core-agent-ide

core/core-agent-ide

Fork 0

Commit graph

Author	SHA1	Message	Date
gt-oai	886d9377d3	Cache cloud requirements (#11305 ) We're loading these from the web on every startup. This puts them in a local file with a 1hr TTL. We sign the downloaded requirements with a key compiled into the Codex CLI to prevent unsophisticated tampering (determined circumvention is outside of our threat model: after all, one could just compile Codex without any of these checks). If any of the following are true, we ignore the local cache and re-fetch from Cloud: * The signature is invalid for the payload (== requirements, sign time, ttl, user identity) * The identity does not match the auth'd user's identity * The TTL has expired * We cannot parse requirements.toml from the payload	2026-02-11 14:06:41 +00:00
Michael Bolin	40bf11bd52	chore: fix the build breakage that came from a merge race (#10239 ) I think I needed to rebase on top of https://github.com/openai/codex/pull/10167 before merging https://github.com/openai/codex/pull/10208.	2026-01-30 10:29:54 -08:00
gt-oai	e85d019daa	Fetch Requirements from cloud (#10167 ) Load requirements from Codex Backend. It only does this for enterprise customers signed in with ChatGPT. Todo in follow-up PRs: * Add to app-server and exec too * Switch from fail-open to fail-closed on failure	2026-01-30 12:03:29 +00:00

Author

SHA1

Message

Date

gt-oai

886d9377d3

Cache cloud requirements (#11305 )

We're loading these from the web on every startup. This puts them in a
local file with a 1hr TTL.

We sign the downloaded requirements with a key compiled into the Codex
CLI to prevent unsophisticated tampering (determined circumvention is
outside of our threat model: after all, one could just compile Codex
without any of these checks).

If any of the following are true, we ignore the local cache and re-fetch
from Cloud:
* The signature is invalid for the payload (== requirements, sign time,
ttl, user identity)
* The identity does not match the auth'd user's identity
* The TTL has expired
* We cannot parse requirements.toml from the payload

2026-02-11 14:06:41 +00:00

Michael Bolin

40bf11bd52

chore: fix the build breakage that came from a merge race (#10239 )

I think I needed to rebase on top of
https://github.com/openai/codex/pull/10167 before merging
https://github.com/openai/codex/pull/10208.

2026-01-30 10:29:54 -08:00

gt-oai

e85d019daa

Fetch Requirements from cloud (#10167 )

Load requirements from Codex Backend. It only does this for enterprise
customers signed in with ChatGPT.

Todo in follow-up PRs:
* Add to app-server and exec too
* Switch from fail-open to fail-closed on failure

2026-01-30 12:03:29 +00:00

3 commits