OpenAI's Codex CLI shipped eleven pre-release builds in under four days — and as of June 23 there is still no stable 0.142.0 tag. Here is what that cadence actually signals.
The bursty 0.142.0 alpha sprint — what 42 contributors were hardening
The Codex 0.142.0 alpha sprint was a compressed integration train, not a routine point bump: eleven pre-release builds (alpha.1 through alpha.11) landed between June 18 and June 21, 2026, with four of them arriving on June 19 alone . Codex CLI is OpenAI's open-source, Rust-built coding agent, and this burst is an unusually dense pre-release cycle for a single minor version.
The endpoints frame the pace. Alpha.1 was cut at 05:51 UTC on June 18 (commit d3b5279), and alpha.10 followed at 20:55 UTC on June 21 (commit 8a8719f) . That is roughly 90 hours from first to last alpha, with multiple builds stacked into single UTC days.
| Metric (rust-v0.141.0 → rust-v0.142.0-alpha.10) | Value |
|---|---|
| Pre-release alpha builds | 11 (alpha.1–alpha.11) |
| Calendar window | Jun 18–21, 2026 (~90 hours) |
| Commits in compare view | 147 |
| Changed files | 769 |
| Contributors | 42 |
The scale shows up in the diff. GitHub's compare view for rust-v0.141.0 against rust-v0.142.0-alpha.10 reports 147 commits, 769 changed files, and 42 contributors — large enough that GitHub could not fully render the comparison inline in the browser .
None of this is on the stable track yet. GitHub still tagged 0.141.0 as the Latest release while every 0.142.0 build carried pre-release status, opt-in only through GitHub release binaries or the npm pre-release channel .
A multi-alpha-per-day cadence like this is characteristic of a large transport refactor rather than feature polish. When subsystems keep conflicting — here, the encrypted remote-executor path and the per-thread plugin pipeline — each alpha is a stabilization checkpoint, and the train does not get a stable tag until the integration stops breaking itself.
Noise channels: authenticated end-to-end encrypted transport
The core of that refactor is the transport itself. With the 0.141.0 line, Codex replaced its prior remote-executor transport with authenticated, end-to-end encrypted Noise channels . That gives cross-machine executor orchestration a cryptographic guarantee the old path lacked: a worker on one host and the coordinating client on another now negotiate a mutually authenticated, encrypted session before any code runs.
Noise is the same protocol framework that underpins WireGuard. It provides mutual authentication and forward secrecy from a small set of handshake patterns, rather than bolting those properties onto an ad-hoc channel. Before 0.141.0, Codex's remote executor path had neither guarantee — remote execution worked, but the link carrying it was not built on a transport designed for confidentiality and peer identity. Moving that path onto Noise is why the alpha train reads as a transport refactor, not feature polish.
The 0.141.0 notes also call out the failure mode that motivated the stabilization checkpoints: idle Noise relay connections previously went unstable under inactivity. The release fixes that and confirms a related interaction — user input now immediately interrupts a waiting executor instead of stalling behind a dormant channel . For anyone scripting long-lived remote sessions, that is the difference between a hung agent and a responsive one.
Encryption is only half of what changed. Cross-platform execution now preserves the executor's native environment — its working directories, shells, and filesystem permissions — rather than flattening everything to the calling machine's context . Concretely, that matters when:
- a Linux executor runs commands a macOS client dispatched, and the executor's shell and POSIX permissions must hold;
- relative paths and the worker's own working directory have to resolve on the remote host, not the caller's;
- filesystem permission boundaries on the executor stay intact across the machine boundary.
The practical read: if you run self-hosted or cross-platform remote executors, the 0.142.0 alphas are hardening the layer you depend on most. The encrypted handshake closes a confidentiality gap, the idle-connection fix removes a stability footgun, and native-environment preservation means a remote worker behaves like it is running locally — because, in the ways that break builds, it now effectively is.
How Codex now assigns instruments to concurrent workers individually
The same 0.141.0 line that hardened the transport also changes how tools reach concurrent workers. Selected executor plugins can now activate their own stdio MCP (Model Context Protocol) servers per thread, rather than sharing one global server across every task . Each worker gets an isolated server instance, so two parallel agents can hold different tool surfaces without colliding on shared state. For orchestration, that is the meaningful shift in this cycle.
Previously a per-thread tool that mutated global state — an open connection, a cached credential, a working directory — could leak across concurrent tasks. Scoping the MCP server to the thread closes that gap. Tool availability becomes a property of the task, not the process.
Plugin routing was tightened alongside it. Plugin capabilities now route consistently by authentication mode and preserve marketplace ordering, with deduplication across installations so the same plugin registered twice no longer appears twice or in an unstable order . Marketplace-style discovery makes that ordering visible, so deterministic resolution matters more than it did with a hand-wired config.
"Selected executor plugins can activate their own stdio MCP servers per thread, with marketplace-style plugin discovery." — OpenAI Codex 0.141.0 release notes (source: github.com/openai/codex)
App-server clients picked up operations that read as Codex-as-a-service plumbing. Clients can now list child threads, correlate external-agent imports, and manage rate-limit reset credits . If you run Codex behind your own API for a team, those are the primitives you need to enumerate active work, attribute imported sessions, and meter usage.
The practical read: tool scope is now a per-task decision instead of a global one. For complex orchestration — many concurrent workers, each wired to a different toolset — that removes a class of state-collision bugs that previously forced you to serialize work or sandbox by hand. The 0.142.0 alphas are stabilizing exactly this pipeline.
P-521 TLS, SQLite WAL repair, and hook trust: robustness additions in the 0.141.0 notes
Alongside the transport and plugin work, the 0.141.0 release notes — published 18 Jun 2026 and treated as the reference for what the 0.142.0 alphas are hardening — bundle a set of unglamorous reliability fixes that clear specific deployment blockers . These are the failures that silently break Codex in corporate networks, on Windows, and in long sessions, rather than new capabilities.
The concrete fixes in this line:
- P-521 TLS certificate signatures — TLS now accepts P-521 signed chains, so enterprise proxies with non-standard cert chains stop producing hard connection failures that previously blocked a whole class of corporate deployments .
- SQLite WAL-reset corruption — SQLite was pinned and patched against a write-ahead-log inconsistency that surfaced in long-running, tool-call-heavy contexts where the WAL file could enter a bad state .
- Hook trust persistence — trust-bypass now carries through
codex execthread start, resume, and fork operations, and blocking hooks correctly reject code-mode calls; previously a hook could be bypassed on resume . - Windows sandbox repair — the Windows sandbox auto-repairs credentials and allows extended PowerShell command timeouts, addressing a category of silent failures on Windows-native executor setups .
The hook fix is the one with a security edge. If a blocking hook is your gate against unreviewed code execution, a resume-time bypass meant the gate quietly stopped applying mid-session — exactly when a long agentic run is most likely to resume.
Performance work rounds out the window: tool-search caching plus the elimination of request and history duplication cut latency and memory in large, tool-heavy sessions . None of these ship with per-alpha notes, so the practical signal is that the 0.142.0 burst is stabilizing this reliability surface rather than adding to it.
0.140.0's stable additions before the 0.142.0 alpha burst: /usage, /import, archiving
The 0.142.0 alphas did not appear from a standing start. The stable 0.140.0 release, cut on 15 June 2026 , shipped four operator-facing commands that reshaped how a session is measured, deleted, and migrated. These are the features the later alphas inherit and harden, so they are worth reading before judging the alpha train itself.
The headline is /usage, the first in-CLI token-accounting tool in Codex, reporting daily, weekly, and cumulative token activity directly in the terminal . For anyone running long agentic loops against a plan quota, that removes a guessing game that previously required external dashboards.
Session lifecycle got two new verbs. codex delete / /delete permanently removes a session, and /archive with codex archive/unarchive moves sessions into a protected state — archived sessions cannot be resumed or forked until restored . The fork-protection detail matters: it stops an archived run from silently spawning a divergent branch.
| Command | Added | What it does |
|---|---|---|
/usage | 0.140.0 | Daily / weekly / cumulative token accounting in-CLI |
codex delete / /delete | 0.140.0 | Permanent session deletion |
/archive, codex archive/unarchive | 0.140.0 | Archives sessions; resume/fork blocked until restored |
/import | 0.140.0 | Selectively migrates setup, project config, recent chats from Claude Code |
The most pointed addition is /import, which selectively migrates setup, project configuration, and recent chats from Claude Code . Direct competitor interop is now baked into the stable CLI — a low-friction defection path for developers already invested in another agent.
Three days later, 0.141.0 (18 June 2026) extended realtime voice clients: explicit speech append, control over how Codex responses enter the conversation, and an option to omit startup context . Together these set the stable baseline the 0.142.0 alphas are stabilizing on top of.
Who the 0.142.0 alpha cycle targets: Noise-channel operators vs stable-track adopters
The 0.142.0 alphas are not for everyone. The strongest case for the pre-release track is teams running self-hosted or cross-platform Codex executors: the authenticated, end-to-end encrypted Noise relay transport landed in this train and was not back-ported to 0.141.0 stable . If you orchestrate executors across machine boundaries, the alpha is where that work lives.
Two other groups have real incentive to move early:
- Developers wiring custom MCP stdio tooling per worker thread, who need the per-thread server activation and marketplace discovery from this line.
- Enterprise setups behind proxies hitting P-521 TLS hard failures, since the certificate-signature fix shipped in the same 0.141.0/0.142.0 window .
Stick with 0.141.0 stable if you run production CI pipelines, have no cross-machine orchestration, or install through paths that do not distinguish pre-release tags. GitHub still marks 0.141.0 as the Latest release while the 0.142.0 alphas sit as pre-releases .
Alpha install paths vary in friction. GitHub release binaries cover macOS (arm64/x64) and Linux — each alpha page carries 151 platform assets . The npm @openai/codex channel requires an explicit pre-release tag, and the Homebrew cask typically lags one to two alphas behind. Whichever path you pick, Codex CLI ships with ChatGPT Plus, Pro, Business, Edu, and Enterprise plans and runs fully local — no cloud routing of your codebase .
Parsing the 0.142.0 alpha cycle without per-build notes
Reading the 0.142.0 alpha cycle is an exercise in inference, because the release pages carry no changelog prose. Each alpha tag exposes only four things: the tag name, a short commit hash, a pre-release badge, and 151 platform asset links . There is no per-build "What's Changed" section, so no behavioral delta can be pinned to a specific late alpha — alpha.10 or alpha.11 — from the page alone.
The stable 0.141.0 notes (published 18 Jun 2026) remain the best available proxy for what the alphas are hardening: the Noise relay transport, per-thread MCP plugins, the P-521 TLS fix, and the SQLite WAL-reset patch . But that is aggregate attribution, not an alpha-specific manifest. As of 21 Jun 2026 there was no 0.142.0 stable tag, no OpenAI blog post framing the cycle, and no broken-out CLI entry on the developers.openai.com changelog — GitHub still marked 0.141.0 as Latest .
If you need the actual diff, skip the browser — the rust-v0.141.0…alpha.10 compare view spans 147 commits and 769 changed files and would not fully render . Read it locally or via the API instead:
git fetch origin
git log rust-v0.141.0..rust-v0.142.0-alpha.11 --oneline
# or, no HTML render cap:
GET /repos/openai/codex/compare/rust-v0.141.0...rust-v0.142.0-alpha.11The takeaway: treat eleven alphas in 90 hours as a stabilization push around encrypted remote execution and the plugin pipeline — but verify any specific change against commits, not release pages. Until a stable 0.142.0 tag lands, the alphas are signal for operators testing those subsystems, not a track to ship on.
Frequently asked questions
What is the difference between Codex CLI 0.141.0 and 0.142.0-alpha?
0.141.0 is the current stable build — GitHub still marked it as the Latest release during the research window, even with the 0.142.0 alphas published . The rust-v0.142.0-alpha.N builds are pre-release artifacts hardening the 0.142.0 line, centered on Noise relay encrypted transport and per-thread stdio MCP servers . They are opt-in only, via GitHub release binaries or the npm pre-release tag — not the stable track.
What is the Noise protocol and why did Codex switch to it?
Noise is a cryptographic protocol framework — the same design lineage as WireGuard — that provides mutual authentication and forward secrecy for a channel. The prior Codex remote-executor transport lacked those guarantees. The 0.141.0 notes describe remote executors moving to authenticated, end-to-end encrypted Noise relay channels, replacing the old transport so executor traffic is mutually authenticated across machine boundaries . That is the subsystem the eleven 0.142.0 alphas most plausibly stabilize.
Do the 0.142.0 alpha builds auto-update via npm or Homebrew?
No — not by default on any channel. The npm @openai/codex package only pulls an alpha if you explicitly install the pre-release tag; the Homebrew cask tracks stable; and GitHub release binaries require a manual download per alpha . None of these install paths move you onto a 0.142.0-alpha build without explicit opt-in, so stable-track users stay on 0.141.0 unless they choose otherwise.
Is /import from Claude Code an alpha feature or is it stable?
It is stable. /import landed in the 0.140.0 stable release on 15 June 2026, alongside /usage and session archiving . It selectively migrates setup, project config, and recent chats from Claude Code into Codex. It predates the 0.142.0 alpha burst entirely, so you do not need a pre-release build to use it — the current stable line already ships it.
How do I view the full 0.141.0-to-0.142.0 diff without GitHub timing out?
The browser compare view between rust-v0.141.0 and the 0.142.0 alphas is too large to render — it spans 147 commits and 769 changed files across 42 contributors . Locally, run git fetch origin && git log rust-v0.141.0..rust-v0.142.0-alpha.11 --oneline. Via the API, call GET /repos/openai/codex/compare/rust-v0.141.0...rust-v0.142.0-alpha.11, which returns JSON with no HTML render size limit.
