rust-review (#1744)
The goal of this change is to try an experiment where we try to get AI to take on more of the code review load. The idea is that once you believe your PR is ready for review, please add the `codex-rust-review` label (as opposed to the `codex-review` label). Admittedly the corresponding prompt currently represents my personal biases in terms of code review, but we should massage it over time to represent the team's preferences.
Michael Bolin ·
2025-07-30 17:49:07 -07:00 -
chore(deps-dev): bump @types/node from 24.0.13 to 24.0.15 in /.github/actions/codex (#1636)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-07-23 15:32:31 -07:00 -
chore(deps-dev): bump @types/bun from 1.2.18 to 1.2.19 in /.github/actions/codex (#1635)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-07-23 15:20:47 -07:00 -
chore: for release build, build specific targets instead of --all-targets (#1656)
I noticed that releases have taken longer and longer to build. Originally, I think I did `--all-targets` to be confident that everything builds cleanly, but that's really the job of CI that runs on `main`, so we're spending a lot of time in `rust-release.yml` for not that much additional signal.
Michael Bolin ·
2025-07-22 14:35:50 -07:00 -
chore(deps-dev): bump @types/bun from 1.2.13 to 1.2.18 in /.github/actions/codex (#1509)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-07-12 10:29:37 -07:00 -
chore(deps-dev): bump @types/node from 22.15.21 to 24.0.12 in /.github/actions/codex (#1507)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-07-12 09:56:54 -07:00 -
chore(deps-dev): bump prettier from 3.5.3 to 3.6.2 in /.github/actions/codex (#1508)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] ·
2025-07-10 12:13:59 -07:00