mirror of
https://github.com/openai/codex.git
synced 2026-05-01 01:47:18 +00:00
execpolicy2 extension (#6627)
- enabling execpolicy2 parser to parse multiple policy files to build a combined `Policy` (useful if codex detects many `.codexpolicy` files) - adding functionality to `Policy` to allow evaluation of multiple cmds at once (useful when we have chained commands)
This commit is contained in:
zhao-oai
@@ -45,10 +45,15 @@ prefix_rule(
|
||||
- The effective `decision` is the strictest severity across all matches (`forbidden` > `prompt` > `allow`).
|
||||
|
||||
## CLI
|
||||
- Provide a policy file (for example `src/default.codexpolicy`) to check a command:
|
||||
- Provide one or more policy files (for example `src/default.codexpolicy`) to check a command:
|
||||
```bash
|
||||
cargo run -p codex-execpolicy2 -- check --policy path/to/policy.codexpolicy git status
|
||||
```
|
||||
- Pass multiple `--policy` flags to merge rules, evaluated in the order provided:
|
||||
```bash
|
||||
cargo run -p codex-execpolicy2 -- check --policy base.codexpolicy --policy overrides.codexpolicy git status
|
||||
```
|
||||
- Output is newline-delimited JSON by default; pass `--pretty` for pretty-printed JSON if desired.
|
||||
- Example outcomes:
|
||||
- Match: `{"match": { ... "decision": "allow" ... }}`
|
||||
- No match: `"noMatch"`
|
||||
|
||||
Reference in New Issue
Block a user