Skip to content

release: rebuild open main PR wave with review fixes #387

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ndycode merged 42 commits into from
Apr 6, 2026
Merged

release: rebuild open main PR wave with review fixes #387

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
353de84
refactor: remove dead runtime metrics helper module
ndycode Apr 6, 2026
6e42f28
refactor: share forecast and report command helpers
ndycode Apr 6, 2026
a17a58c
refactor: remove unsafe overload casts in parallel probe
ndycode Apr 6, 2026
7a713ad
fix: make account clear reset atomic
ndycode Apr 6, 2026
2ab9dd9
fix: persist report refreshes before mutating state
ndycode Apr 6, 2026
89bafc4
fix: prevent stale prompt cache session overwrites
ndycode Apr 6, 2026
2a4324a
fix: serialize concurrent runtime cache writes
ndycode Apr 6, 2026
37d260b
fix: recreate live account sync on config changes
ndycode Apr 6, 2026
f71fd30
fix: check remapped errorResponse status for 404->429 usage_limit rot…
ndycode Apr 6, 2026
c1223f4
test: add 4 broader scenarios for 404->429 rotation path
ndycode Apr 6, 2026
7026dfe
fix: narrow 404 usage-limit remapping
ndycode Apr 6, 2026
dd05d20
fix: stop quota scheduler cooldown drift
ndycode Apr 6, 2026
ed433d1
fix: notify quota scheduler on 502/503/529 overload responses
ndycode Apr 6, 2026
db1a6da
fix: skip accounts with all workspaces disabled during rotation
ndycode Apr 6, 2026
58baa58
fix: disable default rate-limit replay
ndycode Apr 5, 2026
3c942a7
test: cover multi-account no-replay default
ndycode Apr 6, 2026
31d9706
fix: bound short-429 retry loop to MAX_SHORT_RETRY_ATTEMPTS
ndycode Apr 6, 2026
6070594
fix: add jitter to rate-limit backoff
ndycode Apr 6, 2026
9c19243
feat: make retry backoff constants configurable
ndycode Apr 6, 2026
7348396
fix: preserve server retry policy fidelity
ndycode Apr 6, 2026
206eba2
fix: cap request retries and stream failover
ndycode Apr 6, 2026
967cfe3
fix: tighten stream budget accounting
ndycode Apr 6, 2026
de034fd
docs: document request attempt budget helpers
ndycode Apr 6, 2026
3326204
fix: stop stream failover replay after output
ndycode Apr 6, 2026
8299f52
fix: flag malformed codex auth payloads in doctor
ndycode Apr 6, 2026
5ee72f3
feat: add live probe budgets and warnings
ndycode Apr 6, 2026
90f45ae
feat: expose account selection reasons
ndycode Apr 6, 2026
af3e487
feat: surface explicit storage health state
ndycode Apr 6, 2026
864fefb
fix: surface silent update-check parse failures
ndycode Apr 6, 2026
b6d0d96
fix: surface persisted rate limits in quota views
ndycode Apr 6, 2026
5cf1472
fix: fold review follow-ups into rebuilt main wave
ndycode Apr 6, 2026
a6e6784
feat: add request retry observability
ndycode Apr 6, 2026
654ca27
test: cover mixed retry failure chains
ndycode Apr 6, 2026
5d7f546
feat: harden request reliability and runtime telemetry
ndycode Apr 6, 2026
299fd05
feat: version runtime observability snapshots
ndycode Apr 6, 2026
372da70
test: align retry assertion with pool cooldown guard
ndycode Apr 6, 2026
9a3c5b2
fix: address remaining PR 387 bug findings
ndycode Apr 6, 2026
91d310f
fix: address remaining PR 387 runtime regressions
ndycode Apr 6, 2026
f035e7b
test: close remaining PR 387 review nits
ndycode Apr 6, 2026
a344bd1
fix: close remaining PR 387 follow-ups
ndycode Apr 6, 2026
571a24d
fix: address remaining PR 387 docs and cleanup comments
ndycode Apr 6, 2026
aaad109
test: normalize fetch helpers review nit
ndycode Apr 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ Codex CLI-first multi-account OAuth manager for the official `@openai/codex` CLI
- Interactive dashboard for account actions and settings
- Experimental settings tab for staged sync, backup, and refresh-guard controls
- Forecast, report, fix, and doctor commands for operational safety
- Runtime request budget, cooldown, and traffic observability in `codex auth status` / `codex auth report`
- Flagged account verification and restore flow
Comment thread
coderabbitai[bot] marked this conversation as resolved.
- Session affinity and live account sync controls
- Proactive refresh and preemptive quota deferral controls
Expand Down Expand Up @@ -156,6 +157,14 @@ If browser launch is blocked, use the alternate login paths in [docs/getting-sta
| `codex auth report --live --json` | How do I get the full machine-readable health report? |
| `codex auth fix --live --model gpt-5-codex` | How do I run live repair probes with a chosen model? |

### Reliability behavior

- whole-pool replay is disabled by default when every account is rate-limited
- active requests use a bounded outbound request budget so one prompt cannot walk the full pool indefinitely
- repeated cross-account 5xx bursts trigger a short cooldown instead of continuing aggressive rotation
- proactive refresh is staggered to reduce background refresh bursts
- `codex auth status` surfaces recent runtime request metrics in text output, and `codex auth report --json` exposes the machine-readable cooldown/runtime snapshot

Comment thread
coderabbitai[bot] marked this conversation as resolved.
---

## Dashboard Hotkeys
Expand Down Expand Up @@ -190,6 +199,7 @@ If browser launch is blocked, use the alternate login paths in [docs/getting-sta
| Accounts | `~/.codex/multi-auth/openai-codex-accounts.json` |
| Flagged accounts | `~/.codex/multi-auth/openai-codex-flagged-accounts.json` |
| Quota cache | `~/.codex/multi-auth/quota-cache.json` |
| Runtime observability | `~/.codex/multi-auth/runtime-observability.json` |
| Logs | `~/.codex/multi-auth/logs/codex-plugin/` |
| Per-project accounts | `~/.codex/multi-auth/projects/<project-key>/openai-codex-accounts.json` |

Expand Down Expand Up @@ -265,6 +275,9 @@ codex auth login

- `codex auth` unrecognized: run `where codex`, then follow `docs/troubleshooting.md` for routing fallback commands
- Switch succeeds but wrong account appears active: run `codex auth switch <index>`, then restart session
- Requests fail fast with a pool cooldown message: wait for the cooldown window or inspect `codex auth status`
- Requests fail fast after repeated upstream 5xx errors: inspect `codex auth report --json` for runtime traffic and cooldown details
Comment on lines +278 to +279
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# verify whether windows-specific EBUSY/EPERM handling and messaging exists in storage clear paths/docs.
# expected: code has explicit windows-safe retries/handling and docs mention user action.

rg -n -C3 --type=ts 'EBUSY|EPERM|rename|unlink|rm|account-clear|clearAccountStorageArtifacts'
rg -n -C3 --type=md 'EBUSY|EPERM|windows|storage clear|account clear|cleanup'

Repository: ndycode/codex-multi-auth

Length of output: 50382

🏁 Script executed:

# Find the storage/account-clear file
fd -type f -name "*account*clear*" -o -name "*clear*account*" lib/

# Check README.md around the fail-fast bullets
sed -n '270,290p' README.md

# Search specifically for storage-related error handling docs
rg -n "windows|cleanup|storage.*clear|account.*clear" README.md -A2 -B2

Repository: ndycode/codex-multi-auth

Length of output: 1505

🏁 Script executed:

# Look for the actual account-clear implementation
find lib/ -type f -name "*.ts" | xargs grep -l "EBUSY\|EPERM\|clearAccountStorage" | head -10

Repository: ndycode/codex-multi-auth

Length of output: 372

🏁 Script executed:

# Check what the documentation test expects for storage/windows
rg -B5 -A5 "eperm.*ebusy|ebusy.*eperm" test/documentation.test.ts

Repository: ndycode/codex-multi-auth

Length of output: 50

🏁 Script executed:

# Search for account-clear related functions more broadly
rg -n "clearAccountStorageArtifacts|account.*clear|storage.*clear|AccountClear" lib/ --type ts -A3 -B1 | head -80

Repository: ndycode/codex-multi-auth

Length of output: 1781

🏁 Script executed:

# Find and view the documentation test that checks for eperm/ebusy
sed -n '370,380p' test/documentation.test.ts

Repository: ndycode/codex-multi-auth

Length of output: 553

🏁 Script executed:

# Search README for any windows-specific troubleshooting
rg -n -i "windows|ebusy|eperm|file.*lock|access.*denied" README.md

Repository: ndycode/codex-multi-auth

Length of output: 191

🏁 Script executed:

# Read the account-clear.ts file to see EBUSY/EPERM handling
cat lib/storage/account-clear.ts

Repository: ndycode/codex-multi-auth

Length of output: 1293

🏁 Script executed:

# Find where fieldInventory is built in documentation.test.ts
rg -B20 'expect.*fieldInventory.*eperm' test/documentation.test.ts | head -60

Repository: ndycode/codex-multi-auth

Length of output: 957

🏁 Script executed:

# Check if README mentions account storage or storage clearing
rg -n -i "account storage|storage.*clear|clean.*storage" README.md -B2 -A2

Repository: ndycode/codex-multi-auth

Length of output: 477

🏁 Script executed:

# Check docs/development/CONFIG_FIELDS.md to see what Windows notes exist
rg -B5 -A5 "eperm|ebusy|windows.*note|concurrency.*windows" docs/development/CONFIG_FIELDS.md | head -80

Repository: ndycode/codex-multi-auth

Length of output: 50

🏁 Script executed:

# Check if CONFIG_FIELDS.md exists and has content
cat docs/development/CONFIG_FIELDS.md | head -100

Repository: ndycode/codex-multi-auth

Length of output: 3139

🏁 Script executed:

# Search for where eperm and ebusy are mentioned in docs
fd --type f -path "docs/*" | xargs rg -l "eperm|ebusy" 2>/dev/null

Repository: ndycode/codex-multi-auth

Length of output: 311

🏁 Script executed:

# View the troubleshooting section of README more broadly
rg -n "troubleshooting|common symptoms|diagnostics" README.md -i -A 30 | head -100

Repository: ndycode/codex-multi-auth

Length of output: 3603

🏁 Script executed:

# View more of CONFIG_FIELDS.md to find eperm/ebusy sections
cat docs/development/CONFIG_FIELDS.md | grep -B5 -A5 -i "eperm\|ebusy\|windows"

Repository: ndycode/codex-multi-auth

Length of output: 709

🏁 Script executed:

# Check if there are any docs about storage cleanup or Windows issues
fd -type f docs/ | xargs rg -l "storage.*clear\|account.*clear\|ebusy\|eperm" 2>/dev/null

Repository: ndycode/codex-multi-auth

Length of output: 240

🏁 Script executed:

# Check docs/troubleshooting.md to see if Windows storage is documented there
cat docs/troubleshooting.md 2>/dev/null | head -150

Repository: ndycode/codex-multi-auth

Length of output: 3692

Add Windows file-locking symptom and recovery path to README troubleshooting.

The lib/storage/account-clear.ts:12 unlink operations can fail with EBUSY or EPERM on Windows during concurrent file access or antivirus scanning. Storage cleanup failures leave stale state and block subsequent codex auth operations. Add one explicit bullet to README.md lines 274-283 under "Common symptoms" so Windows users have a direct recovery path:

- Storage cleanup fails with `EBUSY` / `EPERM` (Windows): run `codex auth doctor --fix` to retry, or manually remove `~/.codex/multi-auth/<project-key>/` and re-login

Also add retry logic with exponential backoff to lib/storage/account-clear.ts for transient EBUSY/EPERM errors during file removal, mirroring the pattern already used in lib/quota-cache.ts:154-171 and test/quota-cache.test.ts:136-176.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@README.md` around lines 278 - 279, Add a Windows-specific troubleshooting
bullet to README.md under the "Common symptoms" section (around lines 274-283)
that reads: "Storage cleanup fails with `EBUSY` / `EPERM` (Windows): run `codex
auth doctor --fix` to retry, or manually remove
`~/.codex/multi-auth/<project-key>/` and re-login". In
lib/storage/account-clear.ts, update the unlink/remove logic (where unlink is
called around line 12) to handle transient Windows file-lock errors by
implementing exponential-backoff retries for EBUSY and EPERM: catch the
unlink/fs.rm errors in the function that performs account cleanup, loop with a
small base delay doubling each attempt, stop after a bounded max attempts, and
only rethrow non-transient errors; mirror the same retry/backoff parameters and
error checks used in lib/quota-cache.ts (the pattern at lines 154-171) so
behavior is consistent with quota-cache test expectations.

- Storage cleanup fails with `EBUSY` / `EPERM` (Windows): run `codex auth doctor --fix` to retry, or manually remove `~/.codex/multi-auth/<project-key>/` and re-login
- OAuth callback on port `1455` fails: free the port and re-run `codex auth login`
- Browser launch is blocked or you are in a headless shell: re-run `codex auth login --manual` or set `CODEX_AUTH_NO_BROWSER=1`
- `missing field id_token` / `token_expired` / `refresh_token_reused`: re-login affected account
Expand Down
Loading