[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-openai-april-2026-codex-updates-en":3,"tags-openai-april-2026-codex-updates-en":30,"related-lang-openai-april-2026-codex-updates-en":41,"related-posts-openai-april-2026-codex-updates-en":45,"series-tools-9c3b8b7b-903b-4cfc-9acc-2f526dac479d":82},{"id":4,"title":5,"content":6,"summary":7,"source":8,"source_url":9,"author":10,"image_url":11,"keywords":12,"language":18,"translated_content":10,"views":19,"is_premium":20,"created_at":21,"updated_at":21,"cover_image":11,"published_at":22,"rewrite_status":23,"rewrite_error":10,"rewritten_from_id":24,"slug":25,"category":26,"related_article_id":27,"status":28,"google_indexed_at":29,"x_posted_at":10,"tweet_text":10,"title_rewritten_at":10,"title_original":10,"key_takeaways":10,"topic_cluster_id":10,"embedding":10,"is_canonical_seed":20},"9c3b8b7b-903b-4cfc-9acc-2f526dac479d","OpenAI’s April 2026 updates: Codex gets tighter","\u003Cp>\u003Ca href=\"https:\u002F\u002Freleasebot.io\u002Fupdates\u002Fopenai\" target=\"_blank\" rel=\"noopener\">OpenAI\u003C\u002Fa> shipped a dense \u003Ca href=\"\u002Fnews\u002Fanthropic-april-2026-claude-code-update-en\">April 2026\u003C\u002Fa> update set through \u003Ca href=\"https:\u002F\u002Freleasebot.io\" target=\"_blank\" rel=\"noopener\">Releasebot\u003C\u002Fa>, and the biggest story is \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fopenai\u002Fcodex\" target=\"_blank\" rel=\"noopener\">Codex\u003C\u002Fa> 0.118.0. The release mixes security hardening, login changes, and a long list of fixes for the TUI, sandboxing, and MCP startup behavior.\u003C\u002Fp>\u003Cp>The headline numbers are hard to ignore: proxy-only networking for Windows sandbox runs, device-code sign-in for app-server clients, prompt-plus-stdin support in \u003Ccode>codex exec\u003C\u002Fcode>, and dynamic bearer tokens for custom model providers. That is a lot of surface area for one point release, and it tells you where OpenAI is spending engineering time right now.\u003C\u002Fp>\u003Ch2>Codex 0.118.0 is about control, not flash\u003C\u002Fh2>\u003Cp>If you read the changelog like a product manager, the pattern is obvious. OpenAI is tightening the places where Codex can talk to the network, where it can authenticate, and where it can fail. That usually means the product has enough adoption that reliability and policy enforcement matter more than adding shiny new commands.\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775174630120-095f.png\" alt=\"OpenAI’s April 2026 updates: Codex gets tighter\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>The Windows sandbox update is the clearest example. Instead of depending on environment variables, Codex can now enforce proxy-only networking with OS-level egress rules. That is a better answer for teams that care about where traffic goes, especially in locked-down enterprise setups.\u003C\u002Fp>\u003Cul>\u003Cli>Windows sandbox: proxy-only networking now uses OS-level egress rules (#12220)\u003C\u002Fli>\u003Cli>App-server clients can start \u003Ca href=\"https:\u002F\u002Fopenai.com\u002Fchatgpt\" target=\"_blank\" rel=\"noopener\">ChatGPT\u003C\u002Fa> sign-in with device code flow (#15525)\u003C\u002Fli>\u003Cli>\u003Ccode>codex exec\u003C\u002Fcode> now supports prompt-plus-stdin input (#15917)\u003C\u002Fli>\u003Cli>Custom model providers can refresh bearer tokens dynamically (#16286, #16287, #16288)\u003C\u002Fli>\u003C\u002Ful>\u003Cp>That token work matters more than it may look at first glance. Static credentials are fine for demos, but they age badly in production. Dynamic bearer tokens let Codex fit into systems that issue short-lived access tokens, which is how a lot of modern internal infrastructure already works.\u003C\u002Fp>\u003Cp>There is also a subtle but important quality-of-life improvement in the CLI flow. Prompt-plus-stdin means you can pipe structured input into Codex while still passing a separate instruction on the command line. That makes the tool more scriptable, which is exactly where these developer tools start to matter.\u003C\u002Fp>\u003Ch2>Login, sandboxes, and MCP got the most attention\u003C\u002Fh2>\u003Cp>The release also spends real effort on making the app-server and sandbox paths less fragile. On Linux, Codex once again finds a trusted \u003Ccode>bwrap\u003C\u002Fcode> binary even on multi-entry \u003Ccode>PATH\u003C\u002Fcode> setups, which sounds small until you remember how often container and sandbox tooling breaks on path resolution edge cases.\u003C\u002Fp>\u003Cp>OpenAI also extended startup windows for local MCP servers and restored warnings when handshakes fail. That matters because silent failure is the worst kind of failure in agent tooling. If a server does not start correctly, the user needs to know immediately instead of assuming everything is fine.\u003C\u002Fp>\u003Cblockquote>“The best way to predict the future is to invent it.” — Alan Kay\u003C\u002Fblockquote>\u003Cp>That quote gets used a lot, but it fits this release surprisingly well. OpenAI is not waiting for agent workflows to settle on their own. It is actively shaping how authentication, sandboxing, and server startup should behave inside Codex.\u003C\u002Fp>\u003Cp>There is also a strong security thread running through the changelog. Project-local \u003Ccode>.codex\u003C\u002Fcode> files are now protected on first creation, network-proxy DNS lookup errors fail closed, and Windows apply_patch behavior avoids redundant writable roots that could trigger extra ACL churn. None of those lines make for flashy marketing copy. All of them reduce the odds that a developer tool becomes a footgun.\u003C\u002Fp>\u003Cul>\u003Cli>Linux sandbox now resolves trusted \u003Ccode>bwrap\u003C\u002Fcode> more reliably (#15791, #15973)\u003C\u002Fli>\u003Cli>MCP startup timeout increased for local servers (#16080)\u003C\u002Fli>\u003Cli>MCP handshake warnings return to the TUI (#16041)\u003C\u002Fli>\u003Cli>Project-local \u003Ccode>.codex\u003C\u002Fcode> creation is protected on first write (#15067)\u003C\u002Fli>\u003Cli>Network-proxy DNS lookup errors fail closed (#15909)\u003C\u002Fli>\u003C\u002Ful>\u003Ch2>The TUI fixes show where users were getting stuck\u003C\u002Fh2>\u003Cp>The app-server-backed TUI got a wide cleanup pass, and the fixes point to real user pain. \u003Ccode>\u002Fcopy\u003C\u002Fcode> works again, \u003Ccode>\u002Fresume\u003C\u002Fcode> works again, stale threads no longer linger in \u003Ccode>\u002Fagent\u003C\u002Fcode>, and the skills picker scrolls past the first page. That is the kind of bug list you only get after people actually use the thing in anger.\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775174626860-j9yd.png\" alt=\"OpenAI’s April 2026 updates: Codex gets tighter\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>OpenAI also removed the legacy TUI split, renamed \u003Ccode>tui_app_server\u003C\u002Fcode> to \u003Ccode>tui\u003C\u002Fcode>, and dropped the voice transcription feature. That suggests a simplification pass, where the team is cutting older paths and trimming features that probably added maintenance cost without enough day-to-day value.\u003C\u002Fp>\u003Cul>\u003Cli>\u003Ccode>\u002Fcopy\u003C\u002Fcode> regression fixed in turn completion (#16021)\u003C\u002Fli>\u003Cli>\u003Ccode>\u002Fresume\u003C\u002Fcode> by name lookup fixed (#16050)\u003C\u002Fli>\u003Cli>Ghost subagent entries in \u003Ccode>\u002Fagent\u003C\u002Fcode> fixed (#16110)\u003C\u002Fli>\u003Cli>Skills picker scrolling fixed (#16109)\u003C\u002Fli>\u003Cli>Legacy TUI split removed and voice transcription dropped (#15922, #16114)\u003C\u002Fli>\u003C\u002Ful>\u003Cp>One more detail matters here: the release adds a mailbox concept for wait, plus a more explicit inter-agent communication path in spawn v2. That tells me OpenAI is still experimenting with how agents should coordinate, queue work, and hand off state. The company is not treating agent orchestration as solved.\u003C\u002Fp>\u003Cp>There is a useful comparison here with the March app updates in \u003Ca href=\"\u002Fnews\u002Fopenai-chatgpt-app-updates-march-2026\">OpenAI’s ChatGPT app changes from March 2026\u003C\u002Fa>. Those updates focused on integrations and workspace controls, while this Codex release is far more about developer workflow plumbing and failure handling.\u003C\u002Fp>\u003Ch2>What this release says about OpenAI’s near-term direction\u003C\u002Fh2>\u003Cp>The most interesting part of the changelog is not any single feature. It is the combination of tighter auth, better sandbox controls, and more explicit agent communication. OpenAI seems to be treating Codex less like a novelty CLI and more like infrastructure that has to survive real teams, real policies, and real CI systems.\u003C\u002Fp>\u003Cp>The company also keeps widening the tool surface around Codex. The release pulls in named tool definitions, tool spec adapters, discovery tool specs, collaboration tool specs, and utility tool specs. That is a sign the internal architecture is being split into smaller pieces so the product can grow without collapsing under its own complexity.\u003C\u002Fp>\u003Cp>Here is the practical reading for developers:\u003C\u002Fp>\u003Cul>\u003Cli>If you run Codex in managed environments, the new token and proxy changes matter immediately.\u003C\u002Fli>\u003Cli>If you depend on the TUI, the regression fixes are the difference between friction and trust.\u003C\u002Fli>\u003Cli>If you build on MCP, the startup and handshake changes reduce ambiguity when servers misbehave.\u003C\u002Fli>\u003Cli>If you maintain internal model providers, dynamic bearer auth is the update to watch.\u003C\u002Fli>\u003C\u002Ful>\u003Cp>My take: this release is a sign that OpenAI is preparing Codex for more opinionated enterprise use, where policy, login, and observability matter as much as raw model quality. The next question is whether these controls stay developer-friendly as the stack grows. If they do, Codex will keep pulling in teams that want agent tooling without surrendering control over network access, auth, or execution boundaries.\u003C\u002Fp>\u003Cp>For now, the actionable move is simple: if your team uses Codex, test the new login flow, verify sandbox networking rules, and re-check any MCP server startup assumptions before the next rollout.\u003C\u002Fp>","OpenAI’s latest Codex release adds proxy-only networking, device-code login, dynamic auth tokens, and more reliable sandbox behavior.","releasebot.io","https:\u002F\u002Freleasebot.io\u002Fupdates\u002Fopenai",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775174630120-095f.png",[13,14,15,16,17],"OpenAI","Codex","MCP","sandbox networking","developer tools","en",1,false,"2026-04-03T00:03:29.756414+00:00","2026-04-03T00:03:29.734+00:00","done","92a59404-e598-423f-b59a-0f0a7b0391f8","openai-april-2026-codex-updates-en","tools","ea1f6583-f929-45c8-b2d2-7e7d5a51059d","published","2026-04-07T07:41:14.332+00:00",[31,33,35,37,39],{"name":13,"slug":32},"openai",{"name":15,"slug":34},"mcp",{"name":17,"slug":36},"developer-tools",{"name":14,"slug":38},"codex",{"name":16,"slug":40},"sandbox-networking",{"id":27,"slug":42,"title":43,"language":44},"openai-april-2026-codex-updates-zh","OpenAI 4 月更新：Codex 更收緊","zh",[46,52,58,64,70,76],{"id":47,"slug":48,"title":49,"cover_image":50,"image_url":50,"created_at":51,"category":26},"a6c1d84d-0d9c-4a5a-9ca0-960fbfc1412e","why-gemini-api-pricing-is-cheaper-than-it-looks-en","Why Gemini API pricing is cheaper than it looks","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778869846824-s2r1.png","2026-05-15T18:30:26.595941+00:00",{"id":53,"slug":54,"title":55,"cover_image":56,"image_url":56,"created_at":57,"category":26},"8b02abfa-eb16-4853-8b15-63d302c7b587","why-vidhub-huiyuan-hutong-bushi-quan-shebei-tongyong-en","Why VidHub 会员互通不是“买一次全设备通用”","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778789439875-uceq.png","2026-05-14T20:10:26.046635+00:00",{"id":59,"slug":60,"title":61,"cover_image":62,"image_url":62,"created_at":63,"category":26},"abe54a57-7461-4659-b2a0-99918dfd2a33","why-buns-zig-to-rust-experiment-is-right-en","Why Bun’s Zig-to-Rust experiment is the right move","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778767895201-5745.png","2026-05-14T14:10:29.298057+00:00",{"id":65,"slug":66,"title":67,"cover_image":68,"image_url":68,"created_at":69,"category":26},"f0015918-251b-43d7-95af-032d2139f3f6","why-openai-api-pricing-is-product-strategy-en","Why OpenAI API pricing is a product strategy, not a footnote","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778749841805-uyhg.png","2026-05-14T09:10:27.921211+00:00",{"id":71,"slug":72,"title":73,"cover_image":74,"image_url":74,"created_at":75,"category":26},"7096dab0-6d27-42d9-b951-7545a5dddf33","why-claude-code-prompt-design-beats-ide-copilots-en","Why Claude Code’s prompt design beats IDE copilots","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778742651754-3kxk.png","2026-05-14T07:10:30.953808+00:00",{"id":77,"slug":78,"title":79,"cover_image":80,"image_url":80,"created_at":81,"category":26},"1f1bff1e-0ebc-4fa7-a078-64dc4b552548","why-databricks-model-serving-is-right-default-en","Why Databricks Model Serving is the right default for production infe…","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778692290314-gopj.png","2026-05-13T17:10:32.167576+00:00",[83,88,93,98,103,108,113,118,123,128],{"id":84,"slug":85,"title":86,"created_at":87},"8008f1a9-7a00-4bad-88c9-3eedc9c6b4b1","surepath-ai-mcp-policy-controls-en","SurePath AI's New MCP Policy Controls Enhance AI Security","2026-03-26T01:26:52.222015+00:00",{"id":89,"slug":90,"title":91,"created_at":92},"27e39a8f-b65d-4f7b-a875-859e2b210156","mcp-standard-ai-tools-2026-en","MCP Standard in 2026: Integrating AI Tools","2026-03-26T01:27:43.127519+00:00",{"id":94,"slug":95,"title":96,"created_at":97},"165f9a19-c92d-46ba-b3f0-7125f662921d","rag-2026-transforming-enterprise-ai-en","How RAG in 2026 is Transforming Enterprise AI","2026-03-26T01:28:11.485236+00:00",{"id":99,"slug":100,"title":101,"created_at":102},"6a2a8e6e-b956-49d8-be12-cc47bdc132b2","mastering-ai-prompts-2026-guide-en","Mastering AI Prompts: A 2026 Guide for Developers","2026-03-26T01:29:07.835148+00:00",{"id":104,"slug":105,"title":106,"created_at":107},"d6653030-ee6d-4043-898d-d2de0388545b","evolving-world-prompt-engineering-en","The Evolving World of Prompt Engineering","2026-03-26T01:29:42.061205+00:00",{"id":109,"slug":110,"title":111,"created_at":112},"3ab2c67e-4664-4c67-a013-687a2f605814","garry-tan-open-sources-claude-code-toolkit-en","Garry Tan Open-Sources a Claude Code Toolkit","2026-03-26T08:26:20.245934+00:00",{"id":114,"slug":115,"title":116,"created_at":117},"66a7cbf8-7e76-41d4-9bbf-eaca9761bf69","github-ai-projects-to-watch-in-2026-en","20 GitHub AI Projects to Watch in 2026","2026-03-26T08:28:09.752027+00:00",{"id":119,"slug":120,"title":121,"created_at":122},"231306b3-1594-45b2-af81-bb80e41182f2","claude-code-vs-cursor-2026-en","Claude Code vs Cursor in 2026","2026-03-26T13:27:14.177468+00:00",{"id":124,"slug":125,"title":126,"created_at":127},"9f332fda-eace-448a-a292-2283951eee71","practical-github-guide-learning-ml-2026-en","A Practical GitHub Guide to Learning ML in 2026","2026-03-27T01:16:50.125678+00:00",{"id":129,"slug":130,"title":131,"created_at":132},"1b1f637d-0f4d-42bd-974b-07b53829144d","aiml-2026-student-ai-ml-lab-repo-review-en","AIML-2026 Is a Bare-Bones Student Lab Repo","2026-03-27T01:21:51.661231+00:00"]