v0.3.1

This release improves Poetry installation in the Docker image and clarifies how to run Codex inside the container when its internal sandbox is too restrictive.

Highlights

• Switched Poetry installation from the bootstrap script to pipx.
• Bumped Poetry to 2.3.4 across Docker/Compose env defaults.
• Clarified codex -s danger-full-access usage for Docker-based workflows.
• Expanded security notes to explain what danger-full-access changes and what it does not.

Changed

• Poetry is now installed via pipx in the Docker image instead of the remote install script.
• Default POETRY_VERSION was updated from 2.3.2 to 2.3.4 in:
  • Dockerfile
  • compose.yaml
  • .env.dist
• Removed obsolete POETRY_HOME usage after switching away from the install script.

Documentation

• Added a practical codex example for rerunning inside the container with:
  • docker compose run --rm codex -s danger-full-access
• Clarified that this disables Codex's internal sandbox without changing Docker seccomp or adding container capabilities.
• Expanded security notes to explain what access Codex retains in this mode.

Notes

• No intended breaking changes for standard template usage.
• This release mainly improves container setup clarity and reduces ambiguity around Codex sandbox behavior in Docker.

Full Changelog: v0.3.0...v0.3.1