How to review a commit with Codex

Commit review is the narrow Codex review scope for one recorded Git change before a cherry-pick, backport, or release handoff. Pointing Codex at a SHA keeps the review on the diff introduced by that commit instead of the current branch or the uncommitted working tree.

The codex review --commit <SHA> command runs the non-interactive Codex reviewer against the selected commit. The Codex CLI also exposes commit review from the local /review flow, but the direct command is easier to repeat in release notes, maintainer handoffs, and saved review transcripts.

The target SHA must resolve in the local repository where the command runs. Fetch the branch first when the commit lives only on a remote branch, and resolve the SHA again after rebases, squashes, or amended commits. Review output is advisory, and the changed code may be sent to the configured Codex backend, so remove secrets before starting the review.

Steps to review a commit with Codex:

Open a terminal in the Git repository that contains the commit.
```
$ cd ~/src/example-app
```
Confirm the repository root before selecting a SHA.
```
$ git rev-parse --show-toplevel
/home/user/projects/example-app
```
If Codex stops with a trusted-directory error, fix the repository trust policy before rerunning the review.
Related: How to fix the Codex trusted-directory error

List recent commits to find the target change.

$ git log --oneline -n 2
4570d21 Add average helper
c6fca7f Add arithmetic helper

Resolve the full SHA for the commit Codex should inspect.
```
$ git rev-parse 4570d21
4570d216a425eb1cd8b431ceb8fe2b714d9c35c1
```
Use the full SHA when short prefixes could become ambiguous in a long repository history.

Confirm the selected SHA points to the expected subject.

$ git show --no-patch --oneline 4570d216a425eb1cd8b431ceb8fe2b714d9c35c1
4570d21 Add average helper

Check the commit summary before running Codex.

$ git show --stat --oneline 4570d216a425eb1cd8b431ceb8fe2b714d9c35c1
4570d21 Add average helper
 math_utils.py | 4 ++++
 1 file changed, 4 insertions(+)

Run the commit review with Codex.

$ codex review --commit 4570d216a425eb1cd8b431ceb8fe2b714d9c35c1
The commit adds an average helper, but empty input still reaches the division step. That turns a caller mistake into a low-level ZeroDivisionError instead of the helper's documented behavior.

Review comment:

- [P2] Guard average against empty input - /home/user/projects/example-app/math_utils.py:5-5
  If values is empty, this line divides by zero. Add an explicit empty-input check so callers get the intended ValueError before the arithmetic runs.

If Codex reports missing authentication, fix the session before rerunning the same SHA.
Related: How to check Codex login status

Save the review output when it needs to be shared with a maintainer or attached to a release handoff.
```
$ codex review --commit 4570d216a425eb1cd8b431ceb8fe2b714d9c35c1 > codex-commit-review.txt
```

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.