Skip to content

chore(deps): bump node from 24-slim to 25-slim in /codex-cli#2

Open
dependabot[bot] wants to merge 3 commits into
mainfrom
dependabot/docker/codex-cli/node-25-slim
Open

chore(deps): bump node from 24-slim to 25-slim in /codex-cli#2
dependabot[bot] wants to merge 3 commits into
mainfrom
dependabot/docker/codex-cli/node-25-slim

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 21, 2026

Copy link
Copy Markdown

Bumps node from 24-slim to 25-slim.

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

aibrahim-oai and others added 3 commits March 19, 2026 09:49
- App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens. (#14952)
- Plugin setup is smoother: Codex can prompt to install missing plugins or connectors, honor a configured suggestion allowlist, and sync install/uninstall state remotely. (#14896, #15022, #14878)
- Added a `userpromptsubmit` hook so prompts can be blocked or augmented before execution and before they enter history. (#14626)
- Realtime sessions now start with recent thread context and are less likely to self-interrupt during audio playback. (#14829, #14827)

## Bug Fixes
- Fixed a first-turn stall where websocket prewarm could delay `turn/start`; startup now times out and falls back cleanly. (#14838)
- Restored conversation history for remote resume/fork in the app-server TUI and stopped duplicate live transcript output from legacy stream events. (#14930, #14892)
- Improved Linux sandbox startup on symlinked checkouts, missing writable roots, and Ubuntu/AppArmor hosts by preferring system `bwrap` when available. (#14849, #14890, #14963)
- Fixed an agent job finalization race and reduced status polling churn for worker threads. (#14843)

## Documentation
- Refreshed the Python SDK public API docs, examples, and walkthrough around the generated app-server models. (#14446)

## Chores
- Pinned the `setup-zig` GitHub Action to an immutable SHA for more reproducible CI. (#14858)

## Changelog

Full Changelog: openai/codex@rust-v0.115.0...rust-v0.116.0

- #14717 Move TUI on top of app server (parallel code) @etraut-openai
- #14665 Use request permission profile in app server @mousseau-oai
- #14826 Fixed build failures related to PR 14717 @etraut-openai
- #14833 fix(core): fix sanitize name to use '_' everywhere @apanasenko-oai
- #14268 memories: exclude AGENTS and skills from stage1 input @andi-oai
- #14139 windows-sandbox: add runner IPC foundation for future unified_exec @iceweasel-oai
- #14851 Add exit helper to code mode scripts @pakrym-oai
- #14828 [stack 1/4] Split realtime websocket methods by version @aibrahim-oai
- #14652 Apply argument comment lint across codex-rs @bolinfest
- #14837 skill-creator: default new skills to ~/.codex/skills @xl-openai
- #14861 Add marketplace display names to plugin/list @xl-openai
- #14878 feat: support remote_sync for plugin install/uninstall. @xl-openai
- #14830 [stack 2/4] Align main realtime v2 wire and runtime flow @aibrahim-oai
- #14886 fix: align marketplace display name with existing interface conventions @xl-openai
- #14881 [codex] add Jason as a predefined subagent name @tibo-openai
- #14864 fix: tighten up shell arg quoting in GitHub workflows @bolinfest
- #14829 [stack 3/4] Add current thread context to realtime startup @aibrahim-oai
- #14827 [stack 4/4] Reduce realtime self-interruptions during playback @aibrahim-oai
- #14849 fix: canonicalize symlinked Linux sandbox cwd @viyatb-oai
- #14892 Fix tui_app_server: ignore duplicate legacy stream events @etraut-openai
- #14899 Revert tui code so it does not rely on in-process app server @etraut-openai
- #14890 fix(linux-sandbox): ignore missing writable roots @viyatb-oai
- #14920 feat: centralize package manager version @jif-oai
- #14935 feat: rename to get more explicit close agent @jif-oai
- #14843 Fix agent jobs finalization race and reduce status polling churn @daveaitel-openai
- #14944 feat: show effective model in spawn agent event @jif-oai
- #14838 fix(core): prevent hanging turn/start due to websocket warming issues @owenlin0
- #14859 Feat: CXA-1831 Persist latest model and reasoning effort in sqlite @shijie-oai
- #14930 fix(tui): restore remote resume and fork history @fcoury
- #14955 Fix fuzzy search notification buffering in app-server tests @aibrahim-oai
- #14938 feat: add suffix to shell snapshot name @jif-oai
- #14959 Fix code mode yield startup race @aibrahim-oai
- #14434 generate an internal json schema for `RolloutLine` @keyz
- #14846 use framed IPC for elevated command runner @iceweasel-oai
- #14952 Add device-code onboarding and ChatGPT token refresh to app-server TUI @etraut-openai
- #14896 [plugins] Support plugin installation elicitation. @mzeng-openai
- #14958 Stabilize Windows cmd-based shell test harnesses @aibrahim-oai
- #14966 Stabilize permissions popup selection tests @aibrahim-oai
- #14968 Stabilize approval matrix write-file command @aibrahim-oai
- #14986 temporarily disable private desktop until it works with elevated IPC path @iceweasel-oai
- #14983 Rename exec_wait tool to wait @pakrym-oai
- #14905 Add auth env observability @ccy-oai
- #14931 fix(tui): implement /mcp inventory for tui_app_server @fcoury
- #14977 Cleanup skills/remote/xxx endpoints. @xl-openai
- #14984 Gate realtime audio interruption logic to v2 @aibrahim-oai
- #14902 Unify realtime shutdown in core @aibrahim-oai
- #14963 fix(linux-sandbox): prefer system /usr/bin/bwrap when available @viyatb-oai
- #14446 Add Python SDK public API and examples @shaqayeq-oai
- #14993 feat: Add product-aware plugin policies and clean up manifest naming @xl-openai
- #14995 app-server: reject websocket requests with Origin headers @maxj-oai
- #14960 Add FS abstraction and use in view_image @pakrym-oai
- #14293 fix: honor active permission profiles in sandbox debug @viyatb-oai
- #14610 feat: support restricted ReadOnlyAccess in elevated Windows sandbox @viyatb-oai
- #13592 Prefer websockets when providers support them @pakrym-oai
- #14903 Handle realtime conversation end in the TUI @aibrahim-oai
- #14727 Use workspace requirements for guardian prompt override @charley-oai
- #14626 [hooks] userpromptsubmit - hook before user's prompt is executed @eternal-openai
- #14858 Pin setup-zig GitHub Action to immutable SHA @viyatb-oai
- #13702 fix(subagents) share execpolicy by default @dylan-hurd-oai
- #15022 [plugins] Support configuration tool suggest allowlist. @mzeng-openai
- #14947 feat: adapt artifacts to new packaging and 2.5.6 @jif-oai
- #14821 feat: add memory citation to agent message @jif-oai
- #15058 nit: disable live memory edition @jif-oai
- #14942 Removed remaining core events from tui_app_server @etraut-openai
- #15059 chore: disable memory read path for morpheus @jif-oai
- #14842 Add notify to code-mode @pakrym-oai
- #15020 fix: harden plugin feature gating @xl-openai
Bumps node from 24-slim to 25-slim.

---
updated-dependencies:
- dependency-name: node
  dependency-version: 25-slim
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file docker Pull requests that update docker code labels Mar 21, 2026
dqIndieGames pushed a commit that referenced this pull request Apr 2, 2026
- Remove numeric prefixes for disabled rows in shared list rendering.
These numbers are shortcuts, Ex: Pressing "2" selects option `#2`.
Disabled items can not be selected, so keeping numbers on these items is
misleading.
- Apply the same behavior in both tui and tui_app_server.
- Update affected snapshots for apps/plugins loading and plugin detail
rows.

_**This is a global change.**_

Before:
<img width="1680" height="488" alt="image"
src="https://github.com/user-attachments/assets/4bcf94ad-285f-48d3-a235-a85b58ee58e2"
/>

After:
<img width="1706" height="484" alt="image"
src="https://github.com/user-attachments/assets/76bb6107-a562-42fe-ae94-29440447ca77"
/>
dqIndieGames pushed a commit that referenced this pull request May 11, 2026
## Why

We found this while reviewing #21091, but confirmed it is not introduced
by that PR: the order-sensitive `current_text_with_pending()`
replacement loop already existed, and `main` already allowed active
same-size large pastes to use prefix-overlapping labels such as `[Pasted
Content N chars]` and `[Pasted Content N chars] #2`.

#21091 fixes placeholder numbering after a draft is cleared, so a fresh
same-size paste can reuse the base label. This PR fixes a different
path: when a draft already contains multiple active same-size large
pastes, the placeholders can overlap by prefix, for example `[Pasted
Content N chars]` and `[Pasted Content N chars] #2`.

That overlap breaks `current_text_with_pending()` when the composer
materializes the draft text for the external editor. Replacing the base
placeholder first can partially rewrite the `#2` placeholder, leaving
the external editor seeded with corrupted text instead of both paste
payloads.

| Before | After |
|---|---|
| <img width="1230" height="1008" alt="CleanShot 2026-05-05 at 10 18 09"
src="https://github.com/user-attachments/assets/88a2936c-cf00-4adc-8567-8fd8f398b4a8"
/> | <img width="1230" height="1008" alt="CleanShot 2026-05-05 at 10 20
31"
src="https://github.com/user-attachments/assets/119cff52-43c8-432a-9367-418d82f4ed82"
/> |
| <img width="1230" height="1008" alt="CleanShot 2026-05-05 at 10 18 57"
src="https://github.com/user-attachments/assets/026031bb-839b-4252-a0fd-9ba9616435fe"
/> | <img width="1230" height="1008" alt="CleanShot 2026-05-05 at 10 21
31"
src="https://github.com/user-attachments/assets/8cb6f2c8-3a5d-411b-8623-dca666ee3c08"
/> |

## What Changed

- Changed `current_text_with_pending()` to expand pending pastes through
the existing element-range based `expand_pending_pastes()` helper
instead of global string replacement.
- Added a regression test with two different same-length large pastes to
ensure both overlapping placeholders expand to their original payloads.

## How to Test

1. Start Codex TUI.
2. Paste a large string, for example 1004 `A` characters.
```shell
perl -e 'print "A" x 1004' | pbcopy
```
3. Paste a second large string with the same length, for example 1004
`B` characters.
```shell
perl -e 'print "B" x 1004' | pbcopy
```
4. Open the external editor from the composer.
5. Confirm the editor is seeded with the full `A...` payload followed by
the full `B...` payload, with no literal `#2` left behind.

Targeted tests:
- `cargo test -p codex-tui
current_text_with_pending_expands_overlapping_placeholders`
- `just argument-comment-lint-from-source -p codex-tui`

I also ran `cargo test -p codex-tui`; it reached the full crate suite
but failed two unrelated local status tests because this machine's
`/etc/codex/requirements.toml` rejects `DangerFullAccess`.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file docker Pull requests that update docker code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants