github kaitranntt/ccs v8.0.0
on GitHub

latest releases: v8.1.0, v8.0.0-dev.3, v8.0.0-dev.2...
5 hours ago

8.0.0 (2026-05-23)

⚠ BREAKING CHANGES

  • release: decouple npm @latest from Docker rc.1 soak (REV11) (#1277)

Features

  • add OAuth paste-callback traceability (1af6625)
  • ci: sunset legacy dashboard image publishing (9f6e64f)
  • codex-auth: add ccsx auth CLI subcommands (create/login/switch/use/show/remove) (bf92645)
  • codex-auth: add dashboard Auth Profiles tab + GET /api/codex/profiles (e99c461)
  • codex-auth: add import-default migration + integration tests + docs (631c799)
  • codex-auth: add profile registry + storage foundation (358b703)
  • codex-auth: wire ccsx bin router + ccsxp scope notice (8c604a0)
  • dashboard: add Korean language support (8ad7653), closes #1206 #1241
  • docker: canonical compose.yaml + smoke-test (P2 of #1251) (#1258) (fbaac6a)
  • docker: publish ccs:latest + ccs:full integrated images (P1 of #1251) (#1257) (d558cd2)
  • docker: zero-install Docker UX — ccs:latest, ccs:full, canonical compose, ccs-net contract (#1251) (#1261) (9aa854b)
  • filter analytics by profile (f1d655e)
  • report permission mode persist receipt status (3dc1810)
  • share stale Codex translator path scanner (46d73ae)
  • support minimal codex effort aliases (6569eed)

Bug Fixes

  • address reviewer findings round 2 (#1261 loop 2) (#1272) (adf5a83)
  • address upstream reviewer findings + failing CI checks (#1261 loop 1) (#1271) (7800474), closes #1260
  • browser: block sensitive header intercept matchers (a864864), closes #1294
  • browser: gate response fulfillment opt-in (538b644), closes #1295
  • browser: redact observed event URLs (9a2a1dd), closes #1296
  • browser: stop recorder leaking sensitive input (8051f16), closes #1293
  • ci: reviewer loop 6 — REV12 compose image parsing, REV13 fork bypass, REV14 :full audit (#1278) (e7ce699)
  • ci: smoke-test failure check + relax service-key guard (REV9, REV10) (#1276) (1f736b2)
  • cliproxy: bound Claude quota error-body reads and preserve timeout (2f50fe3), closes #1300
  • cliproxy: cap oauth log parsing size in stats fallback (b7ba3c7), closes #1292
  • cliproxy: harden oauth trace snippet redaction (29eebff)
  • cliproxy: redact AI provider header secrets (#1268) (ece43fc)
  • cliproxy: redact token-like oauth trace snippets (a526eb4)
  • codex-auth: address persistent review focus (e461c7a)
  • codex-auth: address review focus areas (211e51b)
  • codex-auth: close local review gaps (8552101)
  • codex-auth: close remaining review gaps (5c79df4)
  • codex-auth: fail closed on registry corruption (2cd2d43)
  • codex-auth: fail fast on missing active profile (08fe63c)
  • codex-auth: harden profile review findings (a3fe2c6)
  • codex-auth: harden registry fail-closed paths (81c4acc)
  • codex-auth: reject stray profile args (c90b3cb)
  • codex-auth: remove unused React import causing UI build failure (4e7d648)
  • codex-auth: surface registry corruption (54738e8)
  • codex: normalize native cliproxy tuning aliases (#1254) (609bed0)
  • codex: pass ccsx resume through to native codex (5a54c1b), closes #1287
  • codex: pass native ccsx subcommands through (#1290) (8a37578)
  • codex: preserve custom ccsxp cliproxy base URLs (d68ee37), closes #1281
  • dispatcher: preserve --permission-mode for claude agents subcommand (ef4b746)
  • docker: apply red-team findings — drop :full, rc.1 soak, healthcheck, signing (#1251) (#1262) (107b5b5)
  • docker: harden integrated service exposure (857dac8), closes #1291
  • ensure dashboard cliproxy restart waits for recovery (fc5851e)
  • logging: redact CLI argv in lifecycle start logs (100308a), closes #1297
  • mask Docker key rotation banner (bbcf9e8)
  • normalize ccsxp codex model flag aliases (6bc04de)
  • pause exhausted CLIProxy rotation accounts (923bfee), closes #1337
  • persist: block codex claude settings bridge (3b20164)
  • persist: print recovery receipt after settings write (#1302) (67fe6d9)
  • preserve Docker legacy API key during rotation (30971eb)
  • prevent Docker dashboard from orphaning CLIProxy (acf9fd6)
  • proxy: require owned daemon PID before reusing legacy/profile proxy session (fa31bea), closes #1298
  • proxy: scope insecure TLS to routed profile (2447813), closes #1299
  • redact Codex diagnostics metadata (e2f2c7d)
  • release: decouple npm @latest from Docker rc.1 soak (REV11) (#1277) (4e9c14b)
  • repair ccsx codex profile resources (37a1452)
  • resolve ccsx auth profiles before CCS profiles (f667628)
  • security: reject 127-prefixed websocket origins (#1263) (14cbe8f)
  • security: require localhost for Claude extension /setup when dashboard auth is disabled (#1270) (db175b6)
  • tighten parity check + catch service-key rename (#1261 loop 3) (#1274) (a4e16e0)
  • treat remote-control as a Claude subcommand (db4b938)
  • ui: handle TOML triple-quotes in arrays and AST-aware JSON keys (15a1faf), closes #1248
  • ui: honor TOML quoted keys and escaped quotes in sensitive masking (bac51ce)
  • ui: make codex config.toml viewer selectable (420494e), closes #1247
  • ui: mask multi-line sensitive values in CodeEditor (eefb762)
  • ui: skip TOML comments when scanning sensitive array values (a633ee0), closes #1248
  • websearch: avoid shell for legacy CLI fallbacks (#1267) (2115742)

Documentation

  • ci: clarify rc.1 soak and :full removal as intentional design (#1261) (#1279) (d2f7d3f)
  • docker: document ccs-net contract for sibling containers (#1259) (28f08cb)
  • docker: P3 — hoist two-command quickstart, restructure docker/README, add parity CI (#1260) (b50c2db)
  • sync agent guide with AGENTS (b123d41)

Code Refactoring

  • docker: drop Bun from runtime stage; generate npm lockfile in build stage (#1256) (775f438)

Performance Improvements

  • ui: tighten sensitive-mask decoration scope and reveal selector (f404e52), closes #1248

Tests

  • avoid fixed image analyzer e2e port (c81ea20)
  • cover agents permission-mode passthrough (e0f43b8)
Check out latest releases or
releases around kaitranntt/ccs v8.0.0

Don't miss a new ccs release

NewReleases is sending notifications on new releases.

Get notifications