permissions: store only constrained permission profiles (#19735)

2026-05-02 18:37:01 +00:00 · 2026-04-26 20:59:58 -07:00
parent 8033b6a449
commit 0ccd659b4b
32 changed files with 242 additions and 215 deletions
--- a/codex-rs/core/tests/common/zsh_fork.rs
+++ b/codex-rs/core/tests/common/zsh_fork.rs
@@ -36,7 +36,9 @@ impl ZshForkRuntime {
        config.main_execve_wrapper_exe = Some(self.main_execve_wrapper_exe.clone());
        config.permissions.allow_login_shell = false;
        config.permissions.approval_policy = Constrained::allow_any(approval_policy);
-        config.permissions.sandbox_policy = Constrained::allow_any(sandbox_policy);
+        config
+            .set_legacy_sandbox_policy(sandbox_policy)
+            .expect("set sandbox policy");
    }
 }