Remove stray .snap.new filtering from schema fixtures reader

Motivation: - `codex-app-server-protocol` schema fixtures are not insta snapshots. - Filtering `*.snap.new` is confusing and risks hiding real files. What changed: - Remove the `.snap.new` filename special case in `read_schema_fixture_tree`. Refs: macOS Bazel schema fixture mismatch investigation
2026-04-25 15:15:15 +00:00 · 2026-02-01 22:22:25 -08:00
parent 6c22360bcb
commit dfdf5e9def
570 changed files with 91474 additions and 0 deletions
--- a/codex-rs/app-server-protocol/schema/json/v1/ExecOneOffCommandParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v1/ExecOneOffCommandParams.json
@@ -0,0 +1,158 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "definitions": {
+    "AbsolutePathBuf": {
+      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
+      "type": "string"
+    },
+    "NetworkAccess": {
+      "description": "Represents whether outbound network access is available to the agent.",
+      "enum": [
+        "restricted",
+        "enabled"
+      ],
+      "type": "string"
+    },
+    "SandboxPolicy": {
+      "description": "Determines execution restrictions for model shell commands.",
+      "oneOf": [
+        {
+          "description": "No restrictions whatsoever. Use with caution.",
+          "properties": {
+            "type": {
+              "enum": [
+                "danger-full-access"
+              ],
+              "title": "DangerFullAccessSandboxPolicyType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "type"
+          ],
+          "title": "DangerFullAccessSandboxPolicy",
+          "type": "object"
+        },
+        {
+          "description": "Read-only access to the entire file-system.",
+          "properties": {
+            "type": {
+              "enum": [
+                "read-only"
+              ],
+              "title": "ReadOnlySandboxPolicyType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "type"
+          ],
+          "title": "ReadOnlySandboxPolicy",
+          "type": "object"
+        },
+        {
+          "description": "Indicates the process is already in an external sandbox. Allows full disk access while honoring the provided network setting.",
+          "properties": {
+            "network_access": {
+              "allOf": [
+                {
+                  "$ref": "#/definitions/NetworkAccess"
+                }
+              ],
+              "default": "restricted",
+              "description": "Whether the external sandbox permits outbound network traffic."
+            },
+            "type": {
+              "enum": [
+                "external-sandbox"
+              ],
+              "title": "ExternalSandboxSandboxPolicyType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "type"
+          ],
+          "title": "ExternalSandboxSandboxPolicy",
+          "type": "object"
+        },
+        {
+          "description": "Same as `ReadOnly` but additionally grants write access to the current working directory (\"workspace\").",
+          "properties": {
+            "exclude_slash_tmp": {
+              "default": false,
+              "description": "When set to `true`, will NOT include the `/tmp` among the default writable roots on UNIX. Defaults to `false`.",
+              "type": "boolean"
+            },
+            "exclude_tmpdir_env_var": {
+              "default": false,
+              "description": "When set to `true`, will NOT include the per-user `TMPDIR` environment variable among the default writable roots. Defaults to `false`.",
+              "type": "boolean"
+            },
+            "network_access": {
+              "default": false,
+              "description": "When set to `true`, outbound network access is allowed. `false` by default.",
+              "type": "boolean"
+            },
+            "type": {
+              "enum": [
+                "workspace-write"
+              ],
+              "title": "WorkspaceWriteSandboxPolicyType",
+              "type": "string"
+            },
+            "writable_roots": {
+              "description": "Additional folders (beyond cwd and possibly TMPDIR) that should be writable from within the sandbox.",
+              "items": {
+                "$ref": "#/definitions/AbsolutePathBuf"
+              },
+              "type": "array"
+            }
+          },
+          "required": [
+            "type"
+          ],
+          "title": "WorkspaceWriteSandboxPolicy",
+          "type": "object"
+        }
+      ]
+    }
+  },
+  "properties": {
+    "command": {
+      "items": {
+        "type": "string"
+      },
+      "type": "array"
+    },
+    "cwd": {
+      "type": [
+        "string",
+        "null"
+      ]
+    },
+    "sandboxPolicy": {
+      "anyOf": [
+        {
+          "$ref": "#/definitions/SandboxPolicy"
+        },
+        {
+          "type": "null"
+        }
+      ]
+    },
+    "timeoutMs": {
+      "format": "uint64",
+      "minimum": 0.0,
+      "type": [
+        "integer",
+        "null"
+      ]
+    }
+  },
+  "required": [
+    "command"
+  ],
+  "title": "ExecOneOffCommandParams",
+  "type": "object"
+}