@minniexcode/codex-switch 0.0.6 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/README.AI.md +5 -2
  2. package/README.md +12 -6
  3. package/dist/app/add-provider.js +90 -5
  4. package/dist/app/edit-provider.js +39 -11
  5. package/dist/app/get-status.js +31 -1
  6. package/dist/app/init-codex.js +68 -0
  7. package/dist/app/list-providers.js +1 -0
  8. package/dist/app/run-doctor.js +96 -1
  9. package/dist/app/setup-codex.js +18 -9
  10. package/dist/app/show-config.js +9 -1
  11. package/dist/app/switch-provider.js +61 -8
  12. package/dist/cli/add-interactive.js +4 -2
  13. package/dist/cli/args.js +3 -0
  14. package/dist/cli/help.js +3 -0
  15. package/dist/cli/interactive.js +3 -0
  16. package/dist/cli/output.js +20 -5
  17. package/dist/cli/prompt.js +3 -0
  18. package/dist/cli.js +1 -1
  19. package/dist/commands/handlers.js +107 -13
  20. package/dist/commands/help.js +2 -1
  21. package/dist/commands/registry.js +87 -15
  22. package/dist/domain/config.js +137 -0
  23. package/dist/domain/providers.js +90 -2
  24. package/dist/domain/setup.js +1 -0
  25. package/dist/infra/backup-repo.js +3 -0
  26. package/dist/infra/codex-cli.js +3 -0
  27. package/dist/infra/codex-paths.js +3 -0
  28. package/dist/infra/fs-utils.js +3 -0
  29. package/dist/infra/lock-repo.js +3 -0
  30. package/dist/infra/providers-repo.js +3 -0
  31. package/dist/interaction/add-interactive.js +9 -18
  32. package/dist/interaction/interactive.js +84 -11
  33. package/dist/runtime/codex-probe.js +7 -0
  34. package/dist/runtime/copilot-adapter.js +173 -0
  35. package/dist/runtime/copilot-bridge-worker.js +25 -0
  36. package/dist/runtime/copilot-bridge.js +433 -0
  37. package/dist/runtime/copilot-installer.js +125 -0
  38. package/dist/runtime/copilot-sdk-loader.js +59 -0
  39. package/dist/storage/auth-repo.js +160 -0
  40. package/dist/storage/config-repo.js +58 -0
  41. package/dist/storage/fs-utils.js +3 -0
  42. package/dist/storage/runtime-state-repo.js +80 -0
  43. package/docs/Design/codex-switch-v0.0.7-design.md +862 -0
  44. package/docs/Design/codex-switch-v0.0.8-design.md +132 -0
  45. package/docs/Design/codex-switch-v0.0.9-to-v0.0.12-roadmap.md +413 -0
  46. package/docs/PRD/codex-switch-prd-v0.0.5-to-v0.1.0.md +131 -25
  47. package/docs/PRD/codex-switch-prd-v0.0.8.md +62 -0
  48. package/docs/Reference/codex-config-reference.md +604 -0
  49. package/docs/Reference/codex-config-reference.zh-CN.md +633 -0
  50. package/docs/cli-usage.md +77 -29
  51. package/docs/test-report-0.0.7.md +118 -0
  52. package/docs/testing.md +67 -47
  53. package/package.json +1 -1
@@ -0,0 +1,604 @@
1
+ # Codex Config Reference
2
+
3
+ This document reorganizes the official Codex configuration docs into a practical reference for day-to-day use.
4
+
5
+ It is not an official OpenAI document and it is not a line-by-line translation of the upstream pages.
6
+
7
+ Sources used for this summary:
8
+
9
+ - Advanced Configuration: https://developers.openai.com/codex/config-advanced
10
+ - Configuration Reference: https://developers.openai.com/codex/config-reference
11
+
12
+ Current against the official pages fetched on 2026-05-14.
13
+
14
+ ## 1. What this reference covers
15
+
16
+ This guide focuses on three things:
17
+
18
+ - where Codex reads configuration from
19
+ - which configuration families matter most in practice
20
+ - how the most important `config.toml` and `requirements.toml` keys fit together
21
+
22
+ It intentionally summarizes and groups the official reference instead of reproducing every single key.
23
+
24
+ ## 2. Config files and state locations
25
+
26
+ Codex stores local state under `CODEX_HOME`, which defaults to `~/.codex`.
27
+
28
+ Common files there include:
29
+
30
+ - `config.toml`: user-level local configuration
31
+ - `auth.json`: file-based credentials when applicable
32
+ - OS keychain/keyring: credential storage on supported systems
33
+ - `history.jsonl`: local session history when history persistence is enabled
34
+ - caches, logs, and other per-user state
35
+
36
+ The official docs also distinguish between:
37
+
38
+ - user config: `~/.codex/config.toml`
39
+ - project config: `<repo>/.codex/config.toml`
40
+ - admin-enforced requirements: `requirements.toml`
41
+
42
+ ## 3. Configuration layers and precedence
43
+
44
+ Codex supports several ways to influence configuration.
45
+
46
+ ### 3.1 User config
47
+
48
+ Your baseline settings usually live in:
49
+
50
+ ```toml
51
+ ~/.codex/config.toml
52
+ ```
53
+
54
+ Use this for persistent defaults such as model choice, approval policy, sandbox mode, providers, notifications, and telemetry settings.
55
+
56
+ ### 3.2 Project config
57
+
58
+ Codex can load repo-scoped overrides from:
59
+
60
+ ```toml
61
+ <repo>/.codex/config.toml
62
+ ```
63
+
64
+ Important behavior from the official docs:
65
+
66
+ - Codex walks from the project root to the current working directory.
67
+ - It loads every `.codex/config.toml` found along the way.
68
+ - If the same key is defined multiple times, the layer closest to the current working directory wins.
69
+ - Project-scoped config is loaded only for trusted projects.
70
+ - If a project is untrusted, Codex ignores project-local `.codex/` config, hooks, and rules.
71
+ - Relative paths inside a project config are resolved relative to the `.codex/` directory that contains that file.
72
+
73
+ Related keys:
74
+
75
+ - `project_root_markers`
76
+ - `projects.<path>.trust_level`
77
+ - `project_doc_max_bytes`
78
+ - `project_doc_fallback_filenames`
79
+
80
+ ### 3.3 One-off CLI overrides
81
+
82
+ For a single run, you can override settings from the command line.
83
+
84
+ Preferred options:
85
+
86
+ - use dedicated flags when available, such as `--model`
87
+ - use `-c` or `--config` for arbitrary keys
88
+
89
+ Examples from the official docs:
90
+
91
+ ```bash
92
+ codex --model gpt-5.4
93
+ codex --config model='"gpt-5.4"'
94
+ codex --config sandbox_workspace_write.network_access=true
95
+ codex --config 'shell_environment_policy.include_only=["PATH","HOME"]'
96
+ ```
97
+
98
+ Important note:
99
+
100
+ - `--config` values are parsed as TOML, not JSON
101
+ - nested keys can use dot notation
102
+ - if a value cannot be parsed as TOML, Codex treats it as a string
103
+
104
+ ### 3.4 Profiles
105
+
106
+ Profiles are named sets of config overrides stored in `config.toml`.
107
+
108
+ Official behavior:
109
+
110
+ - define them under `[profiles.<name>]`
111
+ - select one with `codex --profile <name>`
112
+ - set a default profile with top-level `profile = "<name>"`
113
+ - profiles are experimental
114
+ - profiles are not currently supported in the Codex IDE extension
115
+ - a selected profile can override `model_catalog_json`
116
+
117
+ Core keys:
118
+
119
+ - `profile`
120
+ - `profiles.<name>.*`
121
+ - `profiles.<name>.model_catalog_json`
122
+ - `profiles.<name>.model_instructions_file`
123
+ - `profiles.<name>.web_search`
124
+ - `profiles.<name>.windows.sandbox`
125
+ - profile-scoped versions of analytics, reasoning, personality, service tier, and OSS provider settings
126
+
127
+ Example:
128
+
129
+ ```toml
130
+ model = "gpt-5.4"
131
+ approval_policy = "on-request"
132
+ profile = "deep-review"
133
+
134
+ [profiles.deep-review]
135
+ model = "gpt-5-pro"
136
+ model_reasoning_effort = "high"
137
+ approval_policy = "never"
138
+ ```
139
+
140
+ ## 4. `config.toml` by topic
141
+
142
+ ### 4.1 Model, reasoning, and response style
143
+
144
+ These keys define what model Codex uses and how it behaves.
145
+
146
+ Common keys:
147
+
148
+ - `model`: active model id, for example `gpt-5.5`
149
+ - `model_reasoning_effort`: `minimal | low | medium | high | xhigh`
150
+ - `model_reasoning_summary`: `auto | concise | detailed | none`
151
+ - `model_verbosity`: `low | medium | high`
152
+ - `model_context_window`: context window size
153
+ - `model_auto_compact_token_limit`: threshold for automatic compaction
154
+ - `service_tier`: `flex | fast`
155
+ - `personality`: `none | friendly | pragmatic`
156
+ - `plan_mode_reasoning_effort`: Plan-mode reasoning override
157
+
158
+ Important notes from the official docs:
159
+
160
+ - `model_reasoning_effort` applies to supported models using the Responses API
161
+ - `model_verbosity` applies only to providers using the Responses API
162
+ - Chat Completions providers ignore `model_verbosity`
163
+
164
+ ### 4.2 Web search
165
+
166
+ Codex exposes web search as a first-class setting.
167
+
168
+ Key:
169
+
170
+ - `web_search`: `disabled | cached | live`
171
+
172
+ Official behavior:
173
+
174
+ - default is `"cached"`
175
+ - cached mode uses an OpenAI-maintained index and does not fetch live pages
176
+ - if you use `--yolo` or another full access sandbox setup, the default becomes `"live"`
177
+ - use `"live"` for the most recent data
178
+ - use `"disabled"` to remove the tool
179
+
180
+ Legacy feature flags such as `features.web_search`, `features.web_search_cached`, and `features.web_search_request` still exist, but the official reference treats them as deprecated in favor of the top-level `web_search` key.
181
+
182
+ ### 4.3 Providers and API routing
183
+
184
+ Codex separates the active provider id from the provider definitions.
185
+
186
+ Core keys:
187
+
188
+ - `model_provider`
189
+ - `model_providers.<id>`
190
+ - `model_providers.<id>.base_url`
191
+ - `model_providers.<id>.env_key`
192
+ - `model_providers.<id>.env_key_instructions`
193
+ - `model_providers.<id>.http_headers`
194
+ - `model_providers.<id>.env_http_headers`
195
+ - `model_providers.<id>.query_params`
196
+ - `model_providers.<id>.request_max_retries`
197
+
198
+ Authentication options for custom providers include:
199
+
200
+ - `env_key`
201
+ - `experimental_bearer_token`
202
+ - command-backed bearer token auth via `model_providers.<id>.auth.*`
203
+
204
+ The official docs explicitly recommend `env_key` over direct bearer tokens.
205
+
206
+ Built-in or reserved provider behavior:
207
+
208
+ - `openai`, `ollama`, and `lmstudio` are reserved ids
209
+ - they cannot be overridden by custom providers
210
+ - `amazon-bedrock` is available as a built-in provider with nested AWS settings
211
+
212
+ Related Bedrock keys:
213
+
214
+ - `model_providers.amazon-bedrock.aws.profile`
215
+ - `model_providers.amazon-bedrock.aws.region`
216
+
217
+ ### 4.3.1 `openai_base_url` vs custom providers
218
+
219
+ If you only want to point the built-in OpenAI provider to a proxy, router, or residency-specific endpoint, use:
220
+
221
+ ```toml
222
+ openai_base_url = "https://us.api.openai.com/v1"
223
+ ```
224
+
225
+ Use a custom `model_providers.<id>` entry when you need a separate provider identity, different auth wiring, or custom headers/query params.
226
+
227
+ ### 4.3.2 OSS mode
228
+
229
+ Codex can target local open-source backends when run with `--oss`.
230
+
231
+ Key:
232
+
233
+ - `oss_provider`: `lmstudio | ollama`
234
+
235
+ If `--oss` is passed without an explicit provider, Codex uses `oss_provider` as the default local provider.
236
+
237
+ ### 4.4 Approval policy and sandboxing
238
+
239
+ These keys control how much Codex can do without pausing and how much local access subprocesses receive.
240
+
241
+ Main keys:
242
+
243
+ - `approval_policy`
244
+ - `approvals_reviewer`
245
+ - `sandbox_mode`
246
+ - `sandbox_workspace_write.network_access`
247
+ - `sandbox_workspace_write.writable_roots`
248
+ - `sandbox_workspace_write.exclude_slash_tmp`
249
+ - `sandbox_workspace_write.exclude_tmpdir_env_var`
250
+ - `windows.sandbox`
251
+ - `windows.sandbox_private_desktop`
252
+
253
+ Top-level `approval_policy` supports:
254
+
255
+ - `untrusted`
256
+ - `on-request`
257
+ - `never`
258
+ - granular mode:
259
+
260
+ ```toml
261
+ approval_policy = { granular = {
262
+ sandbox_approval = true,
263
+ rules = true,
264
+ mcp_elicitations = false,
265
+ request_permissions = true,
266
+ skill_approval = true
267
+ } }
268
+ ```
269
+
270
+ Granular subkeys include:
271
+
272
+ - `approval_policy.granular.sandbox_approval`
273
+ - `approval_policy.granular.rules`
274
+ - `approval_policy.granular.mcp_elicitations`
275
+ - `approval_policy.granular.request_permissions`
276
+ - `approval_policy.granular.skill_approval`
277
+
278
+ Sandbox mode values:
279
+
280
+ - `read-only`
281
+ - `workspace-write`
282
+ - `danger-full-access`
283
+
284
+ This is the main policy combination most teams tune first:
285
+
286
+ - approval strictness determines when Codex pauses
287
+ - sandbox mode determines file and network boundaries
288
+
289
+ ### 4.5 Named permission profiles
290
+
291
+ Codex also supports reusable permission profiles through:
292
+
293
+ - `default_permissions`
294
+ - `[permissions.<name>]`
295
+
296
+ Built-in profile names:
297
+
298
+ - `:read-only`
299
+ - `:workspace`
300
+ - `:danger-no-sandbox`
301
+
302
+ Custom profiles can define filesystem and network policy, including:
303
+
304
+ - `permissions.<name>.filesystem`
305
+ - `permissions.<name>.network.enabled`
306
+ - `permissions.<name>.network.mode`
307
+ - `permissions.<name>.network.domains`
308
+ - `permissions.<name>.network.proxy_url`
309
+ - `permissions.<name>.network.socks_url`
310
+ - `permissions.<name>.network.unix_sockets`
311
+
312
+ Use this when sandbox defaults are not enough and you need a reusable local policy shape.
313
+
314
+ ### 4.6 Shell environment policy
315
+
316
+ Codex lets you control which environment variables are passed to subprocesses.
317
+
318
+ Main table:
319
+
320
+ ```toml
321
+ [shell_environment_policy]
322
+ inherit = "none"
323
+ set = { PATH = "/usr/bin", MY_FLAG = "1" }
324
+ ignore_default_excludes = false
325
+ exclude = ["AWS_*", "AZURE_*"]
326
+ include_only = ["PATH", "HOME"]
327
+ ```
328
+
329
+ Important keys:
330
+
331
+ - `shell_environment_policy.inherit`: `all | core | none`
332
+ - `shell_environment_policy.set`
333
+ - `shell_environment_policy.exclude`
334
+ - `shell_environment_policy.include_only`
335
+ - `shell_environment_policy.ignore_default_excludes`
336
+ - `shell_environment_policy.experimental_use_profile`
337
+
338
+ Official behavior:
339
+
340
+ - filters are case-insensitive glob patterns
341
+ - when `ignore_default_excludes = false`, Codex keeps the automatic `KEY` / `SECRET` / `TOKEN` filtering before your rules run
342
+
343
+ This is the main tool for preventing secret leakage to subprocesses while still supplying required paths or flags.
344
+
345
+ ### 4.7 Instructions, AGENTS.md, and project guidance
346
+
347
+ Codex supports both built-in instruction replacement and project document discovery.
348
+
349
+ Relevant keys:
350
+
351
+ - `model_instructions_file`
352
+ - `project_doc_max_bytes`
353
+ - `project_doc_fallback_filenames`
354
+
355
+ Official behavior:
356
+
357
+ - `model_instructions_file` replaces built-in instructions instead of relying on `AGENTS.md`
358
+ - Codex reads `AGENTS.md` and related files and includes a limited amount of project guidance in the first turn
359
+ - `project_doc_max_bytes` limits how much is read from each `AGENTS.md`
360
+ - `project_doc_fallback_filenames` adds alternate filenames when `AGENTS.md` is missing
361
+
362
+ ### 4.8 Hooks, agents, and feature flags
363
+
364
+ Codex has a large feature surface, but a few keys matter most for local config.
365
+
366
+ Useful feature keys:
367
+
368
+ - `features.codex_hooks`
369
+ - `features.codex_git_commit`
370
+ - `features.apps`
371
+ - `features.memories`
372
+ - `features.multi_agent`
373
+ - `features.personality`
374
+ - `features.shell_tool`
375
+ - `features.shell_snapshot`
376
+ - `features.fast_mode`
377
+
378
+ The advanced config guide calls out hooks as experimental.
379
+
380
+ Hook-related locations:
381
+
382
+ - `~/.codex/hooks.json`
383
+ - `~/.codex/config.toml`
384
+ - `<repo>/.codex/hooks.json`
385
+ - `<repo>/.codex/config.toml`
386
+
387
+ Project-local hooks follow the same trust behavior as project-local config.
388
+
389
+ ### 4.9 Notifications and TUI options
390
+
391
+ Codex supports both external notifications and TUI-native notifications.
392
+
393
+ External notification key:
394
+
395
+ - `notify`: command array that receives a JSON payload
396
+
397
+ TUI notification keys:
398
+
399
+ - `tui.notifications`
400
+ - `tui.notification_method`: `auto | osc9 | bel`
401
+ - `tui.notification_condition`: `unfocused | always`
402
+
403
+ Other common TUI keys:
404
+
405
+ - `tui.animations`
406
+ - `tui.alternate_screen`
407
+ - `tui.status_line`
408
+ - `tui.terminal_title`
409
+ - `tui.theme`
410
+ - `tui.show_tooltips`
411
+
412
+ The advanced config guide distinguishes:
413
+
414
+ - `notify`: use this for webhooks, desktop notifiers, CI hooks, or any external side-channel
415
+ - `tui.notifications`: built-in terminal notifications for the interactive UI
416
+
417
+ ### 4.10 History, citations, and local UX
418
+
419
+ History keys:
420
+
421
+ - `history.persistence`: `save-all | none`
422
+ - `history.max_bytes`
423
+
424
+ Official behavior:
425
+
426
+ - local history is stored under `CODEX_HOME`
427
+ - setting `history.persistence = "none"` disables local history persistence
428
+ - if `history.max_bytes` is exceeded, Codex compacts the file by dropping the oldest entries
429
+
430
+ Citation/terminal integration key:
431
+
432
+ - `file_opener`: `vscode | vscode-insiders | windsurf | cursor | none`
433
+
434
+ This controls how file citations are rewritten into clickable editor links in supporting terminals or editor integrations.
435
+
436
+ ### 4.11 Telemetry and analytics
437
+
438
+ Codex distinguishes between lightweight analytics and full OpenTelemetry export.
439
+
440
+ Analytics key:
441
+
442
+ - `analytics.enabled`
443
+
444
+ OpenTelemetry keys:
445
+
446
+ - `otel.environment`
447
+ - `otel.exporter`
448
+ - `otel.exporter.<id>.endpoint`
449
+ - `otel.exporter.<id>.headers`
450
+ - `otel.exporter.<id>.protocol`
451
+ - `otel.exporter.<id>.tls.*`
452
+ - `otel.log_user_prompt`
453
+ - `otel.metrics_exporter`
454
+ - `otel.trace_exporter`
455
+ - `otel.trace_exporter.<id>.*`
456
+
457
+ Important official behavior:
458
+
459
+ - `otel.exporter = "none"` means Codex records events but sends nothing
460
+ - exporters batch asynchronously and flush on shutdown
461
+ - event metadata includes model, sandbox settings, approval settings, CLI version, conversation id, and related fields
462
+ - `otel.log_user_prompt` is opt-in for exporting raw user prompts
463
+
464
+ Use `analytics.enabled` when you only need a high-level machine/profile switch.
465
+
466
+ Use `otel.*` when you need structured logs, traces, or metrics in your observability stack.
467
+
468
+ ## 5. `requirements.toml`
469
+
470
+ `requirements.toml` is an admin-enforced configuration layer for security-sensitive settings that users cannot override.
471
+
472
+ The official reference describes it as a constraint system rather than a convenience layer.
473
+
474
+ High-level purpose:
475
+
476
+ - restrict which approval policies are allowed
477
+ - restrict which sandbox modes are allowed
478
+ - restrict which web search modes are allowed
479
+ - pin or disable selected features
480
+
481
+ Key families called out in the official reference:
482
+
483
+ - `allowed_approval_policies`
484
+ - `allowed_approvals_reviewers`
485
+ - `allowed_sandbox_modes`
486
+ - `allowed_web_search_modes`
487
+ - `[features]`
488
+ - `features.<name>`
489
+
490
+ Examples of feature constraints explicitly called out:
491
+
492
+ - `features.browser_use = false`
493
+ - `features.computer_use = false`
494
+ - `features.in_app_browser = false`
495
+
496
+ The official docs also note that:
497
+
498
+ - omitted feature keys remain unconstrained
499
+ - `disabled` is always allowed for `web_search`
500
+ - an empty `allowed_web_search_modes` list effectively allows only `disabled`
501
+
502
+ For enterprise setups, the reference also points to managed or cloud-fetched requirements and to admin/security documentation for precedence details.
503
+
504
+ ## 6. Practical examples
505
+
506
+ ### 6.1 Conservative daily default
507
+
508
+ ```toml
509
+ model = "gpt-5.5"
510
+ approval_policy = "on-request"
511
+ sandbox_mode = "workspace-write"
512
+ web_search = "cached"
513
+ profile = "daily"
514
+
515
+ [profiles.daily]
516
+ model_reasoning_effort = "medium"
517
+ service_tier = "flex"
518
+ ```
519
+
520
+ ### 6.2 OpenAI through a proxy
521
+
522
+ ```toml
523
+ model = "gpt-5.5"
524
+ openai_base_url = "https://us.api.openai.com/v1"
525
+ ```
526
+
527
+ Use this when you still want the built-in `openai` provider behavior and only need a different base URL.
528
+
529
+ ### 6.3 Custom provider with env-based auth
530
+
531
+ ```toml
532
+ model = "gpt-5.4"
533
+ model_provider = "proxy"
534
+
535
+ [model_providers.proxy]
536
+ name = "OpenAI via team gateway"
537
+ base_url = "https://proxy.example.com/v1"
538
+ env_key = "OPENAI_API_KEY"
539
+ http_headers = { "X-Team" = "platform" }
540
+ ```
541
+
542
+ ### 6.4 Locked-down shell environment
543
+
544
+ ```toml
545
+ [shell_environment_policy]
546
+ inherit = "none"
547
+ include_only = ["PATH", "HOME"]
548
+ exclude = ["AWS_*", "AZURE_*"]
549
+ ignore_default_excludes = false
550
+ ```
551
+
552
+ ### 6.5 Disable local history
553
+
554
+ ```toml
555
+ [history]
556
+ persistence = "none"
557
+ ```
558
+
559
+ ### 6.6 Basic OTEL logging
560
+
561
+ ```toml
562
+ [otel]
563
+ environment = "prod"
564
+ exporter = { otlp-http = {
565
+ endpoint = "https://otel.example.com/v1/logs",
566
+ protocol = "binary"
567
+ }}
568
+ log_user_prompt = false
569
+ ```
570
+
571
+ ### 6.7 Admin-enforced requirements
572
+
573
+ ```toml
574
+ allowed_approval_policies = ["on-request", "never"]
575
+ allowed_sandbox_modes = ["read-only", "workspace-write"]
576
+ allowed_web_search_modes = ["cached"]
577
+
578
+ [features]
579
+ browser_use = false
580
+ computer_use = false
581
+ ```
582
+
583
+ ## 7. Recommended reading strategy
584
+
585
+ Use this document for:
586
+
587
+ - understanding how the config system is organized
588
+ - choosing the right config layer
589
+ - finding the right key family quickly
590
+
591
+ Go back to the official reference when you need:
592
+
593
+ - every single supported key
594
+ - full type information for a rare key
595
+ - exact nested schema for provider auth, permissions, hooks, or OTEL exporters
596
+ - the latest values added after 2026-05-14
597
+
598
+ ## 8. Notable update notes from the official pages
599
+
600
+ - `experimental_instructions_file` has been renamed to `model_instructions_file`
601
+ - `approval_policy = "on-failure"` is deprecated
602
+ - legacy `features.web_search*` toggles are deprecated in favor of top-level `web_search`
603
+ - profiles are still experimental
604
+ - profiles are not currently supported in the Codex IDE extension