Chore: add cmd related info to exec approval request (#9659)

### Summary We now rely purely on `item/commandExecution/requestApproval` item to render pending approval in VSCE and app. With v2 approach, it does not include the actual cmd that it is attempting and therefore we can only use `proposedExecpolicyAmendment` to render which can be incomplete. ### Reproduce * Add `prefix_rule(pattern=["echo"], decision="prompt")` to your `~/.codex/rules.default.rules`. * Ask to `Run echo "approval-test" please` in VSCE or app. * The pending approval protal does show up but with no content #### Example screenshot <img width="3434" height="3648" alt="Screenshot 2026-01-21 at 8 23 25 PM" src="https://github.com/user-attachments/assets/75644837-21f1-40f8-8b02-858d361ff817" /> #### Sample output ``` {"method":"item/commandExecution/requestApproval","id":0,"params":{ "threadId":"019be439-5a90-7600-a7ea-2d2dcc50302a", "turnId":"0", "itemId":"call_usgnQ4qEX5U9roNdjT7fPzhb", "reason":"`/bin/zsh -lc 'echo \"testing\"'` requires approval by policy", "proposedExecpolicyAmendment":null }} ``` ### Fix Inlude `command` string, `cwd` and `command_actions` in `CommandExecutionRequestApprovalParams` so that consumers can display the correct command instead of relying on exec policy output.
2026-02-01 14:44:17 +00:00 · 2026-01-21 23:58:53 -08:00
parent 079fd2adb9
commit a4cb97ba5a
4 changed files with 30 additions and 1 deletions
--- a/codex-rs/app-server-protocol/src/protocol/v2.rs
+++ b/codex-rs/app-server-protocol/src/protocol/v2.rs
@@ -2263,6 +2263,18 @@ pub struct CommandExecutionRequestApprovalParams {
    pub item_id: String,
    /// Optional explanatory reason (e.g. request for network access).
    pub reason: Option<String>,
+    /// The command to be executed.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
+    pub command: Option<String>,
+    /// The command's working directory.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
+    pub cwd: Option<PathBuf>,
+    /// Best-effort parsed command actions for friendly display.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
+    pub command_actions: Option<Vec<CommandAction>>,
    /// Optional proposed execpolicy amendment to allow similar commands without prompting.
    pub proposed_execpolicy_amendment: Option<ExecPolicyAmendment>,
 }
--- a/codex-rs/app-server-test-client/src/main.rs
+++ b/codex-rs/app-server-test-client/src/main.rs
@@ -842,6 +842,9 @@ impl CodexClient {
            turn_id,
            item_id,
            reason,
+            command,
+            cwd,
+            command_actions,
            proposed_execpolicy_amendment,
        } = params;

@@ -851,6 +854,17 @@ impl CodexClient {
        if let Some(reason) = reason.as_deref() {
            println!("< reason: {reason}");
        }
+        if let Some(command) = command.as_deref() {
+            println!("< command: {command}");
+        }
+        if let Some(cwd) = cwd.as_ref() {
+            println!("< cwd: {}", cwd.display());
+        }
+        if let Some(command_actions) = command_actions.as_ref()
+            && !command_actions.is_empty()
+        {
+            println!("< command actions: {command_actions:?}");
+        }
        if let Some(execpolicy_amendment) = proposed_execpolicy_amendment.as_ref() {
            println!("< proposed execpolicy amendment: {execpolicy_amendment:?}");
        }
--- a/codex-rs/app-server/README.md
+++ b/codex-rs/app-server/README.md
@@ -445,7 +445,7 @@ Certain actions (shell commands or modifying files) may require explicit user ap
 Order of messages:

 1. `item/started` — shows the pending `commandExecution` item with `command`, `cwd`, and other fields so you can render the proposed action.
-2. `item/commandExecution/requestApproval` (request) — carries the same `itemId`, `threadId`, `turnId`, optionally `reason` or `risk`, plus `parsedCmd` for friendly display.
+2. `item/commandExecution/requestApproval` (request) — carries the same `itemId`, `threadId`, `turnId`, optionally `reason`, plus `command`, `cwd`, and `commandActions` for friendly display.
 3. Client response — `{ "decision": "accept", "acceptSettings": { "forSession": false } }` or `{ "decision": "decline" }`.
 4. `item/completed` — final `commandExecution` item with `status: "completed" | "failed" | "declined"` and execution output. Render this as the authoritative result.

--- a/codex-rs/app-server/src/bespoke_event_handling.rs
+++ b/codex-rs/app-server/src/bespoke_event_handling.rs
@@ -241,6 +241,9 @@ pub(crate) async fn apply_bespoke_event_handling(
                    // and emit the corresponding EventMsg, we repurpose the call_id as the item_id.
                    item_id: item_id.clone(),
                    reason,
+                    command: Some(command_string.clone()),
+                    cwd: Some(cwd.clone()),
+                    command_actions: Some(command_actions.clone()),
                    proposed_execpolicy_amendment: proposed_execpolicy_amendment_v2,
                };
                let rx = outgoing