feat(app-server): gate permission confirmations by capability

Add initialize-time server request capabilities so app-server only sends conversational permission confirmation requests to clients that advertise support. Unsupported clients still fail closed without changing permissions, while capable clients receive the existing request/response flow for narrow grants and preset picker requests.
2026-04-28 08:34:54 +00:00 · 2026-04-12 17:25:23 -03:00
parent 408a8cf02c
commit 7da6b2e850
38 changed files with 670 additions and 75 deletions
--- a/codex-rs/app-server-protocol/schema/json/PermissionsRequestApprovalParams.json
+++ b/codex-rs/app-server-protocol/schema/json/PermissionsRequestApprovalParams.json
@@ -73,6 +73,7 @@
      "type": "object"
    }
  },
+  "description": "Request sent to app clients when a model asks for a narrow permission grant.\n\nThe client owns the confirmation UI and may return fewer permissions than requested. Treat `suggested_scope` as the model's requested lifetime, not as an already-approved scope.",
  "properties": {
    "itemId": {
      "type": "string"