# OpenAI macOS Update Deadline: ChatGPT, Codex Break June 26 > Source: > Published: 2026-06-20 17:17:55+00:00 If you use ChatGPT Desktop, Codex App, Codex CLI, or Atlas on macOS, you have six days. On June 26, OpenAI revokes the code-signing certificates behind all four apps — and after that date, macOS Gatekeeper blocks them from launching. No pop-up, no grace period, no workaround. Just silence. The fix takes thirty seconds. The excuse for missing it does not exist. ## What Breaks on June 26 Four OpenAI apps lose macOS launch permission when the old certificates are revoked. The deadline was already pushed once — from June 12 to June 26 — and OpenAI has confirmed no further extensions. These are the minimum versions you need to be on before that date: **ChatGPT Desktop:** 1.2026.125 or later**Codex App:** 26.506.31421 or later**Codex CLI:** 0.130.0 or later**Atlas:** Build 1.2026.15.3 or later Versions below these thresholds carry the old certificates. macOS will refuse to run them after revocation. The new-certificate builds have been in distribution for weeks, so updating is zero-risk — you are not installing a beta. ## Why the Certificates Had to Go On May 11, 2026, the Mini Shai-Hulud worm published 84 malicious versions of 42 `@tanstack` npm packages in a six-minute window. Two OpenAI employee devices were infected via that supply chain attack, and the compromised machines had access to OpenAI’s code-signing certificates for macOS, Windows, iOS, and Android. OpenAI cannot confirm the private keys were extracted — so rather than assume they weren’t, OpenAI rotated all of them simultaneously. No user data, production systems, or intellectual property was compromised, according to [OpenAI’s official response](https://openai.com/index/our-response-to-the-tanstack-npm-supply-chain-attack/). But when you cannot rule out certificate theft, rotation is the only defensible option. This is the right call, even if it inconveniences everyone who didn’t pay attention in May. Related:[Atomic Arch Hijacks 1,500 AUR Packages: Rotate Credentials]— another recent supply chain attack requiring immediate credential action. ## How to Update Right Now Every app has a straightforward update path. For ChatGPT Desktop, use **App > Check for Updates** or re-download from chatgpt.com. For Codex App and Atlas, the in-app updater handles it. For Codex CLI, one command does everything: ``` # Update Codex CLI globally npm install -g @openai/codex@latest # Verify the version codex --version # Should be >= 0.130.0 # If your project pins the version, update package.json too npm install @openai/codex@latest --save-dev ``` Run `codex --version` after updating. If the output is below 0.130.0, the update didn’t take — reinstall. If it’s at or above 0.130.0, you’re clear. ## The CI/CD Trap Most Developers Will Miss Desktop apps are obvious. CI/CD pipelines are not. Any pipeline, Dockerfile, or script that installs Codex CLI via npm with a pinned version older than 0.130.0 will break on June 26. The failure mode is particularly unpleasant: a macOS runner executes the install without errors, Gatekeeper silently blocks the binary, and your pipeline fails with a cryptic exit code that points nowhere useful. Audit your lockfiles and CI scripts for `@openai/codex` version pins today. Check `package-lock.json` , `yarn.lock` , Dockerfiles, and any GitHub Actions or CI YAML that references the package directly. This is the fix that will get skipped because it’s not obvious — and it’s the one that will hurt the most at 3 AM on June 27. ## This Is Round 3 of the Miasma Campaign The TanStack attack wasn’t an isolated incident. The Mini Shai-Hulud worm has hit SAP in April, TanStack and OpenAI in May, and Red Hat npm packages and Microsoft GitHub infrastructure in June. Across the campaign, 170+ npm packages were compromised. Critically, the worm bypassed SLSA provenance attestation — the supply chain security standard that was supposed to prevent exactly this class of attack. Certificate rotation at this scale (four platforms simultaneously) is unprecedented for an AI company, and it signals that OpenAI is taking the certificate exposure seriously. The broader lesson is that SLSA alone is not sufficient defense against a sophisticated, fast-moving supply chain attacker. [The Record](https://therecord.media/openai-asks-macos-users-to-update-tanstack-npm) and [Wiz’s technical analysis](https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised) have thorough coverage if you want the full attack timeline. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/) also has a detailed breakdown of how the breach unfolded. ## Key Takeaways - Update ChatGPT Desktop, Codex App, Codex CLI, and Atlas on macOS before June 26 — or they stop working with no warning - Minimum versions: ChatGPT Desktop 1.2026.125, Codex App 26.506.31421, Codex CLI 0.130.0, Atlas Build 1.2026.15.3 - CI/CD pipelines with pinned Codex CLI versions below 0.130.0 break silently on June 26 — audit lockfiles now - The certificate rotation stems from the May 11 TanStack supply chain attack that compromised two OpenAI employee machines - SLSA provenance attestation did not stop Mini Shai-Hulud — supply chain defense needs more than one layer