permissions: move workspace roots onto thread state

2026-06-01 19:02:59 +00:00 · 2026-05-12 14:31:22 -07:00
parent 522e00e341
commit 0e434f4d02
156 changed files with 3774 additions and 3181 deletions
--- a/codex-rs/app-server-protocol/schema/json/ClientRequest.json
+++ b/codex-rs/app-server-protocol/schema/json/ClientRequest.json
@@ -1850,31 +1850,6 @@
        }
      ]
    },
-    "PermissionProfileModificationParams": {
-      "oneOf": [
-        {
-          "description": "Additional concrete directory that should be writable.",
-          "properties": {
-            "path": {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            },
-            "type": {
-              "enum": [
-                "additionalWritableRoot"
-              ],
-              "title": "AdditionalWritableRootPermissionProfileModificationParamsType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "path",
-            "type"
-          ],
-          "title": "AdditionalWritableRootPermissionProfileModificationParams",
-          "type": "object"
-        }
-      ]
-    },
    "PermissionProfileNetworkPermissions": {
      "properties": {
        "enabled": {
@@ -1886,40 +1861,6 @@
      ],
      "type": "object"
    },
-    "PermissionProfileSelectionParams": {
-      "oneOf": [
-        {
-          "description": "Select a named built-in or user-defined profile and optionally apply bounded modifications that Codex knows how to validate.",
-          "properties": {
-            "id": {
-              "type": "string"
-            },
-            "modifications": {
-              "items": {
-                "$ref": "#/definitions/PermissionProfileModificationParams"
-              },
-              "type": [
-                "array",
-                "null"
-              ]
-            },
-            "type": {
-              "enum": [
-                "profile"
-              ],
-              "title": "ProfilePermissionProfileSelectionParamsType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "id",
-            "type"
-          ],
-          "title": "ProfilePermissionProfileSelectionParams",
-          "type": "object"
-        }
-      ]
-    },
    "Personality": {
      "enum": [
        "none",
@@ -3133,13 +3074,6 @@
              ],
              "title": "WorkspaceWriteSandboxPolicyType",
              "type": "string"
-            },
-            "writableRoots": {
-              "default": [],
-              "items": {
-                "$ref": "#/definitions/AbsolutePathBuf"
-              },
-              "type": "array"
            }
          },
          "required": [
@@ -3406,7 +3340,8 @@
            {
              "type": "null"
            }
-          ]
+          ],
+          "description": "Deprecated for fork. When present, the server treats this as a compatibility spelling for selecting a matching named permissions profile."
        },
        "serviceTier": {
          "type": [
@@ -3817,7 +3752,8 @@
            {
              "type": "null"
            }
-          ]
+          ],
+          "description": "Deprecated for resume. When present, the server treats this as a compatibility spelling for selecting a matching named permissions profile."
        },
        "serviceTier": {
          "type": [
@@ -4197,7 +4133,7 @@
              "type": "null"
            }
          ],
-          "description": "Override the sandbox policy for this turn and subsequent turns."
+          "description": "Deprecated for turns. When present, the server treats this as a compatibility spelling for selecting a matching named permissions profile."
        },
        "serviceTier": {
          "description": "Override the service tier for this turn and subsequent turns.",