codex

clone/codex

Fork 0

mirror of https://github.com/openai/codex.git synced 2026-05-28 06:55:01 +00:00

Commit Graph

Author	SHA1	Message	Date
Adam Perry @ OpenAI	cca1e0ba1d	Uprev Rust toolchain pins to 1.95.0 (#24684 ) ## Summary - Bump the workspace Rust toolchain from `1.93.0` to `1.95.0` across Cargo, Bazel, CI, release workflows, devcontainers, and the Codex environment config. - Refresh `MODULE.bazel.lock` so the Bazel Rust toolchain artifacts match the new version. - Leave purpose-specific toolchains unchanged, including the `argument-comment-lint` nightly and the upstream `rusty_v8` `1.91.0` build pin. - Includes fixes for new lints from `just fix` and a few codex-authored fixes for lints without a suggestion.	2026-05-26 20:59:47 -07:00
jif-oai	5744b85b9a	fix: cargo deny (#20627 ) Fix cargo deny by ack the `RUSTSEC` while a fix land ``` RUSTSEC-2026-0118 NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses RUSTSEC-2026-0119 CPU exhaustion during message encoding due to O(n²) name compression Dependency path: hickory-proto 0.25.2 └── hickory-resolver 0.25.2 └── rama-dns 0.3.0-alpha.4 └── rama-tcp 0.3.0-alpha.4 └── codex-network-proxy ``` Also upgrade some workers version to prevent this: ``` warning[license-not-encountered]: license was not encountered ┌─ ./codex-rs/deny.toml:131:6 │ 131 │ "OpenSSL", │ ━━━━━━━ unmatched license allowance warning[duplicate]: found 2 duplicate entries for crate 'base64' ┌─ /github/workspace/codex-rs/Cargo.lock:79:1 │ 79 │ ╭ base64 0.21.7 registry+https://github.com/rust-lang/crates.io-index 80 │ │ base64 0.22.1 registry+https://github.com/rust-lang/crates.io-index │ ╰───────────────────────────────────────────────────────────────────┘ lock entries ```	2026-05-01 18:15:38 +02:00
Josh McKinney	4ed4c73d6b	chore(ci): add cargo audit workflow and policy (#7108 ) - add to ignore current unmaintained advisories (derivative, fxhash, paste) so audits gate new issues only - introduce GitHub Actions workflow to run on push/PR using to install cargo-audit Existing advisories (all "unmaintained"): - https://rustsec.org/advisories/RUSTSEC-2024-0388 - https://rustsec.org/advisories/RUSTSEC-2025-0057 - https://rustsec.org/advisories/RUSTSEC-2024-0436	2025-11-24 12:20:55 -08:00

Author

SHA1

Message

Date

Adam Perry @ OpenAI

cca1e0ba1d

Uprev Rust toolchain pins to 1.95.0 (#24684 )

## Summary
- Bump the workspace Rust toolchain from `1.93.0` to `1.95.0` across
Cargo, Bazel, CI, release workflows, devcontainers, and the Codex
environment config.
- Refresh `MODULE.bazel.lock` so the Bazel Rust toolchain artifacts
match the new version.
- Leave purpose-specific toolchains unchanged, including the
`argument-comment-lint` nightly and the upstream `rusty_v8` `1.91.0`
build pin.
- Includes fixes for new lints from `just fix` and a few codex-authored
fixes for lints without a suggestion.

2026-05-26 20:59:47 -07:00

jif-oai

5744b85b9a

fix: cargo deny (#20627 )

Fix cargo deny by ack the `RUSTSEC` while a fix land
```
  RUSTSEC-2026-0118
  NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

  RUSTSEC-2026-0119
  CPU exhaustion during message encoding due to O(n²) name compression

  Dependency path:

  hickory-proto 0.25.2
  └── hickory-resolver 0.25.2
      └── rama-dns 0.3.0-alpha.4
          └── rama-tcp 0.3.0-alpha.4
              └── codex-network-proxy
```

Also upgrade some workers version to prevent this:
```
warning[license-not-encountered]: license was not encountered
    ┌─ ./codex-rs/deny.toml:131:6
    │
131 │     "OpenSSL",
    │      ━━━━━━━ unmatched license allowance

warning[duplicate]: found 2 duplicate entries for crate 'base64'
   ┌─ /github/workspace/codex-rs/Cargo.lock:79:1
   │
79 │ ╭ base64 0.21.7 registry+https://github.com/rust-lang/crates.io-index
80 │ │ base64 0.22.1 registry+https://github.com/rust-lang/crates.io-index
   │ ╰───────────────────────────────────────────────────────────────────┘ lock entries
```

2026-05-01 18:15:38 +02:00

Josh McKinney

4ed4c73d6b

chore(ci): add cargo audit workflow and policy (#7108 )

- add to ignore current unmaintained advisories (derivative, fxhash,
paste) so audits gate new issues only
- introduce GitHub Actions workflow to run on push/PR using to install
cargo-audit

Existing advisories (all "unmaintained"):
- https://rustsec.org/advisories/RUSTSEC-2024-0388
- https://rustsec.org/advisories/RUSTSEC-2025-0057
- https://rustsec.org/advisories/RUSTSEC-2024-0436

2025-11-24 12:20:55 -08:00

3 Commits