Files
cto/.sot/03-PROTOCOLS/CTO-CODEX-RETENTION-POLICY-PACKET.md
2026-06-04 13:39:51 -04:00

4.0 KiB

name, tier, status, owner, source, last_reviewed, description
name tier status owner source last_reviewed description
cto-codex-retention-policy-packet T1 validated jp CTO-WORK-094 2026-06-04 Local CTO policy packet for Codex retention cleanup approval.

CTO Codex Retention Policy Packet

Local planning SOT only. Not a Core Protocol. Not active Core authority.

Claim

Codex retention cleanup now has a backup-first, approval-gated policy plan. The policy is non-mutating until JP approves a named mutation scope.

Context

Core S411 proved current Core-owned successful Validator selectors already use compact summaries. Remaining bloat is external Codex retention: session JSONL files, active thread records, and Codex log SQLite files.

Current dry-run state still shows 1,038 active threads, zero archived threads, about 2.39GB session JSONL, and about 2.7GB logs_2.sqlite plus WAL.

Planner state on 2026-06-04:

Surface Count Bytes
archive-only candidates older than 7 days 367 about 405MB
destructive delete candidates 0 0
large active sessions over 10MiB 51 about 1.46GB

Planner

python3 tools/plan_codex_retention_policy.py emits metadata-only JSON. It reads only thread archive flags, timestamps, rollout paths, file sizes, and log target byte estimates. It does not read transcript bodies, thread text fields, titles, previews, secrets, or raw messages.

The planner classifies:

  • archive-only candidates;
  • destructive delete candidates;
  • large active sessions;
  • top log pressure targets;
  • approval boundaries.

Native Codex Probe

python3 tools/probe_codex_native_retention.py checks installed Codex CLI help, feature flags, and local version cache. It does not read transcript bodies, thread text fields, titles, previews, secrets, raw messages, or mutate Codex state.

Probe result on 2026-06-04:

  • installed Codex version: 0.134.0;
  • cached latest Codex version: 0.137.0;
  • native cleanup/archive/retention command advertised by installed CLI: false;
  • prevention flag advertised: codex exec --ephemeral;
  • decision point: update Codex and re-run the probe before custom archive mutation if latest native behavior must be considered.

Policy

  1. Prevention default: use codex exec --ephemeral for disposable non-interactive worker runs.
  2. Phase 0: run pressure report and policy planner; no mutation.
  3. Phase 1: backup state_5.sqlite, logs_2.sqlite, WAL, and SHM files.
  4. Phase 2: archive-only candidate threads by DB flag only after explicit approval.
  5. Phase 3: delete archived session JSONL only after separate destructive approval.
  6. Phase 4: delete/truncate logs and checkpoint/vacuum only after Codex is stopped and destructive approval is explicit.

Prevention Helper

python3 tools/codex_ephemeral_exec.py builds disposable worker commands as codex exec --ephemeral. It supports --check and --print-command validation paths that do not run Codex.

Example dry command:

python3 tools/codex_ephemeral_exec.py --print-command -C /path/to/repo "summarize current git status"

The helper is prevention only. It does not archive threads, delete JSONL, truncate logs, checkpoint, vacuum, read transcript bodies, or mutate Core.

Approval Boundary

Blocked without explicit operator approval:

  • updating threads.archived;
  • deleting session JSONL;
  • deleting or truncating Codex logs;
  • SQLite checkpoint or vacuum;
  • raw transcript read/import;
  • any Core source mutation.

Decision

Next safe action is to ask for archive-only approval. Delete and vacuum stay separate later approvals. Core remains out of raw transcript retention authority.

New Issues

  • must-fix: obtain explicit archive-only approval before any threads.archived update.
  • must-fix: obtain separate destructive approval before session deletion, log deletion, checkpoint, or vacuum.
  • follow-up: use the ephemeral exec helper for disposable non-interactive worker runs.
  • follow-up: native Codex retention support is checked for installed 0.134.0; update/re-probe 0.137.0 before custom mutation if latest native behavior should be considered.