OpenAI's Codex CLI tagged v0.134.0 stable on May 26, 2026 — three alpha builds and roughly three days of bake time after development kicked off on May 22. The headline additions are local conversation history search and a fully promoted --profile flag that now rejects legacy v1 config files on startup. The MCP layer gains per-server environment variable isolation and OAuth for streaming connections. If you run Codex in CI or manage multi-server MCP setups, check the breaking change section before you upgrade.
What Shipped in v0.134.0
Codex CLI v0.134.0 stable landed on May 26, 2026 after three alpha builds spanning May 22–23 and a ~3-day stabilization period — per the official GitHub release. The four headline changes: local conversation history search, the breaking --profile flag promotion, per-server MCP environment variable isolation, and OAuth for streaming MCP connections.
--profile flag change that rejects v1 profile configs at startup, per-server MCP env var isolation, and OAuth for streaming MCP connections. Migrate your profile config before upgrading — the CLI will not start until it's updated.The release credits 25 contributors and marks the project's 802nd total GitHub release, with 86,500+ stars across the repository. The codebase is 96.1% Rust — no Node.js runtime at execution time. The canonical install path remains npm install -g @openai/codex, which now downloads the Rust binary rather than running TypeScript.
The alpha cycle ran in three tags: alpha.1 on May 22 , alpha.2 later the same day , and alpha.3 on May 23 — then a quiet stabilization gap before the stable tag. v0.135.0 alphas were already tagged within 24 hours of v0.134.0 shipping.
The Rust rewrite — completed approximately two months after the April 2025 open-source launch as a Node.js/TypeScript project — eliminated the Node.js runtime dependency and gave the tool native access to platform sandboxing APIs without FFI overhead. That architectural choice is now reflected in 96.1% of the tracked file weight being Rust.
Breaking Change: --profile Flag and v1 Config Migration
The --profile flag is now the primary profile selector across the CLI, TUI permissions system, and sandbox execution flows. Legacy v1 profile configuration files are rejected outright at startup — the process will not proceed past the config check. Config errors surface migration guidance and documentation links directly in the terminal output, making the failure explicit rather than silent.
What this means in practice: if your profile config predates the v2 format, upgrading breaks your workflow on the first invocation. Teams with CI pipelines or shared dotfiles referencing the old profile structure need to migrate before pulling this version. The migration documentation link is embedded in the error message — but completing the migration before the upgrade is the safer sequence.
Automation scripts passing hardcoded --profile arguments are also at risk if they relied on the old flag resolution order. Audit your shell scripts, CI steps, and any wrapper tooling before pulling v0.134.0 into any environment where Codex runs unattended. The breakage will be immediate and complete — not a degraded-mode failure.
Local Conversation History Search
v0.134.0 adds in-terminal conversation history search: case-insensitive matching against past sessions with result previews, surfaced without any external tooling. History is stored and queried locally — nothing leaves the machine for this feature. The query runs against the local session store, not the API.
The practical target is multi-session development workflows. If a previous Codex session produced a specific shell pipeline, SQL query, or debugging sequence, you can now search for it directly in the terminal instead of grepping log files or scrolling scrollback. Context recovery drops from a manual chore to a native CLI operation.
No configuration required — the feature is on by default for stored sessions. This moves Codex CLI closer to interactive tools like atuin or IPython that treat history as a first-class resource, rather than an afterthought recoverable only by scrolling.
MCP Layer Upgrades: Per-Server Env Vars and OAuth
The MCP integration in v0.134.0 gets two structural changes relevant to production use: per-server environment variable targeting and OAuth support for streamable HTTP connections. Both address pain points in multi-server setups — credential isolation and authentication complexity for streaming endpoints.
Per-server env vars work by assigning a distinct env map to each MCP server in your config, rather than sharing a global environment across all servers. Previously, a credential held by one server could be visible to another server running in the same session. That exposure is now isolated by design. OAuth for SSE and WebSocket MCP connections closes the authentication gap for teams running streaming HTTP MCP endpoints that previously required custom workarounds.
The readOnlyHint concurrency change has a concrete latency impact. Tools flagged as read-only — file reads, search queries, index lookups — execute in parallel within a single agent turn rather than serially. Workflows calling multiple read-only tools per turn will see wall time drop proportionally to the number of concurrent calls.
Schema reliability was also hardened: local $ref/$defs structures are preserved during tool exposure (not flattened), and oversized schemas are compacted before model handoff. This closes a class of silent failures where complex tool definitions arrived at the model truncated or structurally broken — producing tool calls that failed at inference time with no clear error.
| MCP Feature | Before v0.134.0 | After v0.134.0 |
|---|---|---|
| Server env vars | Shared global environment | Per-server isolated env map |
| OAuth for HTTP connections | Not supported | Supported (SSE / WebSocket) |
readOnlyHint tools |
Serial execution per turn | Concurrent execution per turn |
JSON Schema $ref/$defs |
Flattened on tool exposure | Preserved locally |
| Oversized schemas | Passed as-is (silent corruption risk) | Compacted before model handoff |
Bug Fixes Worth Noting
Four fixes in v0.134.0 address failure modes that could cause silent or confusing behavior in active setups. None are cosmetic.
Stale exec-server WebSocket. Sessions that encountered a stale connection to the exec-server would hang or behave unpredictably. Fixed via fresh session recovery — the client detects the stale state and re-establishes cleanly without requiring a manual restart.
Windows TUI rendering corruption. Virtual terminal mode was not correctly restored on exit, leaving the terminal in a broken display state after Codex closed. Windows users on v0.133.x who hit this should confirm the fix applies cleanly to their terminal emulator after upgrading.
Node-based tools and network proxy. Tools implemented in Node.js were bypassing Codex's managed network proxy — a silent proxy-bypass vector. They now honour the proxy correctly. This matters for enterprise environments with egress controls or audit requirements on outbound traffic.
Usage-limit messaging. Workspace-specific credit and spend-cap failure states were surfacing incorrect or generic error messages. Corrected to show workspace-scoped context so you can act on the right billing scope without guessing.
Upgrade Checklist Before You Pull v0.134.0
The breaking profile change makes this upgrade require more prep than a typical patch. Run through the table below before pulling the new version in any environment that runs Codex in automation or production.
| Check | What to look for | Risk if skipped |
|---|---|---|
| Profile config files | v1 format entries in ~/.codex/config or project dotfiles |
CLI refuses to start; config error on every invocation |
| CI/CD scripts | Hardcoded --profile arguments relying on old resolution order |
Pipeline failures immediately on upgrade |
| MCP server configs | Shared global env var maps across multiple servers | Credential bleed between servers; now is the time to migrate to per-server targeting |
| Windows TUI | Terminal emulator rendering state after Codex exits | Residual rendering corruption if the virtual terminal fix doesn't apply cleanly to your emulator |
Test profile config migration in a non-production environment first. Invoke Codex with a minimal, low-stakes task before pointing it at any live system or CI pipeline. The startup validation surface will tell you exactly what's wrong — follow the documentation link in the error output.
For teams running multiple MCP servers: this upgrade is a useful prompt to map which env vars each server actually needs. Moving to per-server targeting now — even for servers that don't strictly require isolation yet — reduces the surface for future credential bleed. Track the project's release cadence at releasebot.io to stay ahead of the next breaking change cycle.
Frequently Asked Questions
What breaks if I upgrade to Codex CLI v0.134.0 without migrating my profile config?
The CLI rejects v1 profile configuration files at startup and surfaces a config error with a link to the migration documentation. The process will not proceed — every invocation fails until the config is updated to the v2 format. Migrate in a non-production environment and validate before upgrading any system that runs Codex in automation or CI. The error message itself contains the documentation link, so the path forward is explicit.
How does per-server MCP environment variable targeting work?
Each MCP server in your config gets its own explicit env var map rather than inheriting from a shared global environment. A credential or token assigned to Server A is not visible to Server B within the same session. Configure the env map per-server in your MCP server config block — the v0.134.0 release notes document the new structure. This is a configuration change, not automatic — existing multi-server setups need to be updated.
Does local conversation history search send data to OpenAI?
No. History search operates entirely against the local session store — the feature makes no network call when querying past conversations. Your session history stays on disk and is matched locally. This is distinct from active inference calls during a Codex session, which do go to the API. The local-only design means the feature works without a network connection and introduces no additional data-sharing surface.
Why was Codex CLI rewritten from TypeScript to Rust?
Three reasons drove the rewrite: lower memory overhead, elimination of the Node.js runtime dependency (users no longer need Node.js installed to run Codex), and native access to platform sandboxing APIs without FFI overhead. The rewrite was completed approximately two months after the project's April 2025 open-source launch as Node.js/TypeScript. The npm install -g @openai/codex install path still works but now downloads a prebuilt Rust binary rather than running interpreted TypeScript.
What does the readOnlyHint concurrency change mean in practice?
MCP tools flagged with readOnlyHint can now run in parallel within a single agent turn rather than sequentially. If a workflow calls three read-only tools in one turn — a file read, a search query, and an index lookup — they execute concurrently. Total wall time drops to roughly the slowest individual call rather than accumulating across all three. No config change is required; the parallelism is automatic for tools that are correctly flagged as read-only by their server implementation.
What to Watch Next
v0.135.0 was already in alpha as of May 27, 2026 — feature scope not yet disclosed. Given the project's ~2 releases per day cadence across stable and alpha tags, the gap between v0.134.0 stable and the next stable is likely under two weeks. The GitHub releases page tends to surface breaking changes in alpha notes before the stable changelog catches up — worth tracking if you maintain automation around Codex.
The MCP OAuth and per-server env var additions signal a build-out toward more complex multi-agent orchestration patterns. If you're running Codex as a subagent in a larger pipeline, v0.134.0's MCP hardening — schema reliability, credential isolation, concurrent read-only tool execution — reduces a whole category of integration bugs that previously failed silently. The OpenAI Codex changelog is the authoritative reference for each release's scope as alpha notes expand into stable documentation.
Last updated: 2026-05-28. Based on the official v0.134.0 release notes and OpenAI Codex changelog, reviewed May 28 2026.
