CCVS gate script (codex-gate.sh) corrected post-Pristine-Sweep with ve…

Decision

CCVS gate script (codex-gate.sh) corrected post-Pristine-Sweep with verified codex-cli 0.128.0 flag syntax — closes premortem refinement #3. Replaced assumed --reasoning-effort flag with verified -c model_reasoning_effort=<level> config override (works on both codex exec and codex exec review subcommands). Added --skip-git-repo-check (hooks may run outside repo), --ephemeral (no session pollution), -o <file> (clean verdict extraction). Added auth-missing detection path: greps stdout for 401 Unauthorized|Missing bearer|not.*logged.*in → HARD_GATE blocks with “Run: codex login” message; advisory soft-skips. Mirrored config.toml profiles (hard_gate/advisory/triage with reasoning effort high/medium/low) to both /root/.codex/ and /home/claude/.codex/ for dual-user execution context. Default model auto-resolves to gpt-5.5 via codex login auth — Pro tier auto-engages on next login, zero code changes needed. Cron installed (04:30 UTC daily-review). Only remaining user action: codex login (browser OAuth, cannot be automated).

Rationale

Original record_decision (id 8795002f) carried 0.85 confidence because flag syntax was assumed (codex CLI not yet installed). Post-install live verification revealed --reasoning-effort does NOT exist as a flag — would have caused 100% gate failure on first real invocation. Premortem refinement #3 explicitly predicted this risk; the gate script fix closes it. New confidence 0.95 reflects: (a) flags verified against installed codex-cli 0.128.0 with real exec attempts (parsing succeeded; only auth blocked actual completion); (b) auth-missing path explicitly tested with both HARD_GATE block and advisory skip outcomes correctly emitted; (c) trigger decision matrix re-tested 3/3 cases correct post-fix; (d) Pristine Sweep 8/8 green; (e) /tmp clean; (f) usage log healthy with 4 entries showing all 3 degradation paths (cli_missing, not_logged_in, advisory_skip). Remaining 0.05 confidence gap = first authenticated invocation could surface a subtle issue (e.g., model_reasoning_effort key name mismatch in newer CLI versions, or output format change). Will resolve to 1.0 after first successful authenticated review post-codex login.

Alternatives Rejected

Outcome

Pending

Related

• 2026-05-02-cpu-overload-investigation-three-fixes-shipped
• 2026-04-04-oracle-001-self-architecture-analysis
• docker
• codex-cli---reasoning-effort-flag-does-not-exist-v01280-scri
• openclaw
• ccvs-deep-integration-sweep-across-8-helix-orchestration-fil
• cascade-update-sweep-purged-stale-ciospaperclip-references-f
• add-userpromptsubmit-hook-codex-findings-surfacepy-to-surfac
• lock-in-the-ccvs-inter-turn-surface-design-as-final-shipped
• rewrote-file-manager-filesarjtechin-dlarjtechin-archive-down
• codex-cli-is-set-up-as-first-class-peer-to-claude-code-in-aj