clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-06-02 11:22:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Guardian -> Auto-Review (#18021)

Browse Source 
This PR is a user-facing change for our rebranding of guardian to
auto-review.
This commit is contained in:
Won Park
2026-04-17 09:56:24 -07:00
committed by GitHub
parent d0eff70383
commit af7b8d551c
21 changed files with 85 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
codex-rs/app-server-protocol/schema/json/ServerNotification.json
View File

@@ -389,7 +389,7 @@
]
},
"AutoReviewDecisionSource": {
"description": "[UNSTABLE] Source that produced a terminal guardian approval review decision.",
"description": "[UNSTABLE] Source that produced a terminal approval auto-review decision.",
"enum": [
"agent"
],
@@ -1138,7 +1138,7 @@
"type": "object"
},
"GuardianApprovalReview": {
"description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary approval auto-review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"properties": {
"rationale": {
"type": [
@@ -1346,7 +1346,7 @@
]
},
"GuardianApprovalReviewStatus": {
"description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
"description": "[UNSTABLE] Lifecycle state for an approval auto-review.",
"enum": [
"inProgress",
"approved",
@@ -1364,7 +1364,7 @@
"type": "string"
},
"GuardianRiskLevel": {
"description": "[UNSTABLE] Risk level assigned by guardian approval review.",
"description": "[UNSTABLE] Risk level assigned by approval auto-review.",
"enum": [
"low",
"medium",
@@ -1374,7 +1374,7 @@
"type": "string"
},
"GuardianUserAuthorization": {
"description": "[UNSTABLE] Authorization level assigned by guardian approval review.",
"description": "[UNSTABLE] Authorization level assigned by approval auto-review.",
"enum": [
"unknown",
"low",
@@ -1621,7 +1621,7 @@
"type": "object"
},
"ItemGuardianApprovalReviewCompletedNotification": {
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary notification payload for approval auto-review. This shape is expected to change soon.",
"properties": {
"action": {
"$ref": "#/definitions/GuardianApprovalReviewAction"
@@ -1661,7 +1661,7 @@
"type": "object"
},
"ItemGuardianApprovalReviewStartedNotification": {
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary notification payload for approval auto-review. This shape is expected to change soon.",
"properties": {
"action": {
"$ref": "#/definitions/GuardianApprovalReviewAction"

14
codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json
View File

@@ -5661,7 +5661,7 @@
]
},
"AutoReviewDecisionSource": {
"description": "[UNSTABLE] Source that produced a terminal guardian approval review decision.",
"description": "[UNSTABLE] Source that produced a terminal approval auto-review decision.",
"enum": [
"agent"
],
@@ -8238,7 +8238,7 @@
"type": "object"
},
"GuardianApprovalReview": {
"description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary approval auto-review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"properties": {
"rationale": {
"type": [
@@ -8446,7 +8446,7 @@
]
},
"GuardianApprovalReviewStatus": {
"description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
"description": "[UNSTABLE] Lifecycle state for an approval auto-review.",
"enum": [
"inProgress",
"approved",
@@ -8464,7 +8464,7 @@
"type": "string"
},
"GuardianRiskLevel": {
"description": "[UNSTABLE] Risk level assigned by guardian approval review.",
"description": "[UNSTABLE] Risk level assigned by approval auto-review.",
"enum": [
"low",
"medium",
@@ -8474,7 +8474,7 @@
"type": "string"
},
"GuardianUserAuthorization": {
"description": "[UNSTABLE] Authorization level assigned by guardian approval review.",
"description": "[UNSTABLE] Authorization level assigned by approval auto-review.",
"enum": [
"unknown",
"low",
@@ -8756,7 +8756,7 @@
},
"ItemGuardianApprovalReviewCompletedNotification": {
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary notification payload for approval auto-review. This shape is expected to change soon.",
"properties": {
"action": {
"$ref": "#/definitions/v2/GuardianApprovalReviewAction"
@@ -8798,7 +8798,7 @@
},
"ItemGuardianApprovalReviewStartedNotification": {
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary notification payload for approval auto-review. This shape is expected to change soon.",
"properties": {
"action": {
"$ref": "#/definitions/v2/GuardianApprovalReviewAction"

14
codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json
View File

@@ -716,7 +716,7 @@
]
},
"AutoReviewDecisionSource": {
"description": "[UNSTABLE] Source that produced a terminal guardian approval review decision.",
"description": "[UNSTABLE] Source that produced a terminal approval auto-review decision.",
"enum": [
"agent"
],
@@ -4946,7 +4946,7 @@
"type": "object"
},
"GuardianApprovalReview": {
"description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary approval auto-review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"properties": {
"rationale": {
"type": [
@@ -5154,7 +5154,7 @@
]
},
"GuardianApprovalReviewStatus": {
"description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
"description": "[UNSTABLE] Lifecycle state for an approval auto-review.",
"enum": [
"inProgress",
"approved",
@@ -5172,7 +5172,7 @@
"type": "string"
},
"GuardianRiskLevel": {
"description": "[UNSTABLE] Risk level assigned by guardian approval review.",
"description": "[UNSTABLE] Risk level assigned by approval auto-review.",
"enum": [
"low",
"medium",
@@ -5182,7 +5182,7 @@
"type": "string"
},
"GuardianUserAuthorization": {
"description": "[UNSTABLE] Authorization level assigned by guardian approval review.",
"description": "[UNSTABLE] Authorization level assigned by approval auto-review.",
"enum": [
"unknown",
"low",
@@ -5508,7 +5508,7 @@
},
"ItemGuardianApprovalReviewCompletedNotification": {
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary notification payload for approval auto-review. This shape is expected to change soon.",
"properties": {
"action": {
"$ref": "#/definitions/GuardianApprovalReviewAction"
@@ -5550,7 +5550,7 @@
},
"ItemGuardianApprovalReviewStartedNotification": {
"$schema": "http://json-schema.org/draft-07/schema#",
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary notification payload for approval auto-review. This shape is expected to change soon.",
"properties": {
"action": {
"$ref": "#/definitions/GuardianApprovalReviewAction"

12
codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json
View File

@@ -6,14 +6,14 @@
"type": "string"
},
"AutoReviewDecisionSource": {
"description": "[UNSTABLE] Source that produced a terminal guardian approval review decision.",
"description": "[UNSTABLE] Source that produced a terminal approval auto-review decision.",
"enum": [
"agent"
],
"type": "string"
},
"GuardianApprovalReview": {
"description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary approval auto-review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"properties": {
"rationale": {
"type": [
@@ -221,7 +221,7 @@
]
},
"GuardianApprovalReviewStatus": {
"description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
"description": "[UNSTABLE] Lifecycle state for an approval auto-review.",
"enum": [
"inProgress",
"approved",
@@ -239,7 +239,7 @@
"type": "string"
},
"GuardianRiskLevel": {
"description": "[UNSTABLE] Risk level assigned by guardian approval review.",
"description": "[UNSTABLE] Risk level assigned by approval auto-review.",
"enum": [
"low",
"medium",
@@ -249,7 +249,7 @@
"type": "string"
},
"GuardianUserAuthorization": {
"description": "[UNSTABLE] Authorization level assigned by guardian approval review.",
"description": "[UNSTABLE] Authorization level assigned by approval auto-review.",
"enum": [
"unknown",
"low",
@@ -268,7 +268,7 @@
"type": "string"
}
},
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary notification payload for approval auto-review. This shape is expected to change soon.",
"properties": {
"action": {
"$ref": "#/definitions/GuardianApprovalReviewAction"

10
codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json
View File

@@ -6,7 +6,7 @@
"type": "string"
},
"GuardianApprovalReview": {
"description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary approval auto-review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"properties": {
"rationale": {
"type": [
@@ -214,7 +214,7 @@
]
},
"GuardianApprovalReviewStatus": {
"description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
"description": "[UNSTABLE] Lifecycle state for an approval auto-review.",
"enum": [
"inProgress",
"approved",
@@ -232,7 +232,7 @@
"type": "string"
},
"GuardianRiskLevel": {
"description": "[UNSTABLE] Risk level assigned by guardian approval review.",
"description": "[UNSTABLE] Risk level assigned by approval auto-review.",
"enum": [
"low",
"medium",
@@ -242,7 +242,7 @@
"type": "string"
},
"GuardianUserAuthorization": {
"description": "[UNSTABLE] Authorization level assigned by guardian approval review.",
"description": "[UNSTABLE] Authorization level assigned by approval auto-review.",
"enum": [
"unknown",
"low",
@@ -261,7 +261,7 @@
"type": "string"
}
},
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
"description": "[UNSTABLE] Temporary notification payload for approval auto-review. This shape is expected to change soon.",
"properties": {
"action": {
"$ref": "#/definitions/GuardianApprovalReviewAction"

2
codex-rs/app-server-protocol/schema/typescript/v2/AutoReviewDecisionSource.ts
View File

@@ -3,6 +3,6 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
/**
* [UNSTABLE] Source that produced a terminal guardian approval review decision.
* [UNSTABLE] Source that produced a terminal approval auto-review decision.
*/
export type AutoReviewDecisionSource = "agent";

2
codex-rs/app-server-protocol/schema/typescript/v2/GuardianApprovalReview.ts
View File

@@ -6,7 +6,7 @@ import type { GuardianRiskLevel } from "./GuardianRiskLevel";
import type { GuardianUserAuthorization } from "./GuardianUserAuthorization";
/**
* [UNSTABLE] Temporary guardian approval review payload used by
* [UNSTABLE] Temporary approval auto-review payload used by
* `item/autoApprovalReview/*` notifications. This shape is expected to change
* soon.
*/

2
codex-rs/app-server-protocol/schema/typescript/v2/GuardianApprovalReviewStatus.ts
View File

@@ -3,6 +3,6 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
/**
* [UNSTABLE] Lifecycle state for a guardian approval review.
* [UNSTABLE] Lifecycle state for an approval auto-review.
*/
export type GuardianApprovalReviewStatus = "inProgress" | "approved" | "denied" | "timedOut" | "aborted";

2
codex-rs/app-server-protocol/schema/typescript/v2/GuardianRiskLevel.ts
View File

@@ -3,6 +3,6 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
/**
* [UNSTABLE] Risk level assigned by guardian approval review.
* [UNSTABLE] Risk level assigned by approval auto-review.
*/
export type GuardianRiskLevel = "low" | "medium" | "high" | "critical";

2
codex-rs/app-server-protocol/schema/typescript/v2/GuardianUserAuthorization.ts
View File

@@ -3,6 +3,6 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
/**
* [UNSTABLE] Authorization level assigned by guardian approval review.
* [UNSTABLE] Authorization level assigned by approval auto-review.
*/
export type GuardianUserAuthorization = "unknown" | "low" | "medium" | "high";

4
codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewCompletedNotification.ts
View File

@@ -6,8 +6,8 @@ import type { GuardianApprovalReview } from "./GuardianApprovalReview";
import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewAction";
/**
* [UNSTABLE] Temporary notification payload for guardian automatic approval
* review. This shape is expected to change soon.
* [UNSTABLE] Temporary notification payload for approval auto-review. This
* shape is expected to change soon.
*/
export type ItemGuardianApprovalReviewCompletedNotification = { threadId: string, turnId: string,
/**

4
codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewStartedNotification.ts
View File

@@ -5,8 +5,8 @@ import type { GuardianApprovalReview } from "./GuardianApprovalReview";
import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewAction";
/**
* [UNSTABLE] Temporary notification payload for guardian automatic approval
* review. This shape is expected to change soon.
* [UNSTABLE] Temporary notification payload for approval auto-review. This
* shape is expected to change soon.
*/
export type ItemGuardianApprovalReviewStartedNotification = { threadId: string, turnId: string,
/**

18
codex-rs/app-server-protocol/src/protocol/v2.rs
View File

@@ -4722,7 +4722,7 @@ impl ThreadItem {
#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
#[serde(rename_all = "camelCase")]
#[ts(export_to = "v2/")]
/// [UNSTABLE] Lifecycle state for a guardian approval review.
/// [UNSTABLE] Lifecycle state for an approval auto-review.
pub enum GuardianApprovalReviewStatus {
InProgress,
Approved,
@@ -4734,7 +4734,7 @@ pub enum GuardianApprovalReviewStatus {
#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
#[serde(rename_all = "camelCase")]
#[ts(export_to = "v2/")]
/// [UNSTABLE] Source that produced a terminal guardian approval review decision.
/// [UNSTABLE] Source that produced a terminal approval auto-review decision.
pub enum AutoReviewDecisionSource {
Agent,
}
@@ -4750,7 +4750,7 @@ impl From<CoreGuardianAssessmentDecisionSource> for AutoReviewDecisionSource {
#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
#[serde(rename_all = "lowercase")]
#[ts(export_to = "v2/")]
/// [UNSTABLE] Risk level assigned by guardian approval review.
/// [UNSTABLE] Risk level assigned by approval auto-review.
pub enum GuardianRiskLevel {
Low,
Medium,
@@ -4772,7 +4772,7 @@ impl From<CoreGuardianRiskLevel> for GuardianRiskLevel {
#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
#[serde(rename_all = "lowercase")]
#[ts(export_to = "v2/")]
/// [UNSTABLE] Authorization level assigned by guardian approval review.
/// [UNSTABLE] Authorization level assigned by approval auto-review.
pub enum GuardianUserAuthorization {
Unknown,
Low,
@@ -4791,7 +4791,7 @@ impl From<CoreGuardianUserAuthorization> for GuardianUserAuthorization {
}
}
/// [UNSTABLE] Temporary guardian approval review payload used by
/// [UNSTABLE] Temporary approval auto-review payload used by
/// `item/autoApprovalReview/*` notifications. This shape is expected to change
/// soon.
#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
@@ -5504,8 +5504,8 @@ pub struct ItemStartedNotification {
#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
#[serde(rename_all = "camelCase")]
#[ts(export_to = "v2/")]
/// [UNSTABLE] Temporary notification payload for guardian automatic approval
/// review. This shape is expected to change soon.
/// [UNSTABLE] Temporary notification payload for approval auto-review. This
/// shape is expected to change soon.
pub struct ItemGuardianApprovalReviewStartedNotification {
pub thread_id: String,
pub turn_id: String,
@@ -5530,8 +5530,8 @@ pub struct ItemGuardianApprovalReviewStartedNotification {
#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
#[serde(rename_all = "camelCase")]
#[ts(export_to = "v2/")]
/// [UNSTABLE] Temporary notification payload for guardian automatic approval
/// review. This shape is expected to change soon.
/// [UNSTABLE] Temporary notification payload for approval auto-review. This
/// shape is expected to change soon.
pub struct ItemGuardianApprovalReviewCompletedNotification {
pub thread_id: String,
pub turn_id: String,

8
codex-rs/app-server/README.md
View File

@@ -500,7 +500,7 @@ You can optionally specify config overrides on the new turn. If specified, these
`approvalsReviewer` accepts:
- `"user"` — default. Review approval requests directly in the client.
- `"guardian_subagent"` — route approval requests to a carefully prompted subagent that gathers relevant context and applies a risk-based decision framework before approving or denying the request.
- `"guardian_subagent"` — route approval requests to a carefully prompted subagent, which gathers relevant context and applies a risk-based decision framework before approving or denying the request.
```json
{ "method": "turn/start", "id": 30, "params": {
@@ -1015,10 +1015,10 @@ All items emit shared lifecycle events:
- `item/started` — emits the full `item` when a new unit of work begins so the UI can render it immediately; the `item.id` in this payload matches the `itemId` used by deltas.
- `item/completed` — sends the final `item` once that work itself finishes (for example, after a tool call or message completes); treat this as the authoritative execution/result state.
- `item/autoApprovalReview/started` — [UNSTABLE] temporary guardian notification carrying `{threadId, turnId, targetItemId, review, action}` when guardian approval review begins. This shape is expected to change soon.
- `item/autoApprovalReview/completed` — [UNSTABLE] temporary guardian notification carrying `{threadId, turnId, targetItemId, review, action}` when guardian approval review resolves. This shape is expected to change soon.
- `item/autoApprovalReview/started` — [UNSTABLE] temporary auto-review notification carrying `{threadId, turnId, targetItemId, review, action}` when approval auto-review begins. This shape is expected to change soon.
- `item/autoApprovalReview/completed` — [UNSTABLE] temporary auto-review notification carrying `{threadId, turnId, targetItemId, review, action}` when approval auto-review resolves. This shape is expected to change soon.
`review` is [UNSTABLE] and currently has `{status, riskLevel?, userAuthorization?, rationale?}`, where `status` is one of `inProgress`, `approved`, `denied`, or `aborted`. `riskLevel` is one of `"low"`, `"medium"`, `"high"`, or `"critical"` when present. `userAuthorization` is one of `"unknown"`, `"low"`, `"medium"`, or `"high"` when present. `action` is a tagged union with `type: "command" | "execve" | "applyPatch" | "networkAccess" | "mcpToolCall"`. Command-like actions include a `source` discriminator (`"shell"` or `"unifiedExec"`). These notifications are separate from the target item's own `item/completed` lifecycle and are intentionally temporary while the guardian app protocol is still being designed.
`review` is [UNSTABLE] and currently has `{status, riskLevel?, userAuthorization?, rationale?}`, where `status` is one of `inProgress`, `approved`, `denied`, or `aborted`. `riskLevel` is one of `"low"`, `"medium"`, `"high"`, or `"critical"` when present. `userAuthorization` is one of `"unknown"`, `"low"`, `"medium"`, or `"high"` when present. `action` is a tagged union with `type: "command" | "execve" | "applyPatch" | "networkAccess" | "mcpToolCall"`. Command-like actions include a `source` discriminator (`"shell"` or `"unifiedExec"`). These notifications are separate from the target item's own `item/completed` lifecycle and are intentionally temporary while the auto-review app protocol is still being designed.
There are additional item-specific events:

2
codex-rs/core/src/guardian/review.rs
View File

@@ -57,7 +57,7 @@ pub(crate) async fn guardian_rejection_message(session: &Session, review_id: &st
.remove(review_id)
.filter(|rejection| !rejection.rationale.trim().is_empty())
.unwrap_or_else(|| GuardianRejection {
rationale: "Guardian denied the action without a specific rationale.".to_string(),
rationale: "Auto-reviewer denied the action without a specific rationale.".to_string(),
source: GuardianAssessmentDecisionSource::Agent,
});
match rejection.source {

2
codex-rs/features/src/lib.rs
View File

@@ -878,7 +878,7 @@ pub const FEATURES: &[FeatureSpec] = &[
id: Feature::GuardianApproval,
key: "guardian_approval",
stage: Stage::Experimental {
name: "Guardian Approvals",
name: "Auto-review",
menu_description: "When Codex needs approval for higher-risk actions (e.g. sandbox escapes or blocked network access), route eligible approval requests to a carefully-prompted security reviewer subagent rather than blocking the agent on your input. This can consume significantly more tokens because it runs a subagent on every approval request.",
announcement: "",
},

2
codex-rs/features/src/tests.rs
View File

@@ -92,7 +92,7 @@ fn guardian_approval_is_experimental_and_user_toggleable() {
let stage = spec.stage;
assert!(matches!(stage, Stage::Experimental { .. }));
assert_eq!(stage.experimental_menu_name(), Some("Guardian Approvals"));
assert_eq!(stage.experimental_menu_name(), Some("Auto-review"));
assert_eq!(
stage.experimental_menu_description().map(str::to_owned),
Some(

22
codex-rs/tui/src/app.rs
View File

@@ -271,8 +271,8 @@ struct GuardianApprovalsMode {
sandbox_policy: SandboxPolicy,
}
/// Enabling the Guardian Approvals experiment in the TUI should also switch the
/// current `/approvals` settings to the matching Guardian Approvals mode. Users
/// Enabling the Auto-review experiment in the TUI should also switch the
/// current `/approvals` settings to the matching Auto-review mode. Users
/// can still change `/approvals` afterward; this just assumes that opting into
/// the experiment means they want guardian review enabled immediately.
fn guardian_approvals_mode() -> GuardianApprovalsMode {
@@ -1279,7 +1279,7 @@ impl App {
let mut approvals_reviewer_override = None;
let mut sandbox_policy_override = None;
let mut feature_updates_to_apply = Vec::with_capacity(updates.len());
// Guardian Approvals owns `approvals_reviewer`, but disabling the feature
// Auto-Review owns `approvals_reviewer`, but disabling the feature
// from inside a profile should not silently clear a value configured at
// the root scope.
let (root_approvals_reviewer_blocks_profile_disable, profile_approvals_reviewer_configured) = {
@@ -1312,7 +1312,7 @@ impl App {
&& root_approvals_reviewer_blocks_profile_disable
{
self.chat_widget.add_error_message(
"Cannot disable Guardian Approvals in this profile because `approvals_reviewer` is configured outside the active profile.".to_string(),
"Cannot disable Auto-review in this profile because `approvals_reviewer` is configured outside the active profile.".to_string(),
);
continue;
}
@@ -1345,7 +1345,7 @@ impl App {
.into(),
});
if previous_approvals_reviewer != guardian_approvals_preset.approvals_reviewer {
permissions_history_label = Some("Guardian Approvals");
permissions_history_label = Some("Auto-review");
}
} else if !effective_enabled {
if profile_approvals_reviewer_configured || self.active_profile.is_none() {
@@ -1362,13 +1362,13 @@ impl App {
}
if feature == Feature::GuardianApproval && effective_enabled {
// The feature flag alone is not enough for the live session.
// We also align approval policy + sandbox to the Guardian
// Approvals preset so enabling the experiment immediately
// We also align approval policy + sandbox to the Auto-review
// preset so enabling the experiment immediately
// makes guardian review observable in the current thread.
if !self.try_set_approval_policy_on_config(
&mut feature_config,
guardian_approvals_preset.approval_policy,
"Failed to enable Guardian Approvals",
"Failed to enable Auto-review",
"failed to set guardian approvals approval policy on staged config",
) {
continue;
@@ -1376,7 +1376,7 @@ impl App {
if !self.try_set_sandbox_policy_on_config(
&mut feature_config,
guardian_approvals_preset.sandbox_policy.clone(),
"Failed to enable Guardian Approvals",
"Failed to enable Auto-review",
"failed to set guardian approvals sandbox policy on staged config",
) {
continue;
@@ -1439,7 +1439,7 @@ impl App {
"failed to set guardian approvals sandbox policy on chat config"
);
self.chat_widget
.add_error_message(format!("Failed to enable Guardian Approvals: {err}"));
.add_error_message(format!("Failed to enable Auto-review: {err}"));
}
if approval_policy_override.is_some()
@@ -8419,7 +8419,7 @@ mod tests {
.map(|line| line.to_string())
.collect::<Vec<_>>()
.join("\n");
assert!(rendered.contains("Permissions updated to Guardian Approvals"));
assert!(rendered.contains("Permissions updated to Auto-review"));
let config = std::fs::read_to_string(codex_home.path().join("config.toml"))?;
assert!(config.contains("guardian_approval = true"));

6
codex-rs/tui/src/chatwidget.rs
View File

@@ -8495,9 +8495,9 @@ impl ChatWidget {
if guardian_approval_enabled {
items.push(SelectionItem {
name: "Guardian Approvals".to_string(),
name: "Auto-review".to_string(),
description: Some(
"Same workspace-write permissions as Default, but eligible `on-request` approvals are routed through the guardian reviewer subagent."
"Same workspace-write permissions as Default, but eligible `on-request` approvals are routed through the auto-reviewer subagent."
.to_string(),
),
is_current: current_review_policy == ApprovalsReviewer::GuardianSubagent
@@ -8509,7 +8509,7 @@ impl ChatWidget {
actions: Self::approval_preset_actions(
preset.approval,
preset.sandbox.clone(),
"Guardian Approvals".to_string(),
"Auto-review".to_string(),
ApprovalsReviewer::GuardianSubagent,
),
dismiss_on_select: true,

24
codex-rs/tui/src/chatwidget/tests/permissions.rs
View File

@@ -329,7 +329,7 @@ async fn permissions_selection_history_snapshot_full_access_to_default() {
chat.open_permissions_popup();
let popup = render_bottom_popup(&chat, /*width*/ 120);
chat.handle_key_event(KeyEvent::from(KeyCode::Up));
if popup.contains("Guardian Approvals") {
if popup.contains("Auto-review") {
chat.handle_key_event(KeyEvent::from(KeyCode::Up));
}
chat.handle_key_event(KeyEvent::from(KeyCode::Enter));
@@ -400,8 +400,8 @@ async fn permissions_selection_hides_guardian_approvals_when_feature_disabled()
let popup = render_bottom_popup(&chat, /*width*/ 120);
assert!(
!popup.contains("Guardian Approvals"),
"expected Guardian Approvals to stay hidden until the experimental feature is enabled: {popup}"
!popup.contains("Auto-review"),
"expected Auto-review to stay hidden until the experimental feature is enabled: {popup}"
);
}
@@ -432,8 +432,8 @@ async fn permissions_selection_hides_guardian_approvals_when_feature_disabled_ev
let popup = render_bottom_popup(&chat, /*width*/ 120);
assert!(
!popup.contains("Guardian Approvals"),
"expected Guardian Approvals to stay hidden when the experimental feature is disabled: {popup}"
!popup.contains("Auto-review"),
"expected Auto-review to stay hidden when the experimental feature is disabled: {popup}"
);
}
@@ -477,8 +477,8 @@ async fn permissions_selection_marks_guardian_approvals_current_after_session_co
let popup = render_bottom_popup(&chat, /*width*/ 120);
assert!(
popup.contains("Guardian Approvals (current)"),
"expected Guardian Approvals to be current after SessionConfigured sync: {popup}"
popup.contains("Auto-review (current)"),
"expected Auto-review to be current after SessionConfigured sync: {popup}"
);
}
@@ -531,8 +531,8 @@ async fn permissions_selection_marks_guardian_approvals_current_with_custom_work
let popup = render_bottom_popup(&chat, /*width*/ 120);
assert!(
popup.contains("Guardian Approvals (current)"),
"expected Guardian Approvals to be current even with custom workspace-write details: {popup}"
popup.contains("Auto-review (current)"),
"expected Auto-review to be current even with custom workspace-write details: {popup}"
);
}
@@ -567,7 +567,7 @@ async fn permissions_selection_can_disable_guardian_approvals() {
event,
AppEvent::UpdateApprovalsReviewer(ApprovalsReviewer::User)
)),
"expected selecting Default from Guardian Approvals to switch back to manual approval review: {events:?}"
"expected selecting Default from Auto-review to switch back to manual approval review: {events:?}"
);
assert!(
!events
@@ -613,8 +613,8 @@ async fn permissions_selection_sends_approvals_reviewer_in_override_turn_context
assert!(
popup
.lines()
.any(|line| line.contains("Guardian Approvals") && line.contains('')),
"expected one Down from Default to select Guardian Approvals: {popup}"
.any(|line| line.contains("Auto-review") && line.contains('')),
"expected one Down from Default to select Auto-review: {popup}"
);
chat.handle_key_event(KeyEvent::from(KeyCode::Enter));

4
codex-rs/tui/src/chatwidget/tests/popups_and_settings.rs
View File

@@ -1465,11 +1465,11 @@ async fn experimental_popup_includes_guardian_approval() {
let normalized_popup = popup.split_whitespace().collect::<Vec<_>>().join(" ");
assert!(
popup.contains(guardian_name),
"expected guardian approvals entry in experimental popup, got:\n{popup}"
"expected auto-review entry in experimental popup, got:\n{popup}"
);
assert!(
normalized_popup.contains(guardian_description),
"expected guardian approvals description in experimental popup, got:\n{popup}"
"expected auto-review description in experimental popup, got:\n{popup}"
);
}