clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-29 00:55:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

remove sandbox globals. (#9797)

Browse Source 
Threads sandbox updates through OverrideTurnContext for active turn
Passes computed sandbox type into safety/exec
This commit is contained in:
iceweasel-oai
2026-01-27 11:04:23 -08:00
committed by GitHub
parent 894923ed5d
commit c40ad65bd8
35 changed files with 339 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
codex-rs/core/tests/suite/collaboration_instructions.rs
View File

@@ -104,6 +104,7 @@ async fn user_input_includes_collaboration_instructions_after_override() -> Resu
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -185,6 +186,7 @@ async fn override_then_user_turn_uses_updated_collaboration_instructions() -> Re
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -238,6 +240,7 @@ async fn user_turn_overrides_collaboration_instructions_after_override() -> Resu
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -292,6 +295,7 @@ async fn collaboration_mode_update_emits_new_instruction_message() -> Result<()>
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -316,6 +320,7 @@ async fn collaboration_mode_update_emits_new_instruction_message() -> Result<()>
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -361,6 +366,7 @@ async fn collaboration_mode_update_noop_does_not_append() -> Result<()> {
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -385,6 +391,7 @@ async fn collaboration_mode_update_noop_does_not_append() -> Result<()> {
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -436,6 +443,7 @@ async fn resume_replays_collaboration_instructions() -> Result<()> {
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -491,6 +499,7 @@ async fn empty_collaboration_instructions_are_ignored() -> Result<()> {
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,

4
codex-rs/core/tests/suite/exec.rs
View File

@@ -10,6 +10,7 @@ use codex_core::exec::process_exec_tool_call;
use codex_core::protocol::SandboxPolicy;
use codex_core::sandboxing::SandboxPermissions;
use codex_core::spawn::CODEX_SANDBOX_ENV_VAR;
use codex_protocol::config_types::WindowsSandboxLevel;
use tempfile::TempDir;
use codex_core::error::Result;
@@ -27,7 +28,7 @@ fn skip_test() -> bool {
#[expect(clippy::expect_used)]
async fn run_test_cmd(tmp: TempDir, cmd: Vec<&str>) -> Result<ExecToolCallOutput> {
let sandbox_type = get_platform_sandbox().expect("should be able to get sandbox type");
let sandbox_type = get_platform_sandbox(false).expect("should be able to get sandbox type");
assert_eq!(sandbox_type, SandboxType::MacosSeatbelt);
let params = ExecParams {
@@ -36,6 +37,7 @@ async fn run_test_cmd(tmp: TempDir, cmd: Vec<&str>) -> Result<ExecToolCallOutput
expiration: 1000.into(),
env: HashMap::new(),
sandbox_permissions: SandboxPermissions::UseDefault,
windows_sandbox_level: WindowsSandboxLevel::Disabled,
justification: None,
arg0: None,
};

2
codex-rs/core/tests/suite/model_overrides.rs
View File

@@ -29,6 +29,7 @@ async fn override_turn_context_does_not_persist_when_config_exists() {
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: Some("o3".to_string()),
effort: Some(Some(ReasoningEffort::High)),
summary: None,
@@ -64,6 +65,7 @@ async fn override_turn_context_does_not_create_config_file() {
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: Some("o3".to_string()),
effort: Some(Some(ReasoningEffort::Medium)),
summary: None,

3
codex-rs/core/tests/suite/override_updates.rs
View File

@@ -118,6 +118,7 @@ async fn override_turn_context_records_permissions_update() -> Result<()> {
cwd: None,
approval_policy: Some(AskForApproval::Never),
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -161,6 +162,7 @@ async fn override_turn_context_records_environment_update() -> Result<()> {
cwd: Some(new_cwd.path().to_path_buf()),
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -198,6 +200,7 @@ async fn override_turn_context_records_collaboration_update() -> Result<()> {
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,

3
codex-rs/core/tests/suite/permissions_messages.rs
View File

@@ -106,6 +106,7 @@ async fn permissions_message_added_on_override_change() -> Result<()> {
cwd: None,
approval_policy: Some(AskForApproval::Never),
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -227,6 +228,7 @@ async fn resume_replays_permissions_messages() -> Result<()> {
cwd: None,
approval_policy: Some(AskForApproval::Never),
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -309,6 +311,7 @@ async fn resume_and_fork_append_permissions_messages() -> Result<()> {
cwd: None,
approval_policy: Some(AskForApproval::Never),
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,

2
codex-rs/core/tests/suite/personality.rs
View File

@@ -210,6 +210,7 @@ async fn user_turn_personality_some_adds_update_message() -> anyhow::Result<()>
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,
@@ -362,6 +363,7 @@ async fn user_turn_personality_remote_model_template_includes_update_message() -
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: Some(remote_slug.to_string()),
effort: None,
summary: None,

2
codex-rs/core/tests/suite/prompt_caching.rs
View File

@@ -350,6 +350,7 @@ async fn overrides_turn_context_but_keeps_cached_prefix_and_key_constant() -> an
cwd: None,
approval_policy: Some(AskForApproval::Never),
sandbox_policy: Some(new_policy.clone()),
windows_sandbox_level: None,
model: Some("o3".to_string()),
effort: Some(Some(ReasoningEffort::High)),
summary: Some(ReasoningSummary::Detailed),
@@ -427,6 +428,7 @@ async fn override_before_first_turn_emits_environment_context() -> anyhow::Resul
cwd: None,
approval_policy: Some(AskForApproval::Never),
sandbox_policy: None,
windows_sandbox_level: None,
model: Some("gpt-5.1-codex".to_string()),
effort: Some(Some(ReasoningEffort::Low)),
summary: None,

2
codex-rs/core/tests/suite/remote_models.rs
View File

@@ -138,6 +138,7 @@ async fn remote_models_remote_model_uses_unified_exec() -> Result<()> {
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: Some(REMOTE_MODEL_SLUG.to_string()),
effort: None,
summary: None,
@@ -367,6 +368,7 @@ async fn remote_models_apply_remote_base_instructions() -> Result<()> {
cwd: None,
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: Some(model.to_string()),
effort: None,
summary: None,

1
codex-rs/core/tests/suite/review.rs
View File

@@ -819,6 +819,7 @@ async fn review_uses_overridden_cwd_for_base_branch_merge_base() {
cwd: Some(repo_path.to_path_buf()),
approval_policy: None,
sandbox_policy: None,
windows_sandbox_level: None,
model: None,
effort: None,
summary: None,