clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-05-02 18:37:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Promote Windows Sandbox (#11341)

Browse Source 
1. Move Windows Sandbox NUX to right after trust directory screen
2. Don't offer read-only as an option in Sandbox NUX.
Elevated/Legacy/Quit
3. Don't allow new untrusted directories. It's trust or quit
4. move experimental sandbox features to `[windows]
sandbox="elevated|unelevatd"`
5. Copy tweaks = elevated -> default, non-elevated -> non-admin
This commit is contained in:
iceweasel-oai
2026-02-11 11:48:33 -08:00
committed by GitHub
parent 24e6adbda5
commit 87279de434
21 changed files with 727 additions and 395 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
codex-rs/tui/src/chatwidget/tests.rs
View File

@@ -4161,9 +4161,18 @@ async fn approvals_selection_popup_snapshot_windows_degraded_sandbox() {
chat.open_approvals_popup();
let popup = render_bottom_popup(&chat, 80);
insta::with_settings!({ snapshot_suffix => "windows_degraded" }, {
assert_snapshot!("approvals_selection_popup", popup);
});
assert!(
popup.contains("Default (non-admin sandbox)"),
"expected degraded sandbox label in approvals popup: {popup}"
);
assert!(
popup.contains("/setup-default-sandbox"),
"expected setup hint in approvals popup: {popup}"
);
assert!(
popup.contains("non-admin sandbox"),
"expected degraded sandbox note in approvals popup: {popup}"
);
}
#[tokio::test]
@@ -4216,8 +4225,12 @@ async fn windows_auto_mode_prompt_requests_enabling_sandbox_feature() {
let popup = render_bottom_popup(&chat, 120);
assert!(
popup.contains("requires elevation"),
"expected auto mode prompt to mention elevation, popup: {popup}"
popup.contains("requires Administrator permissions"),
"expected auto mode prompt to mention Administrator permissions, popup: {popup}"
);
assert!(
popup.contains("Use non-admin sandbox"),
"expected auto mode prompt to include non-admin fallback option, popup: {popup}"
);
}
@@ -4228,22 +4241,40 @@ async fn startup_prompts_for_windows_sandbox_when_agent_requested() {
chat.set_feature_enabled(Feature::WindowsSandbox, false);
chat.set_feature_enabled(Feature::WindowsSandboxElevated, false);
chat.config.forced_auto_mode_downgraded_on_windows = true;
chat.maybe_prompt_windows_sandbox_enable();
chat.maybe_prompt_windows_sandbox_enable(true);
let popup = render_bottom_popup(&chat, 120);
assert!(
popup.contains("requires elevation"),
"expected startup prompt to explain elevation: {popup}"
popup.contains("requires Administrator permissions"),
"expected startup prompt to mention Administrator permissions: {popup}"
);
assert!(
popup.contains("Set up agent sandbox"),
"expected startup prompt to offer agent sandbox setup: {popup}"
popup.contains("Set up default sandbox"),
"expected startup prompt to offer default sandbox setup: {popup}"
);
assert!(
popup.contains("Stay in"),
"expected startup prompt to offer staying in current mode: {popup}"
popup.contains("Use non-admin sandbox"),
"expected startup prompt to offer non-admin fallback: {popup}"
);
assert!(
popup.contains("Quit"),
"expected startup prompt to offer quit action: {popup}"
);
}
#[cfg(target_os = "windows")]
#[tokio::test]
async fn startup_does_not_prompt_for_windows_sandbox_when_not_requested() {
let (mut chat, _rx, _op_rx) = make_chatwidget_manual(None).await;
chat.set_feature_enabled(Feature::WindowsSandbox, false);
chat.set_feature_enabled(Feature::WindowsSandboxElevated, false);
chat.maybe_prompt_windows_sandbox_enable(false);
assert!(
chat.bottom_pane.no_modal_or_popup_active(),
"expected no startup sandbox NUX popup when startup trigger is false"
);
}