whitelist command prefix integration in core and tui (#7033)

this PR enables TUI to approve commands and add their prefixes to an allowlist: <img width="708" height="605" alt="Screenshot 2025-11-21 at 4 18 07 PM" src="https://github.com/user-attachments/assets/56a19893-4553-4770-a881-becf79eeda32" /> note: we only show the option to whitelist the command when 1) command is not multi-part (e.g `git add -A && git commit -m 'hello world'`) 2) command is not already matched by an existing rule
2026-04-29 08:56:38 +00:00 · 2025-12-04 02:17:02 -05:00
parent ccdeb9d9c4
commit e925a380dc
27 changed files with 733 additions and 155 deletions
--- a/codex-rs/protocol/src/approvals.rs
+++ b/codex-rs/protocol/src/approvals.rs
@@ -51,6 +51,10 @@ pub struct ExecApprovalRequestEvent {
    /// Optional model-provided risk assessment describing the blocked command.
    #[serde(skip_serializing_if = "Option::is_none")]
    pub risk: Option<SandboxCommandAssessment>,
+    /// Prefix rule that can be added to the user's execpolicy to allow future runs.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional, type = "Array<string>")]
+    pub allow_prefix: Option<Vec<String>>,
    pub parsed_cmd: Vec<ParsedCommand>,
 }