Episodes
-
This episode breaks down the default-on remote plugin behavior in Codex CLI 0.143.0, the supply chain risks it introduces, and the available safeguards like --safe-mode and .codex/config.toml policy settings.
It also covers new enterprise-friendly updates, including native proxy support for PAC/WPAD, Bedrock reasoning controls, a Windows ConPTY fix, and the new remote-control pairing command. -
We dig into a frustrating MCP validation failure tied to sandboxCwd formatting and CODEX_CLI_PATH conflicts, plus the quickest workaround to get Codex Desktop back on its bundled binaries. Then we cover a Bedrock adapter bug that can explode token usage by duplicating stream snapshots, and a TUI /feedback routing issue that sends bug reports to the model instead of diagnostics.
-
Missing episodes?
-
This episode covers a critical Warp terminal hang caused by the new unified mentions menu, plus the immediate workaround and the reworked rendering approach now rolling out in alpha. It also breaks down a Windows desktop app crash and a strange Plus quota drain bug, along with a macOS workaround using CodexBar to detect and stop silent usage drift.
-
This episode covers how Codex CLI moved bundled binary path setup into Rust so standalone installs can find tools like ripgrep, while still avoiding path pollution for remote execution. It also breaks down a GitHub API optimization for enterprise installs, plus new streamed buffering feedback and schema cleanup in the terminal UI.
-
We break down a nasty remote SSH regression in 0.142.5 where symlinked project paths get canonicalized, causing threads to disappear from the sidebar until you add the resolved path as a second workspace. The episode also covers an Intel Mac SIGTRAP crash workaround in the 0.143.0 alpha and a prompt-caching bug that can burn through quotas faster than expected.
-
We break down the rollout tracing system in the Codex CLI alpha, including the trace-reduce crash caused by unstable metadata like turn_id and the fix that strips transient fields before hashing.
Also covered: how to enable tracing with CODEX_ROLLOUT_TRACE_ROOT, why trace logs can leak secrets if ignored, and a quirky TUI bug where /feedback can get misrouted into chat. -
We break down the 0.142.5 regressions hitting Windows sandbox launches, ReFS Dev Drive cleanup failures, and macOS hook discovery going silent. Plus, there’s a look ahead at the 0.143.0 fix to stop TRACE logs from hammering SSDs with runaway database writes.
-
We break down a serious Codex CLI security issue that wrote raw WebSocket payloads, prompts, code, paths, and environment variables to local trace logs—and explain how 0.142.5 redacts them, where to find old logs, and how to remove them safely.
The episode also covers a custom model bug that ignored model_reasoning_effort for namespaced slugs, plus the model_catalog_json workaround for restoring reasoning support. -
This episode breaks down Browser Use’s new direct Chrome DevTools Protocol access, unlocking deeper debugging with console logs, network traffic, runtime state, and performance data inside the agent loop. It also covers the security controls around full CDP access, plus quality-of-life updates like the App Composer /init command and rate-limit quota banking.
-
Learn how the new DigitalOcean plugin provisions persistent remote sandboxes for long-running agent loops, plus how to reconnect from mobile with QR handoff. The episode also covers macOS Record & Replay, lifecycle and billing considerations for cloud droplets, and the Codex CLI 0.143.0-alpha fix for a strict parser crash.
-
We break down a validation failure that blocked old Claude Code plugin imports in Codex CLI 0.142.x, plus the 0.143.0-alpha parser fix and a quick cache-file workaround for affected users.
Then we cover MCP tool search defaults, the new respect_system_proxy setting for macOS enterprise networks, and a Bedrock streaming bug that bloats .jsonl session logs while skewing token counts. -
We unpack how Codex split its Zsh helper into a standalone package and now uses Meta’s DotSlash manifests to fetch the right native binary with built-in SHA-256 verification on macOS and Linux. The episode also covers quieter formatter runs, security updates to OpenSSL and esbuild, and a new warning that helps avoid wasting API credits on unsupported Code Mode models.
-
We break down Codex Remote’s general availability, including how the secure relay keeps local files and credentials on your machine while letting you trigger commands from the ChatGPT mobile app. Plus: real-world uses for long-running tasks, the operational limits around sleep and Windows, and the latest CLI 0.142.2 quality-of-life updates.
-
This episode breaks down Codex 0.142.2’s new parser-level safeguards, including PowerShell AST inspection, manual approval for unverifiable blocks, and blocking remote image ingress to reduce SSRF risk.
It also covers smarter MCP tool discovery, native enterprise proxy support, and quieter formatter output for a cleaner developer workflow. -
The hosts dig into how Codex’s nonstop TRACE logging is hammering NVMe drives with hundreds of gigabytes of writes a day, and why a debug feature accidentally made it into production. They also walk through practical workarounds, including a SQLite trigger that blocks log writes and a RAM disk setup for keeping storage wear under control.
-
We break down Codex 0.142.0’s new delegation modes, including disabled, explicit-request-only, and proactive, plus the rollout token budget system that tracks spend across entire agent threads. The episode also covers Linux TUI redraw fixes, resilient stdio sessions, and the upgraded /usage command with in-terminal credit redemption.
-
We dig into a severe 0.142.0-alpha.1 regression that wipes out local thread-management tools, breaking multi-agent handoffs and leaving sessions with zero dynamic tools. The episode also covers Windows Remote SSH sandbox timeouts in 0.142.0-alpha.6, current downgrade workarounds, and a proposed codex doctor check for durable capability receipts.
-
We break down the latest codex exec security hardening, including persistent hook trust across thread yields, strict PostToolUse rejection blocks, and configuration tips for local .codex setups.
We also cover enterprise-ready TLS support for P-521 proxies, smarter TUI auto-resolve behavior for unattended runs, and a new cap on prompt-image caching to keep long sessions stable. -
This episode breaks down a silent Codex CLI hang on Windows caused by malformed local JSONL session logs, often triggered by PowerShell encoding issues and unescaped tool output. It also covers how to diagnose corrupted transcripts, recover a stuck session, and prevent the bug with UTF-8 PowerShell settings and the latest alpha release.
-
This episode breaks down the major reliability and workflow upgrades in Codex 0.141.0, including end-to-end encrypted Noise relay transport, structured remote path handling, and native shell detection on remote hosts.
It also covers SQLite WAL corruption fixes, a smarter TUI prompt countdown that pauses on input, and always-on terminal reflow for a cleaner CLI experience. - Show more