Skip to content

Default git identity codex@example.com silently misattributes commits to unrelated third-party GitHub user #18095

Open
Open
Default git identity codex@example.com silently misattributes commits to unrelated third-party GitHub user#18095
Labels
CLIIssues related to the Codex CLIbugSomething isn't working
@ErneG

Description

@ErneG
ErneG
opened on Apr 16, 2026

Summary

Codex ships with a default git identity of:

user.name = Codex Test
user.email = codex@example.com

Any user who runs Codex before manually setting git config user.email produces commits authored by this placeholder. Because example.com is a reserved domain (RFC 2606) that OpenAI does not own, the string codex@example.com has been claimed on the public profile of an unrelated
GitHub user — resulting in silent commit misattribution across Codex users.

Reproduction

  1. Install Codex (CLI or cloud environment) and run it in a fresh repo without overriding git identity.
  2. Make any commit through Codex.
  3. Inspect the commit:
    git log -1 --pretty=fuller
    Author: Codex Test codex@example.com

Commit: Codex Test codex@example.com

  1. Push to GitHub and open the commit in any downstream tool that resolves author email to a GitHub profile (Vercel, GitHub API consumers, CI dashboards).

Observed behavior

  • GitHub commit UI renders the raw string "Codex Test".
  • Vercel deployment details, GitHub API author.login, and various dashboards resolve the email codex@example.com and display the GitHub user abiataprado — a stranger with no affiliation to our repository, organization, or OpenAI.
  • Concretely, merge commit 02bec15ec63e3af6e2a7a29b32fc21829bb47bb7 in our repo shows this behavior: the merge itself is authored by me, but it includes a Codex-authored commit (f04be8c1) with codex@example.com, and Vercel surfaces abiataprado's avatar on the deploy.

Expected behavior

Codex should ship with a default identity on a domain OpenAI controls so that attribution cannot be captured by third parties — for example:

user.name = Codex
user.email = noreply@codex.openai.com

Even better: on first run, detect missing user.email in the active repo and prompt the user to set one, so real contributors never ship with the placeholder in the first place.

Impact

  • Every Codex user who doesn't override the default leaks commit attribution to an unrelated account.
  • A stranger's GitHub avatar appears on production deploys, internal dashboards, and commit histories across many organizations.
  • Attribution cannot be corrected after the fact without rewriting history.
  • Not a security/access issue (no repo access, push rights, or webhooks granted), but a trust and identity-confusion issue affecting every Codex user with the default config.

Root cause

example.com is a reserved documentation domain (RFC 2606) with no MX records — no one can verify it via GitHub's email-verification flow. However, GitHub's public profile "email" field accepts any unverified string, and tools that resolve author emails to GitHub profiles match
against it. Because the default is on a domain OpenAI does not own, the association is first-come-first-served.

Suggested fix

  1. Replace the default user.email with an OpenAI-controlled address (e.g. noreply@codex.openai.com).
  2. On first use, if the active repo has no user.email set, prompt the user to configure one before making commits.
  3. Optionally, document the issue so existing users can check their local/global config.

Happy to provide additional commit SHAs or screenshots if useful.

Metadata

Metadata

Assignees

No one assigned

    Labels

    CLIIssues related to the Codex CLIbugSomething isn't working

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions