Refactor config loading to use filesystem abstraction (#18209)

Initial pass propagating FileSystem through config loading.

codex-rs/config/src/config_toml.rs

@@ -29,7 +29,6 @@ use crate::types::WindowsToml;
 use codex_app_server_protocol::Tools;
 use codex_app_server_protocol::UserSavedConfig;
 use codex_features::FeaturesToml;
-use codex_git_utils::resolve_root_git_project_for_trust;
 use codex_model_provider_info::LEGACY_OLLAMA_CHAT_PROVIDER_ID;
 use codex_model_provider_info::LMSTUDIO_OSS_PROVIDER_ID;
 use codex_model_provider_info::ModelProviderInfo;
@@ -51,6 +50,7 @@ use codex_protocol::protocol::AskForApproval;
 use codex_protocol::protocol::ReadOnlyAccess;
 use codex_protocol::protocol::SandboxPolicy;
 use codex_utils_absolute_path::AbsolutePathBuf;
+use codex_utils_path::normalize_for_path_comparison;
 use schemars::JsonSchema;
 use serde::Deserialize;
 use serde::Deserializer;
@@ -601,7 +601,7 @@ impl ConfigToml {
         sandbox_mode_override: Option<SandboxMode>,
         profile_sandbox_mode: Option<SandboxMode>,
         windows_sandbox_level: WindowsSandboxLevel,
-        resolved_cwd: &Path,
+        active_project: Option<&ProjectConfig>,
         sandbox_policy_constraint: Option<&crate::Constrained<SandboxPolicy>>,
     ) -> SandboxPolicy {
         let sandbox_mode_was_explicit = sandbox_mode_override.is_some()
@@ -616,7 +616,7 @@ impl ConfigToml {
                 // If no sandbox_mode is set but this directory has a trust decision,
                 // default to workspace-write except on unsandboxed Windows where we
                 // default to read-only.
-                self.get_active_project(resolved_cwd).await.and_then(|p| {
+                active_project.and_then(|p| {
                     if p.is_trusted() || p.is_untrusted() {
                         if cfg!(target_os = "windows")
                             && windows_sandbox_level == WindowsSandboxLevel::Disabled
@@ -677,9 +677,13 @@ impl ConfigToml {
     }
 
     /// Resolves the cwd to an existing project, or returns None if ConfigToml
-    /// does not contain a project corresponding to cwd or a git repo for cwd
-    pub async fn get_active_project(&self, resolved_cwd: &Path) -> Option<ProjectConfig> {
-        let repo_root = resolve_root_git_project_for_trust(resolved_cwd).await;
+    /// does not contain a project corresponding to cwd or the resolved git repo
+    /// root for cwd.
+    pub fn get_active_project(
+        &self,
+        resolved_cwd: &Path,
+        repo_root: Option<&Path>,
+    ) -> Option<ProjectConfig> {
         let projects = self.projects.clone().unwrap_or_default();
 
         let resolved_cwd_key = project_trust_key(resolved_cwd);
@@ -691,10 +695,7 @@ impl ConfigToml {
             return Some(project_config.clone());
         }
 
-        // If cwd lives inside a git repo/worktree, check whether the root git project
-        // (the primary repository working directory) is trusted. This lets
-        // worktrees inherit trust from the main project.
-        if let Some(repo_root) = repo_root.as_deref() {
+        if let Some(repo_root) = repo_root {
             let repo_root_key = project_trust_key(repo_root);
             let repo_root_raw_key = repo_root.to_string_lossy().to_string();
             if let Some(project_config_for_root) = projects
@@ -734,7 +735,7 @@ impl ConfigToml {
 /// projects trust map. On Windows, strips UNC, when possible, to try to ensure
 /// that different paths that point to the same location have the same key.
 fn project_trust_key(project_path: &Path) -> String {
-    dunce::canonicalize(project_path)
+    normalize_for_path_comparison(project_path)
         .unwrap_or_else(|_| project_path.to_path_buf())
         .to_string_lossy()
         .to_string()