v6.0.0

Major Rebrand and Beginner Operations Release

This release introduces the oc-codex-multi-auth package line and beginner-focused operations tooling. Read the migration notes before upgrading or publishing.

• Breaking rebrand: the plugin, repo, installer, and package surfaces now use oc-codex-multi-auth instead of oc-chatgpt-multi-auth.
• Runtime account storage now writes oc-codex-multi-auth-accounts.json and oc-codex-multi-auth-flagged-accounts.json, with automatic migration from legacy file names on first load.
• Beginner operations: added codex-help, codex-setup (wizard/fallback), codex-doctor fix, codex-next, codex-tag, codex-note, interactive pickers, startup preflight summary, and safer export/import flows.
• Operational hardening: improved non-interactive guidance, zero-account import handling, and installer cache cleanup during the package cutover.

Breaking Changes

• Update your OpenCode plugin entry from oc-chatgpt-multi-auth to oc-codex-multi-auth.
• The package, repo, plugin manifest, installer surface, and public docs now all use the new oc-codex-multi-auth name.
• Existing storage migrates automatically; no manual account export/import is required for the rename itself.

Added

• Beginner operations toolkit: codex-help, codex-setup, codex-doctor fix, and codex-next.
• Account metadata commands: codex-tag and codex-note, plus tag filtering in codex-list.
• Interactive account pickers for codex-switch, codex-label, and codex-remove when the terminal supports them.
• Safer backup/import controls: timestamped export paths, codex-import dry-run preview, and automatic pre-import backup on apply.
• Beginner safe mode via beginnerSafeMode and CODEX_AUTH_BEGINNER_SAFE_MODE.
• One-time startup preflight summary with recommended next action.

Changed

• V3 account metadata now includes optional accountTags and accountNote.
• README, docs portal, FAQ, and development docs now reflect the codex-first operational flow and the rebranded package line.
• Public package metadata, plugin manifest, installer scripts, and setup skill now match oc-codex-multi-auth.
• Test coverage now includes beginner helpers, safe-fix diagnostics, tag/note behavior, and timestamped backup/import utilities.

Fixed

• Optional-index commands now give clear usage guidance when interactive menus are unavailable.
• codex-doctor fix now reports a clean non-crashing result when no eligible account exists for auto-switch.
• codex-import no longer fails on empty storage when no backup is available to export first.
• Installer cache cleanup now removes both the old and new package names so stale cached artifacts do not survive the cutover.

Commit Summary

• a7a24ee Keep repository language stats aligned with TypeScript source (#105)
• 4ba99b2 chore: align repo ownership metadata to ndycode
• 8b1fab5 docs: remove legacy package name from public docs
• 2f5f5d6 Merge pull request #104 from ndycode/git-plan/oc-codex-multi-auth-rebrand
• 965eb4a docs: refresh codex-first rebrand and cutover notes
• 6140ee1 feat!: rename package and migrate runtime storage
• 4bef594 Add Codex plugin manifest and setup skill

Full Changelog: v5.4.9...v6.0.0

v5.4.9

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

• Makes the installer default to a merged full catalog so new installs expose both modern base models and the full explicit preset catalog without hand-editing opencode.json.
• Keeps --modern and --legacy as explicit opt-outs while hardening installer writes with atomic temp-file persistence, Windows EPERM/EBUSY retry handling, and redacted error logging.
• Fixes --help to short-circuit before conflicting mode validation and preserves the full-catalog merge path with regression coverage.

Commit Summary

• f88fcc1 docs: clarify modern model preset catalog
• 000cf1f fix: default installer to full model catalog
• c1b4e6b fix: address pr review follow-ups
• 335362f fix: harden installer writes and test full mode
• ff25f75 Merge branch 'main' into fix/issue-98-model-catalog-docs
• 5ba83ff fix: unpin cached plugin without clearing cache
• fcbf613 fix: harden full catalog installer safeguards
• 1347126 Guard full template provider spreads
• eee2374 Merge pull request #100 from ndycode/fix/issue-98-model-catalog-docs
• e3df6f2 Release v5.4.9

v5.4.8

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

• Adds JSON output support and routing visibility for read-only Codex ops so automation can inspect status, metrics, dashboard, and doctor flows without scraping text output.
• Adds a first-party ChatGPT device-code login flow for SSH, WSL, and other headless environments, and unifies login finalization across browser, manual, and device-code auth paths.
• Hardens runtime and account handling around storage import parity, deactivated-workspace rotation, and dependency-audit cleanup for the shipped package.

Commit Summary

• 3b88601 add json ops output and routing visibility
• f1c62c1 tighten json ops docs and routing selection
• a0b1a5f fix: tighten json ops routing visibility
• eae34e9 Merge pull request #92 from ndycode/feat/codex-ops-json-visibility
• 3111667 refactor(auth): extract shared login runner
• 9968199 feat(auth): add device code login flow
• a56cb2c test(auth): cover device code login
• 890f122 fix(auth): redact device-code logs
• e359d02 Merge pull request #93 from ndycode/feat/device-code-auth
• 5a6d594 refactor: unify login finalization across auth flows
• eb44872 fix: tighten storage identity and persistence contracts
• b6ae45f refactor: harden runtime error contracts

v5.4.7

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

• Corrects GPT-5 legacy alias routing so gpt-5-mini and gpt-5-nano normalize to the proper GPT-5.4 Mini/Nano families, adds first-class gpt-5.4-nano support, and tightens GPT-5.4 Pro reasoning coercion/validation.
• Refreshes shipped config metadata for the GPT-5.4 family and Codex models, including the current context-window values, new GPT-5.4 Pro/Nano entries, and updated config template guidance.
• Preserves caller-supplied max_output_tokens in transformed Responses requests instead of silently clearing explicit output budgets.
• Treats built-in Responses tools as first-class bridge/runtime entries and expands passthrough coverage for newer Responses API request fields.

Commit Summary

• 821678b fix: tighten workspace identity follow-ups
• d9beaab test: close pr86 greptile follow-ups
• f9db58f Merge pull request #86 from ndycode/fix/pr85-greptile-followups
• f7d203b fix: correct model alias mapping, add gpt-5.4-nano, validate Pro reasoning
• be7a969 fix: update config metadata for gpt-5.4 family and Codex context windows
• 5657d20 fix: preserve max_output_tokens in transformed requests
• 4de1a27 feat: treat built-in Responses tools as first-class bridge entries
• 6411373 feat: add prompt cache diagnostics to codex-doctor
• a9453ac fix: redact prompt cache keys in doctor output
• 902194e fix: align prompt cache metrics with fetch attempts
• 4445528 fix: clarify gpt-5 alias comments and pro coercion logs
• cd6cbc7 docs: clarify max output token passthrough safety

v5.4.6

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

• Gracefully handles deactivated_workspace responses by removing and flagging only the dead workspace entry instead of dropping healthy siblings that share the same user or refresh token.
• Preserves workspace identity during doctor/health cleanup and keeps deactivated workspaces out of verify-flagged restore and quota-probe paths so the wrong account is not restored or removed.
• Expands regression coverage for deactivated-workspace detection, org-scoped cleanup, and flagged-account restore behavior.

Commit Summary

• 8cd8574 docs: refresh config guidance for current main structure
• f667464 fix: gracefully handle deactivated_workspace by removing only the dead workspace entry
• de8615b fix: preserve workspace identity in flagged cleanup
• c0b51aa fix: keep deactivated workspaces out of restore flow
• 85877c1 Merge pull request #85 from dengerouzzz/main
• 0c8f64a chore(release): v5.4.6

v5.4.5

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

• Added first-class gpt-5.4-mini support across model normalization, prompt-family routing, shipped config templates, and configuration docs.
• Expanded regression coverage for GPT-5.4 Mini model mapping, prompt-cache isolation, request transformation, and reasoning behavior while preserving legacy gpt-5-mini / gpt-5-nano alias semantics.
• Refreshed the README/docs presentation and repository metadata surfaces for the current operational workflow.
• Added anti-slop PR screening guardrails via the repository PR template and quality workflow.

Commit Summary

• 7fd7017 Refresh docs and repo presentation
• 4b4ef5f chore: add anti-slop PR screening workflow (#81)
• 7ae7cb8 feat(models): phase 1 - add gpt-5.4-mini core normalization
• d218dd0 feat(models): phase 2 - wire gpt-5.4-mini family surfaces
• 2b18fe7 test(models): phase 3 - cover gpt-5.4-mini behavior
• 6a0bea3 fix(models): preserve legacy lightweight reasoning behavior
• 621e80e Potential fix for pull request finding
• e9197f9 fix(models): address PR review feedback for gpt-5.4-mini
• d8e0e36 Merge branch 'pr-83-release-validate' into release/pr83-validate
• ef44165 chore(release): v5.4.5

v5.4.4

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

• Hardened codex-limits usage fetching with AbortController timeouts, capped/redacted upstream error handling, and consistent abort-path coverage.
• Fixed credential deduplication so accounts without refresh tokens are preserved instead of collapsing into a single entry.
• Preserved active-account labeling across deduplicated credentials and aligned fetched usage context with the displayed active account.
• Moved refreshed-credential persistence onto fresh storage transactions to avoid stale-write races and improve Windows file-lock resilience.

Commit Summary

• 63e94ee fix(codex-limits): deduplicate accounts by refreshToken to avoid duplicate display
• 549c137 fix(codex-limits): harden deduped usage refresh
• 155eba0 revert: undo accidental pr-70 push to main
• 3afc5d7 fix(codex-limits): harden usage fetch and dedup refresh
• bc2d0f7 chore(release): v5.4.4

v5.4.3

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

• Added GPT-5.4 snapshot alias normalization for gpt-5.4-2026-03-05* and gpt-5.4-pro-2026-03-05* IDs (including effort suffix variants).
• Updated legacy GPT-5 aliases (gpt-5, gpt-5-mini, gpt-5-nano) to normalize to gpt-5.4 as the default general family.
• Split GPT-5.4 Pro prompt-family handling from GPT-5.4 for independent prompt/cache routing while preserving fallback behavior (gpt-5.4-pro -> gpt-5.4).
• Updated OpenCode templates/docs for GPT-5.4 1M context defaults and optional compact-window tuning guidance.

Commit Summary

• bd79669 feat: add gpt-5.4.3 model + opencode compatibility updates
• 4d5d478 feat: default to gpt-5.4 and seed project storage fallback
• 610440b fix: address PR review comments for GPT-5.4.3 support
• 4e5ca32 fix: resolve second-round PR review findings
• c13baa7 fix: finalize gpt-5.4.3 review follow-ups
• f7129ce docs: clarify shipped template count excludes optional models
• 49cc579 docs: align template count wording with review guidance
• 0190f36 docs: improve core API doc coverage for review confidence

v5.4.2

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

• Added GPT-5.4 runtime support as the latest general-purpose family across model normalization/map, prompt-family routing, quota probes, and fallback handling.
• Added optional/manual GPT-5.4 Pro support, including the default fallback edge gpt-5.4-pro -> gpt-5.4 in fallback mode.
• Hardened GPT-5.4 family detection with boundary-aware matching to prevent accidental normalization/family routing for nearby version strings (for example gpt-5.4).
• Refreshed config templates and documentation to default to GPT-5.4 and document GPT-5.4 Pro reasoning/coercion behavior.

Commit Summary

• a791d03 chore(release): bump package version to 5.4.1
• 67b9c76 feat: add GPT-5.4 support in v5.4.2
• 5da9117 fix: address CodeRabbit and Greptile review findings
• 6236864 docs,test: apply remaining review nits from 3900326193
• 44b8a2c 📝 CodeRabbit Chat: Add unit tests for pull request changes
• 2228e77 fix: harden gpt-5.4 matching and close review gaps
• e75d6a5 Merge pull request #65 from ndycode/feat/gpt-5.4-support-v5.4.2

v5.4.1

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

• Hardened auth-refresh failure handling for grouped removals by guarding the zero-removal path and applying refresh-token-scoped cooldown to live accounts.
• Cleared stale in-memory auth-failure counters when refresh tokens rotate during auth updates to prevent false-positive removals.
• Added regression coverage for zero grouped-removal handling and rotated refresh-token failure-state cleanup.

Commit Summary

• cda37b1 docs(changelog): scope 5.4.0 notes to identity branch changes
• 9508791 fix: preserve organization variants during deduplication and add org header
• 5b12625 fix(auth): phase 5 - avoid cascading org account removals
• c655e3e fix(auth): phase 6 - address PR review edge cases
• a86cb0d test: close PR review gaps for shared refresh-token flow
• efbf7f6 fix(storage): preserve workspace account variants during persistence
• b9182dc test(accounts): cover workspace retention with rate-limited variants
• cac9f72 fix(accounts): preserve persisted workspace variants and verify runtime filtering
• 21601d2 fix(index): guard zero grouped-removal on auth failures
• c6531ab fix(auth): cooldown live accounts on zero grouped removal
• be0039d fix(auth): clear stale failure counters on token rotation
• a404a0a Merge pull request #64 from sdip15fa/fix/multi-org-account-resolution