clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-30 17:36:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge origin/main into rhan/surface-updates (resolve #14374 conflicts)

Browse Source
This commit is contained in:
Roy Han
2026-03-13 18:36:03 -07:00
parent e9bf09ba09 b859a98e0f
commit 66c0851437
541 changed files with 26801 additions and 24881 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
codex-rs/app-server-protocol/schema/json/v2/ConfigReadResponse.json
View File

@@ -96,6 +96,14 @@
"AppToolsConfig": {
"type": "object"
},
"ApprovalsReviewer": {
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
"enum": [
"user",
"guardian_subagent"
],
"type": "string"
},
"AppsConfig": {
"properties": {
"_default": {
@@ -143,7 +151,7 @@
{
"additionalProperties": false,
"properties": {
"reject": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
@@ -172,9 +180,9 @@
}
},
"required": [
"reject"
"granular"
],
"title": "RejectAskForApproval",
"title": "GranularAskForApproval",
"type": "object"
}
]
@@ -202,6 +210,17 @@
}
]
},
"approvals_reviewer": {
"anyOf": [
{
"$ref": "#/definitions/ApprovalsReviewer"
},
{
"type": "null"
}
],
"description": "[UNSTABLE] Optional default for where approval requests are routed for review."
},
"compact_prompt": {
"type": [
"string",
@@ -578,6 +597,17 @@
}
]
},
"approvals_reviewer": {
"anyOf": [
{
"$ref": "#/definitions/ApprovalsReviewer"
},
{
"type": "null"
}
],
"description": "[UNSTABLE] Optional profile-level override for where approval requests are routed for review. If omitted, the enclosing config default is used."
},
"chatgpt_base_url": {
"type": [
"string",

6
codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json
View File

@@ -15,7 +15,7 @@
{
"additionalProperties": false,
"properties": {
"reject": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
@@ -44,9 +44,9 @@
}
},
"required": [
"reject"
"granular"
],
"title": "RejectAskForApproval",
"title": "GranularAskForApproval",
"type": "object"
}
]

38
codex-rs/app-server-protocol/schema/json/v2/FsCopyParams.json Normal file
View File

@@ -0,0 +1,38 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AbsolutePathBuf": {
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
}
},
"description": "Copy a file or directory tree on the host filesystem.",
"properties": {
"destinationPath": {
"allOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
}
],
"description": "Absolute destination path."
},
"recursive": {
"description": "Required for directory copies; ignored for file copies.",
"type": "boolean"
},
"sourcePath": {
"allOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
}
],
"description": "Absolute source path."
}
},
"required": [
"destinationPath",
"sourcePath"
],
"title": "FsCopyParams",
"type": "object"
}

6
codex-rs/app-server-protocol/schema/json/v2/FsCopyResponse.json Normal file
View File

@@ -0,0 +1,6 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "Successful response for `fs/copy`.",
"title": "FsCopyResponse",
"type": "object"
}

32
codex-rs/app-server-protocol/schema/json/v2/FsCreateDirectoryParams.json Normal file
View File

@@ -0,0 +1,32 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AbsolutePathBuf": {
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
}
},
"description": "Create a directory on the host filesystem.",
"properties": {
"path": {
"allOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
}
],
"description": "Absolute directory path to create."
},
"recursive": {
"description": "Whether parent directories should also be created. Defaults to `true`.",
"type": [
"boolean",
"null"
]
}
},
"required": [
"path"
],
"title": "FsCreateDirectoryParams",
"type": "object"
}

6
codex-rs/app-server-protocol/schema/json/v2/FsCreateDirectoryResponse.json Normal file
View File

@@ -0,0 +1,6 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "Successful response for `fs/createDirectory`.",
"title": "FsCreateDirectoryResponse",
"type": "object"
}

25
codex-rs/app-server-protocol/schema/json/v2/FsGetMetadataParams.json Normal file
View File

@@ -0,0 +1,25 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AbsolutePathBuf": {
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
}
},
"description": "Request metadata for an absolute path.",
"properties": {
"path": {
"allOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
}
],
"description": "Absolute path to inspect."
}
},
"required": [
"path"
],
"title": "FsGetMetadataParams",
"type": "object"
}

32
codex-rs/app-server-protocol/schema/json/v2/FsGetMetadataResponse.json Normal file
View File

@@ -0,0 +1,32 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "Metadata returned by `fs/getMetadata`.",
"properties": {
"createdAtMs": {
"description": "File creation time in Unix milliseconds when available, otherwise `0`.",
"format": "int64",
"type": "integer"
},
"isDirectory": {
"description": "Whether the path currently resolves to a directory.",
"type": "boolean"
},
"isFile": {
"description": "Whether the path currently resolves to a regular file.",
"type": "boolean"
},
"modifiedAtMs": {
"description": "File modification time in Unix milliseconds when available, otherwise `0`.",
"format": "int64",
"type": "integer"
}
},
"required": [
"createdAtMs",
"isDirectory",
"isFile",
"modifiedAtMs"
],
"title": "FsGetMetadataResponse",
"type": "object"
}

25
codex-rs/app-server-protocol/schema/json/v2/FsReadDirectoryParams.json Normal file
View File

@@ -0,0 +1,25 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AbsolutePathBuf": {
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
}
},
"description": "List direct child names for a directory.",
"properties": {
"path": {
"allOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
}
],
"description": "Absolute directory path to read."
}
},
"required": [
"path"
],
"title": "FsReadDirectoryParams",
"type": "object"
}

43
codex-rs/app-server-protocol/schema/json/v2/FsReadDirectoryResponse.json Normal file
View File

@@ -0,0 +1,43 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"FsReadDirectoryEntry": {
"description": "A directory entry returned by `fs/readDirectory`.",
"properties": {
"fileName": {
"description": "Direct child entry name only, not an absolute or relative path.",
"type": "string"
},
"isDirectory": {
"description": "Whether this entry resolves to a directory.",
"type": "boolean"
},
"isFile": {
"description": "Whether this entry resolves to a regular file.",
"type": "boolean"
}
},
"required": [
"fileName",
"isDirectory",
"isFile"
],
"type": "object"
}
},
"description": "Directory entries returned by `fs/readDirectory`.",
"properties": {
"entries": {
"description": "Direct child entries in the requested directory.",
"items": {
"$ref": "#/definitions/FsReadDirectoryEntry"
},
"type": "array"
}
},
"required": [
"entries"
],
"title": "FsReadDirectoryResponse",
"type": "object"
}

25
codex-rs/app-server-protocol/schema/json/v2/FsReadFileParams.json Normal file
View File

@@ -0,0 +1,25 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AbsolutePathBuf": {
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
}
},
"description": "Read a file from the host filesystem.",
"properties": {
"path": {
"allOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
}
],
"description": "Absolute path to read."
}
},
"required": [
"path"
],
"title": "FsReadFileParams",
"type": "object"
}

15
codex-rs/app-server-protocol/schema/json/v2/FsReadFileResponse.json Normal file
View File

@@ -0,0 +1,15 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "Base64-encoded file contents returned by `fs/readFile`.",
"properties": {
"dataBase64": {
"description": "File contents encoded as base64.",
"type": "string"
}
},
"required": [
"dataBase64"
],
"title": "FsReadFileResponse",
"type": "object"
}

39
codex-rs/app-server-protocol/schema/json/v2/FsRemoveParams.json Normal file
View File

@@ -0,0 +1,39 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AbsolutePathBuf": {
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
}
},
"description": "Remove a file or directory tree from the host filesystem.",
"properties": {
"force": {
"description": "Whether missing paths should be ignored. Defaults to `true`.",
"type": [
"boolean",
"null"
]
},
"path": {
"allOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
}
],
"description": "Absolute path to remove."
},
"recursive": {
"description": "Whether directory removal should recurse. Defaults to `true`.",
"type": [
"boolean",
"null"
]
}
},
"required": [
"path"
],
"title": "FsRemoveParams",
"type": "object"
}

6
codex-rs/app-server-protocol/schema/json/v2/FsRemoveResponse.json Normal file
View File

@@ -0,0 +1,6 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "Successful response for `fs/remove`.",
"title": "FsRemoveResponse",
"type": "object"
}

30
codex-rs/app-server-protocol/schema/json/v2/FsWriteFileParams.json Normal file
View File

@@ -0,0 +1,30 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AbsolutePathBuf": {
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
}
},
"description": "Write a file on the host filesystem.",
"properties": {
"dataBase64": {
"description": "File contents encoded as base64.",
"type": "string"
},
"path": {
"allOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
}
],
"description": "Absolute path to write."
}
},
"required": [
"dataBase64",
"path"
],
"title": "FsWriteFileParams",
"type": "object"
}

6
codex-rs/app-server-protocol/schema/json/v2/FsWriteFileResponse.json Normal file
View File

@@ -0,0 +1,6 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "Successful response for `fs/writeFile`.",
"title": "FsWriteFileResponse",
"type": "object"
}

84
codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json Normal file
View File

@@ -0,0 +1,84 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"GuardianApprovalReview": {
"description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"properties": {
"rationale": {
"type": [
"string",
"null"
]
},
"riskLevel": {
"anyOf": [
{
"$ref": "#/definitions/GuardianRiskLevel"
},
{
"type": "null"
}
]
},
"riskScore": {
"format": "uint8",
"minimum": 0.0,
"type": [
"integer",
"null"
]
},
"status": {
"$ref": "#/definitions/GuardianApprovalReviewStatus"
}
},
"required": [
"status"
],
"type": "object"
},
"GuardianApprovalReviewStatus": {
"description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
"enum": [
"inProgress",
"approved",
"denied",
"aborted"
],
"type": "string"
},
"GuardianRiskLevel": {
"description": "[UNSTABLE] Risk level assigned by guardian approval review.",
"enum": [
"low",
"medium",
"high"
],
"type": "string"
}
},
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
"properties": {
"action": true,
"review": {
"$ref": "#/definitions/GuardianApprovalReview"
},
"targetItemId": {
"type": "string"
},
"threadId": {
"type": "string"
},
"turnId": {
"type": "string"
}
},
"required": [
"review",
"targetItemId",
"threadId",
"turnId"
],
"title": "ItemGuardianApprovalReviewCompletedNotification",
"type": "object"
}

84
codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json Normal file
View File

@@ -0,0 +1,84 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"GuardianApprovalReview": {
"description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"properties": {
"rationale": {
"type": [
"string",
"null"
]
},
"riskLevel": {
"anyOf": [
{
"$ref": "#/definitions/GuardianRiskLevel"
},
{
"type": "null"
}
]
},
"riskScore": {
"format": "uint8",
"minimum": 0.0,
"type": [
"integer",
"null"
]
},
"status": {
"$ref": "#/definitions/GuardianApprovalReviewStatus"
}
},
"required": [
"status"
],
"type": "object"
},
"GuardianApprovalReviewStatus": {
"description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
"enum": [
"inProgress",
"approved",
"denied",
"aborted"
],
"type": "string"
},
"GuardianRiskLevel": {
"description": "[UNSTABLE] Risk level assigned by guardian approval review.",
"enum": [
"low",
"medium",
"high"
],
"type": "string"
}
},
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
"properties": {
"action": true,
"review": {
"$ref": "#/definitions/GuardianApprovalReview"
},
"targetItemId": {
"type": "string"
},
"threadId": {
"type": "string"
},
"turnId": {
"type": "string"
}
},
"required": [
"review",
"targetItemId",
"threadId",
"turnId"
],
"title": "ItemGuardianApprovalReviewStartedNotification",
"type": "object"
}

2
codex-rs/app-server-protocol/schema/json/v2/PluginInstallResponse.json
View File

@@ -2,7 +2,7 @@
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AppSummary": {
"description": "EXPERIMENTAL - app metadata summary for plugin-install responses.",
"description": "EXPERIMENTAL - app metadata summary for plugin responses.",
"properties": {
"description": {
"type": [

23
codex-rs/app-server-protocol/schema/json/v2/PluginReadParams.json Normal file
View File

@@ -0,0 +1,23 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AbsolutePathBuf": {
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
}
},
"properties": {
"marketplacePath": {
"$ref": "#/definitions/AbsolutePathBuf"
},
"pluginName": {
"type": "string"
}
},
"required": [
"marketplacePath",
"pluginName"
],
"title": "PluginReadParams",
"type": "object"
}

354
codex-rs/app-server-protocol/schema/json/v2/PluginReadResponse.json Normal file
View File

@@ -0,0 +1,354 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AbsolutePathBuf": {
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
},
"AppSummary": {
"description": "EXPERIMENTAL - app metadata summary for plugin responses.",
"properties": {
"description": {
"type": [
"string",
"null"
]
},
"id": {
"type": "string"
},
"installUrl": {
"type": [
"string",
"null"
]
},
"name": {
"type": "string"
}
},
"required": [
"id",
"name"
],
"type": "object"
},
"PluginAuthPolicy": {
"enum": [
"ON_INSTALL",
"ON_USE"
],
"type": "string"
},
"PluginDetail": {
"properties": {
"apps": {
"items": {
"$ref": "#/definitions/AppSummary"
},
"type": "array"
},
"description": {
"type": [
"string",
"null"
]
},
"marketplaceName": {
"type": "string"
},
"marketplacePath": {
"$ref": "#/definitions/AbsolutePathBuf"
},
"mcpServers": {
"items": {
"type": "string"
},
"type": "array"
},
"skills": {
"items": {
"$ref": "#/definitions/SkillSummary"
},
"type": "array"
},
"summary": {
"$ref": "#/definitions/PluginSummary"
}
},
"required": [
"apps",
"marketplaceName",
"marketplacePath",
"mcpServers",
"skills",
"summary"
],
"type": "object"
},
"PluginInstallPolicy": {
"enum": [
"NOT_AVAILABLE",
"AVAILABLE",
"INSTALLED_BY_DEFAULT"
],
"type": "string"
},
"PluginInterface": {
"properties": {
"brandColor": {
"type": [
"string",
"null"
]
},
"capabilities": {
"items": {
"type": "string"
},
"type": "array"
},
"category": {
"type": [
"string",
"null"
]
},
"composerIcon": {
"anyOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
},
{
"type": "null"
}
]
},
"defaultPrompt": {
"type": [
"string",
"null"
]
},
"developerName": {
"type": [
"string",
"null"
]
},
"displayName": {
"type": [
"string",
"null"
]
},
"logo": {
"anyOf": [
{
"$ref": "#/definitions/AbsolutePathBuf"
},
{
"type": "null"
}
]
},
"longDescription": {
"type": [
"string",
"null"
]
},
"privacyPolicyUrl": {
"type": [
"string",
"null"
]
},
"screenshots": {
"items": {
"$ref": "#/definitions/AbsolutePathBuf"
},
"type": "array"
},
"shortDescription": {
"type": [
"string",
"null"
]
},
"termsOfServiceUrl": {
"type": [
"string",
"null"
]
},
"websiteUrl": {
"type": [
"string",
"null"
]
}
},
"required": [
"capabilities",
"screenshots"
],
"type": "object"
},
"PluginSource": {
"oneOf": [
{
"properties": {
"path": {
"$ref": "#/definitions/AbsolutePathBuf"
},
"type": {
"enum": [
"local"
],
"title": "LocalPluginSourceType",
"type": "string"
}
},
"required": [
"path",
"type"
],
"title": "LocalPluginSource",
"type": "object"
}
]
},
"PluginSummary": {
"properties": {
"authPolicy": {
"$ref": "#/definitions/PluginAuthPolicy"
},
"enabled": {
"type": "boolean"
},
"id": {
"type": "string"
},
"installPolicy": {
"$ref": "#/definitions/PluginInstallPolicy"
},
"installed": {
"type": "boolean"
},
"interface": {
"anyOf": [
{
"$ref": "#/definitions/PluginInterface"
},
{
"type": "null"
}
]
},
"name": {
"type": "string"
},
"source": {
"$ref": "#/definitions/PluginSource"
}
},
"required": [
"authPolicy",
"enabled",
"id",
"installPolicy",
"installed",
"name",
"source"
],
"type": "object"
},
"SkillInterface": {
"properties": {
"brandColor": {
"type": [
"string",
"null"
]
},
"defaultPrompt": {
"type": [
"string",
"null"
]
},
"displayName": {
"type": [
"string",
"null"
]
},
"iconLarge": {
"type": [
"string",
"null"
]
},
"iconSmall": {
"type": [
"string",
"null"
]
},
"shortDescription": {
"type": [
"string",
"null"
]
}
},
"type": "object"
},
"SkillSummary": {
"properties": {
"description": {
"type": "string"
},
"interface": {
"anyOf": [
{
"$ref": "#/definitions/SkillInterface"
},
{
"type": "null"
}
]
},
"name": {
"type": "string"
},
"path": {
"type": "string"
},
"shortDescription": {
"type": [
"string",
"null"
]
}
},
"required": [
"description",
"name",
"path"
],
"type": "object"
}
},
"properties": {
"plugin": {
"$ref": "#/definitions/PluginDetail"
}
},
"required": [
"plugin"
],
"title": "PluginReadResponse",
"type": "object"
}

25
codex-rs/app-server-protocol/schema/json/v2/ThreadForkParams.json
View File

@@ -1,6 +1,14 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"ApprovalsReviewer": {
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
"enum": [
"user",
"guardian_subagent"
],
"type": "string"
},
"AskForApproval": {
"oneOf": [
{
@@ -15,7 +23,7 @@
{
"additionalProperties": false,
"properties": {
"reject": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
@@ -44,9 +52,9 @@
}
},
"required": [
"reject"
"granular"
],
"title": "RejectAskForApproval",
"title": "GranularAskForApproval",
"type": "object"
}
]
@@ -79,6 +87,17 @@
}
]
},
"approvalsReviewer": {
"anyOf": [
{
"$ref": "#/definitions/ApprovalsReviewer"
},
{
"type": "null"
}
],
"description": "Override where approval requests are routed for review on this thread and subsequent turns."
},
"baseInstructions": {
"type": [
"string",

23
codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json
View File

@@ -5,6 +5,14 @@
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
},
"ApprovalsReviewer": {
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
"enum": [
"user",
"guardian_subagent"
],
"type": "string"
},
"AskForApproval": {
"oneOf": [
{
@@ -19,7 +27,7 @@
{
"additionalProperties": false,
"properties": {
"reject": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
@@ -48,9 +56,9 @@
}
},
"required": [
"reject"
"granular"
],
"title": "RejectAskForApproval",
"title": "GranularAskForApproval",
"type": "object"
}
]
@@ -1955,6 +1963,14 @@
"approvalPolicy": {
"$ref": "#/definitions/AskForApproval"
},
"approvalsReviewer": {
"allOf": [
{
"$ref": "#/definitions/ApprovalsReviewer"
}
],
"description": "Reviewer currently used for approval requests on this thread."
},
"cwd": {
"type": "string"
},
@@ -1993,6 +2009,7 @@
},
"required": [
"approvalPolicy",
"approvalsReviewer",
"cwd",
"model",
"modelProvider",

25
codex-rs/app-server-protocol/schema/json/v2/ThreadResumeParams.json
View File

@@ -1,6 +1,14 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"ApprovalsReviewer": {
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
"enum": [
"user",
"guardian_subagent"
],
"type": "string"
},
"AskForApproval": {
"oneOf": [
{
@@ -15,7 +23,7 @@
{
"additionalProperties": false,
"properties": {
"reject": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
@@ -44,9 +52,9 @@
}
},
"required": [
"reject"
"granular"
],
"title": "RejectAskForApproval",
"title": "GranularAskForApproval",
"type": "object"
}
]
@@ -1035,6 +1043,17 @@
}
]
},
"approvalsReviewer": {
"anyOf": [
{
"$ref": "#/definitions/ApprovalsReviewer"
},
{
"type": "null"
}
],
"description": "Override where approval requests are routed for review on this thread and subsequent turns."
},
"baseInstructions": {
"type": [
"string",

23
codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json
View File

@@ -5,6 +5,14 @@
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
},
"ApprovalsReviewer": {
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
"enum": [
"user",
"guardian_subagent"
],
"type": "string"
},
"AskForApproval": {
"oneOf": [
{
@@ -19,7 +27,7 @@
{
"additionalProperties": false,
"properties": {
"reject": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
@@ -48,9 +56,9 @@
}
},
"required": [
"reject"
"granular"
],
"title": "RejectAskForApproval",
"title": "GranularAskForApproval",
"type": "object"
}
]
@@ -1955,6 +1963,14 @@
"approvalPolicy": {
"$ref": "#/definitions/AskForApproval"
},
"approvalsReviewer": {
"allOf": [
{
"$ref": "#/definitions/ApprovalsReviewer"
}
],
"description": "Reviewer currently used for approval requests on this thread."
},
"cwd": {
"type": "string"
},
@@ -1993,6 +2009,7 @@
},
"required": [
"approvalPolicy",
"approvalsReviewer",
"cwd",
"model",
"modelProvider",

25
codex-rs/app-server-protocol/schema/json/v2/ThreadStartParams.json
View File

@@ -1,6 +1,14 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"ApprovalsReviewer": {
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
"enum": [
"user",
"guardian_subagent"
],
"type": "string"
},
"AskForApproval": {
"oneOf": [
{
@@ -15,7 +23,7 @@
{
"additionalProperties": false,
"properties": {
"reject": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
@@ -44,9 +52,9 @@
}
},
"required": [
"reject"
"granular"
],
"title": "RejectAskForApproval",
"title": "GranularAskForApproval",
"type": "object"
}
]
@@ -103,6 +111,17 @@
}
]
},
"approvalsReviewer": {
"anyOf": [
{
"$ref": "#/definitions/ApprovalsReviewer"
},
{
"type": "null"
}
],
"description": "Override where approval requests are routed for review on this thread and subsequent turns."
},
"baseInstructions": {
"type": [
"string",

23
codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json
View File

@@ -5,6 +5,14 @@
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
},
"ApprovalsReviewer": {
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
"enum": [
"user",
"guardian_subagent"
],
"type": "string"
},
"AskForApproval": {
"oneOf": [
{
@@ -19,7 +27,7 @@
{
"additionalProperties": false,
"properties": {
"reject": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
@@ -48,9 +56,9 @@
}
},
"required": [
"reject"
"granular"
],
"title": "RejectAskForApproval",
"title": "GranularAskForApproval",
"type": "object"
}
]
@@ -1955,6 +1963,14 @@
"approvalPolicy": {
"$ref": "#/definitions/AskForApproval"
},
"approvalsReviewer": {
"allOf": [
{
"$ref": "#/definitions/ApprovalsReviewer"
}
],
"description": "Reviewer currently used for approval requests on this thread."
},
"cwd": {
"type": "string"
},
@@ -1993,6 +2009,7 @@
},
"required": [
"approvalPolicy",
"approvalsReviewer",
"cwd",
"model",
"modelProvider",

25
codex-rs/app-server-protocol/schema/json/v2/TurnStartParams.json
View File

@@ -5,6 +5,14 @@
"description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
"type": "string"
},
"ApprovalsReviewer": {
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
"enum": [
"user",
"guardian_subagent"
],
"type": "string"
},
"AskForApproval": {
"oneOf": [
{
@@ -19,7 +27,7 @@
{
"additionalProperties": false,
"properties": {
"reject": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
@@ -48,9 +56,9 @@
}
},
"required": [
"reject"
"granular"
],
"title": "RejectAskForApproval",
"title": "GranularAskForApproval",
"type": "object"
}
]
@@ -502,6 +510,17 @@
],
"description": "Override the approval policy for this turn and subsequent turns."
},
"approvalsReviewer": {
"anyOf": [
{
"$ref": "#/definitions/ApprovalsReviewer"
},
{
"type": "null"
}
],
"description": "Override where approval requests are routed for review on this turn and subsequent turns."
},
"cwd": {
"description": "Override the working directory for this turn and subsequent turns.",
"type": [