diff --git a/codex-rs/execpolicy2/README.md b/codex-rs/execpolicy2/README.md index dc65f29508..9f54a174be 100644 --- a/codex-rs/execpolicy2/README.md +++ b/codex-rs/execpolicy2/README.md @@ -51,7 +51,7 @@ cargo run -p codex-execpolicy2 -- check git status ``` - Use a specific policy file instead of the default: ```bash -cargo run -p codex-execpolicy2 -- --policy path/to/policy.star check git status +cargo run -p codex-execpolicy2 -- --policy path/to/policy.codexpolicy check git status ``` - Example outcomes: - Match: `{"Match": { ... "decision": "allow" ... }}` diff --git a/codex-rs/execpolicy2/src/default.policy b/codex-rs/execpolicy2/src/default.codexpolicy similarity index 100% rename from codex-rs/execpolicy2/src/default.policy rename to codex-rs/execpolicy2/src/default.codexpolicy diff --git a/codex-rs/execpolicy2/src/lib.rs b/codex-rs/execpolicy2/src/lib.rs index adee2ea731..af370a17f4 100644 --- a/codex-rs/execpolicy2/src/lib.rs +++ b/codex-rs/execpolicy2/src/lib.rs @@ -15,7 +15,7 @@ pub use rule::RuleMatch; /// Load the default bundled policy. pub fn load_default_policy() -> Result { - let policy_src = include_str!("default.policy"); - let parser = PolicyParser::new("default.policy", policy_src); + let policy_src = include_str!("default.codexpolicy"); + let parser = PolicyParser::new("default.codexpolicy", policy_src); parser.parse() } diff --git a/codex-rs/execpolicy2/tests/basic.rs b/codex-rs/execpolicy2/tests/basic.rs index f21cd53c01..18daa63340 100644 --- a/codex-rs/execpolicy2/tests/basic.rs +++ b/codex-rs/execpolicy2/tests/basic.rs @@ -24,7 +24,7 @@ prefix_rule( pattern = ["git", "status"], ) "#; - let policy = PolicyParser::new("test.policy", policy_src) + let policy = PolicyParser::new("test.codexpolicy", policy_src) .parse() .expect("parse policy"); let cmd = tokens(&["git", "status"]); @@ -45,7 +45,7 @@ prefix_rule( pattern = [["bash", "sh"], ["-c", "-l"]], ) "#; - let parser = PolicyParser::new("test.policy", policy_src); + let parser = PolicyParser::new("test.codexpolicy", policy_src); let policy = parser.parse().expect("parse policy"); let bash_rules = policy.rules().get_vec("bash").expect("bash rules"); @@ -81,7 +81,7 @@ prefix_rule( pattern = ["npm", ["i", "install"], ["--legacy-peer-deps", "--no-save"]], ) "#; - let parser = PolicyParser::new("test.policy", policy_src); + let parser = PolicyParser::new("test.codexpolicy", policy_src); let policy = parser.parse().expect("parse policy"); let rules = policy.rules().get_vec("npm").expect("npm rules"); @@ -116,7 +116,7 @@ prefix_rule( not_match = [["git", "--config", "color.status=always", "status"]], ) "#; - let parser = PolicyParser::new("test.policy", policy_src); + let parser = PolicyParser::new("test.codexpolicy", policy_src); let policy = parser.parse().expect("parse policy"); let match_eval = policy.check(&tokens(&["git", "status"])); expect![[r#"Match { @@ -152,7 +152,7 @@ prefix_rule( decision = "forbidden", ) "#; - let parser = PolicyParser::new("test.policy", policy_src); + let parser = PolicyParser::new("test.codexpolicy", policy_src); let policy = parser.parse().expect("parse policy"); let status = policy.check(&tokens(&["git", "status"]));