Releases: Kenmege/codex-plugin-cc
Release list
v1.1.1
Codex Plugin CC v1.1.1
Provenance correction for the Codex-supervised Claude coding workspace
v1.1.1 republishes the v1.1 feature line through the tag-bound npm trusted
publishing workflow. The coding workspace, Codex orchestration, and isolated
review capabilities introduced in v1.1.0 are unchanged. The plugin
never launches a nested Codex process; GPT-side supervision remains with the
active Codex task and inherits its selected model.
What changed
- The release workflow accepts publication only when its GitHub workflow
identity was triggered from the exact release tag. - Release checkout remains bound to the triggering tag ref.
- Manual recovery must be dispatched from the release tag itself and is
rejected from the default branch. - The full repository and package verification suites run before publication.
Upgrade
npm install -g codex-plugin-cc@1.1.1Users of v1.1.0 should upgrade. That version will be deprecated after v1.1.1's
tag, package, provenance, and installation smoke tests are independently
verified.
v1.1.0
Codex Plugin CC v1.1.0
Codex-supervised Claude coding workspace
v1.1.0 adds a writable split-terminal workspace while preserving the plugin's
existing read-only review boundary.
Run:
codex-claude workspace --path . -- "implement the requested change and run tests"The current Codex task remains active as planner, orchestrator, verifier, and
reviewer. Claude Code receives the coding request as a native background
session, can edit files and run tools under its permission controls, and opens
its agents panel in a separate terminal. The plugin never launches a nested
Codex process and never hardcodes a GPT model; GPT-side supervision inherits
the active Codex task's selected model.
Claude defaults to the rolling opus selector and supports --model overrides.
Use --plan for analysis-only work, --no-panel for focused follow-ups, and
--panel-only to reopen the control panel without dispatching a worker.
Native supervision
The workspace command parses Claude Code's authoritative short session ID and
fails closed when the receipt is missing. A 30-second startup guard terminates
the dispatch process tree if Claude's native background handoff stalls. Codex
can supervise the native worker without blocking its own terminal:
codex-claude workspace-status --path . --all --json
codex-claude workspace-logs <session-id>
codex-claude workspace-stop <session-id>Lifecycle events are versioned, timestamped, and privacy-safe. They report
operational state without logging prompts or MCP configuration contents.
Release hardening
- Explicit
--separation keeps option-looking coding and review text as data. - MCP files are bounded, validated from their opened descriptor, and staged in
private exclusive files before Claude starts. - Terminal launchers use private one-shot directories and self-delete before
opening the panel. - Secret-path filtering is case-insensitive, Git paths are handled as
NUL-delimited data, and repository validation supports spaces and Unicode. - Snapshot creation fails closed if Git ignore discovery cannot complete.
- Safe reviews expose no Bash tool and load no persistent user/project/local
Claude settings, closing repository-controlled permission and hook paths. - Snapshot cleanup is limited to a private owned namespace and preserves
snapshots belonging to live worker processes. - Read-only Git calls reject external config, include, contents, exclude, and
pathspec-file inputs; job-state locks use immutable per-contender tickets and
safe abandoned-contender recovery under multi-process contention. - Release version updates use atomic fsynced replacements plus a durable crash
journal, so canonical manifests remain present and interrupted bumps recover
on the next invocation without overwriting concurrent edits. - Child output retention is bounded during termination, job identifiers are
path-safe, and--job-dirremains authoritative through foreground,
background, status, result, and cancel flows. - Packed-install tests verify both
codex-claudeand the supported
codex-claude-reviewcompatibility alias. - CI now exercises the minimum Node 18.18 runtime on Windows in addition to the
existing supported macOS/Linux development lanes.
Compatibility
All existing review commands remain available and read-only by default.
codex-claude-review remains a supported alias, so existing scripts do not need
to change immediately.
v1.0.13
codex-plugin-cc v1.0.13 - launch attribution cleanup
This release removes the final public-readiness drift found by the adversarial
X.com launch review.
Install
npm install -g codex-plugin-cc
codex-claude-review enable
codex-claude-review doctorChanges
- Corrected README upstream attribution to reference OpenAI's Apache-2.0 Codex
plugin reference preserved underplugins/codex/, instead of implying an
upstreamopenai/codex-plugin-ccrepository. - Replaced launch-adjacent fixed version placeholders with commands or generic
instructions so future releases do not carry stale example versions. - Added a release-docs regression check preventing the incorrect upstream repo
reference from returning.
Verification
npm run checknpm run pack:checknpm audit --audit-level=moderate
v1.0.11
codex-plugin-cc v1.0.11 - launch-gate hardening
This release tightens the public security posture before the X.com launch
announcement.
Install
npm install -g codex-plugin-cc
codex-claude-review enable
codex-claude-review doctorChanges
- Reduced the release workflow's default token permissions to read-only and
grants write/provenance permissions only to the release job. - Focused CodeQL on the shipped npm package and GitHub Actions trust boundary,
excluding upstream reference code and test fixtures from public alerts. - Removed CodeQL file-race findings in MCP config and review-file reads by
reading from the same opened file descriptor used for metadata checks. - Hardened child-process execution helpers by resolving simple executable names
from the current process path before spawning with caller-supplied env vars.
Verification
npm run checknpm run pack:checknpm audit --audit-level=moderate
v1.0.10
codex-plugin-cc v1.0.10 - final public-trust polish
This release resolves the final visible trust issues from the second
adversarial pre-announcement gate.
Install
npm install -g codex-plugin-cc
codex-claude-review enable
codex-claude-review doctorChanges
- Removed the OpenSSF Scorecard badge from the README until the public score
catches up with the repository's intended trust posture. - Updated the bug-report template to ask for
codex-plugin-cc/ helper
version evidence instead of the historical scoped package name.
Verification
npm run checknpm run pack:checknpm audit --audit-level=moderate- Public npm install smoke from a throwaway
/tmpworkspace
v1.0.9
codex-plugin-cc v1.0.9 - attribution and install safety
This release resolves the remaining launch-readiness issues found by the
Claude Opus 4.7 elite review.
Install
npm install -g codex-plugin-cc
codex-claude-review enable
codex-claude-review doctorChanges
- Top-level NOTICE now identifies Kennedy Umege as the current package
publisher while preserving OpenAI attribution for upstream-derived portions. - The upstream Claude Code marketplace manifest no longer presents the Kenmege
repository as OpenAI-owned. - Public docs no longer make unverifiable unreleased-model-name claims.
- Reviewer-composition docs now distinguish shipped Claude automation from
external GitHub Apps/settings for Copilot, Codex, and Devin. - SECURITY.md now points researchers to GitHub Security Advisories.
codex-claude-review enablenow uses a same-directory temp file, atomic
rename, and a timestamped backup before changing an existing Codex config.
Verification
npm run checknpm run pack:checknpm audit --audit-level=moderate- Public npm install smoke from a throwaway
/tmpworkspace
v1.0.8
codex-plugin-cc v1.0.8 - launch trust-boundary polish
This release resolves the final public-readiness issues found in an
adversarial launch review.
Install
npm install -g codex-plugin-cc
codex-claude-review enable
codex-claude-review doctorChanges
- Removed the public plugin manifest
Writecapability so metadata matches
the documented read-only reviewer boundary. - Aligned platform support claims: v1 is supported/tested on macOS and Linux;
Windows is not claimed until process-tree and shell semantics are verified.
Verification
npm run checknpm run pack:checknpm audit --audit-level=moderate- Public npm install smoke from a throwaway
/tmpworkspace
v1.0.7
codex-plugin-cc v1.0.7 - install-friction polish
This release tightens the public npm install docs after the package went live.
Install
npm install -g codex-plugin-cc
codex-claude-review enable
codex-claude-review doctorChanges
- Removed remaining pre-publish wording from the README install section.
- Added an explicit migration command for early users who installed the
historical scoped package or source checkout and see anEEXISTglobal
binary collision.
Verification
npm run checknpm run pack:checknpm audit --audit-level=moderate- Public npm install smoke from a throwaway
/tmpworkspace
v1.0.6
codex-plugin-cc v1.0.6 - public npm page polish
This release removes stale pre-publish wording from the README rendered on
npmjs after the package went live.
Install
npm install -g codex-plugin-cc
codex-claude-review enable
codex-claude-review doctorChanges
- Public npm is now presented as the canonical install lane.
- Source install is documented as the local plugin development path.
- Version metadata is aligned across
package.json,package-lock.json, and
.codex-plugin/plugin.json.
Verification
npm run checknpm run pack:check- Public npm install smoke from a throwaway
/tmpworkspace
v1.0.5
codex-plugin-cc v1.0.5 — frictionless npmjs launch
This release makes the public install path straightforward:
npm install -g codex-plugin-cc
codex-claude-review enable
codex-claude-review doctorHighlights
- Publishes under the public npmjs package name
codex-plugin-cc. - Adds
codex-claude-review doctoras the first-run diagnostic for Node, Git,
Claude Code CLI, Claude auth, Codex registration, writable job storage,
non-Git folder support, and optional live runtime validation with
--probe-runtime. - Adds
--preset quick|ship|security|research|deepso developers and
researchers can choose workflows without memorizing every lane. - Adds npmjs publishing documentation, a two-minute terminal demo script, and an
X.com announcement draft while keeping external posting behind human approval. - Keeps the historical GitHub Packages path documented as an advanced lane, not
the main public install path.
Verification
npm run checkpassed with 190 tests.npm run pack:checkpassed forcodex-plugin-cc@1.0.5.- Throwaway tarball install smoke verified
--version,--help, and
doctor --json. codex-claude-review doctor --probe-runtimeverified live Claude
non-interactive runtime access locally.npm audit --audit-level=moderatereported 0 vulnerabilities.
Notes
- Claude Code must be installed and authenticated locally for live review runs.
- Review lanes remain read-only by default.
--unrestrictedis still an
explicit trust-boundary escape hatch. - If
npm install -g codex-plugin-ccreturns404, the npmjs publish has not
completed yet.