ChatGPT Codex: Codex as the default author of dependency upgrade PRs, three years in

Codex as the default author of dependency upgrade PRs, three years in is one of the year-three habits with ChatGPT Codex that looks, from the outside, like nothing at all and, from the inside, like the reason the team still ships every week. It rarely shows up in launch posts or benchmark threads. It shows up instead in the hour you did not lose on Friday afternoon, in the pull request that did not need a second round of review, in the commit message that honestly described what changed.

By year three, ChatGPT Codex is boring in the best possible way. Nobody in the team asks “should we use this” any more. They ask “did we remember to turn the knob we agreed on last quarter”. The interesting work has moved from the tool itself to the habits and contracts around it. This piece is about one of those contracts, and why it still repays attention.

Why this move with ChatGPT Codex actually matters

Tight integration with GitHub issues and pull requests is the feature people quote in the changelog. The practice that turns it into leverage is Codex as the default author of dependency upgrade PRs, three years in. Those two are not the same thing. A feature is a capability; a practice is a decision you make about when and how to reach for it.

When you approach ChatGPT Codex through this angle, you stop asking “what can it do” and start asking “what should I let it do today”. That framing is deliberately boring. It is also the difference between a workflow that you respect in six months and one you quietly abandon after two sprints.

The honest friction

None of this is free. Environment drift when the sandbox diverges from local tooling is the kind of friction that does not appear in the first week, when the tool is fresh and every completion feels earned. It appears later, in the tenth agent run of a tired Thursday, when you accept a diff you would have rejected at nine in the morning.

The mitigation is not another layer of tooling. It is a slower one: a short checklist that runs before you hand control away. Has the acceptance criterion been written down? Does the test suite still make sense? Is there a rollback path that does not involve apologising in standup? When those questions are cheap to answer, Codex as the default author of dependency upgrade PRs, three years in stops being a risk and starts being a routine.

Measuring what actually improved

It is easy to tell yourself the workflow is better. It is harder to prove it. Task-oriented UI that encourages small, verifiable units of work is one edge of the loop you are trying to improve. Your review habits are the other. The practice is to measure both, not just the half that flatters the tool.

A good week with ChatGPT Codex is not the count of accepted suggestions. It is the count of changes that stayed shipped, the reduction in review round-trips, the calm with which you pushed to main on Friday. Those three numbers can be tracked in a spreadsheet and they will tell you more than any dashboard the vendor ships. Everything else is vanity.

Making it stick

Habits with AI tools stick the way all habits do: a small cue, a clear action, a visible reward. The cue is a task that fits the shape of Codex as the default author of dependency upgrade PRs, three years in. The action is to reach for ChatGPT Codex with an explicit intent rather than an idle one. The reward is a diff you would have been proud to write by hand, only faster and with fewer rough edges.

If you take only one thing from this, let it be that. ChatGPT Codex is entirely the background; the story is the contract the team still honours around it. Keep the contract simple, keep it visible, and let the third year of practice pay off the fourth.

More field notes on ChatGPT Codex

This piece is one entry in a running series on how AI coding tools change day-to-day engineering work. For more practical notes on ChatGPT Codex specifically, browse the full set at /blog/tag/chatgpt-codex/. For the wider view across every tool in the stack, the AI coding tag collects the whole archive in one place.