Owen Lin f50e88db82 check for large binaries in CI (#14382) ... Prevent binaries >500KB from being committed. And maintain an allowlist if we need to bypass on a case-by-case basis. I checked the currently tracked binary-like assets in the repo. There are only 5 obvious committed binaries by extension/MIME type: - `.github/codex-cli-splash.png`: `838,131` bytes, about `818 KiB` - `codex-rs/vendor/bubblewrap/bubblewrap.jpg`: `40,239` bytes, about `39 KiB` - `codex-rs/skills/src/assets/samples/skill-creator/assets/skill-creator.png`: `1,563` bytes - `codex-rs/skills/src/assets/samples/openai-docs/assets/openai.png`: `1,429` bytes - `codex-rs/skills/src/assets/samples/skill-installer/assets/skill-installer.png`: `1,086` bytes So `500 KB` looks like a good default for this repo. It would only trip on one existing intentional asset, which keeps the allowlist small and the policy easy to understand. Here's a smoke-test from a throwaway branch that tries to commit a large binary: https://github.com/openai/codex/actions/runs/22971558828/job/66689330435?pr=14383		2026-03-11 22:39:08 +00:00
..
install	Add Windows direct install script (#12741)	2026-03-03 09:25:50 -08:00
asciicheck.py	Enforce ASCII in README.md (#513)	2025-04-22 10:07:40 -04:00
check-module-bazel-lock.sh	bazel: enforce MODULE.bazel.lock sync with Cargo.lock (#11790)	2026-02-14 02:11:19 +00:00
check_blob_size.py	check for large binaries in CI (#14382)	2026-03-11 22:39:08 +00:00
debug-codex.sh	Enable plan tool by default (#5384)	2025-10-21 16:25:05 +00:00
mock_responses_websocket_server.py	WebSocket test server script (#9175)	2026-01-13 16:21:14 -08:00
readme_toc.py	fix: ToC so it doesn’t include itself or duplicate the end marker (#4388)	2025-11-05 14:52:51 -08:00
stage_npm_packages.py	# Use @openai/codex dist-tags for platform binaries instead of separate package names (#11339)	2026-02-10 10:33:47 -08:00