clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-25 07:05:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
089fc325d463bb0504cb876b8e25de492f21dee1
codex/codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json
rreichel3-oai 0f54c3a97b Support forced workspace ids in requirements 
Allow requirements.toml and cloud requirements to specify forced_chatgpt_workspace_id using the same single string or array shape as config.toml.

Prefer the requirements value during config resolution, expose it through configRequirements/read, and regenerate app-server schema fixtures.

Document requirements precedence and add targeted coverage for requirements parsing, config resolution, API mapping, and cloud requirements fixtures.
2026-04-15 16:54:04 -04:00

297 lines
7.1 KiB
JSON
Raw Blame History

{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"ApprovalsReviewer": {
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
"enum": [
"user",
"guardian_subagent"
],
"type": "string"
},
"AskForApproval": {
"oneOf": [
{
"enum": [
"untrusted",
"on-failure",
"on-request",
"never"
],
"type": "string"
},
{
"additionalProperties": false,
"properties": {
"granular": {
"properties": {
"mcp_elicitations": {
"type": "boolean"
},
"request_permissions": {
"default": false,
"type": "boolean"
},
"rules": {
"type": "boolean"
},
"sandbox_approval": {
"type": "boolean"
},
"skill_approval": {
"default": false,
"type": "boolean"
}
},
"required": [
"mcp_elicitations",
"rules",
"sandbox_approval"
],
"type": "object"
}
},
"required": [
"granular"
],
"title": "GranularAskForApproval",
"type": "object"
}
]
},
"ConfigRequirements": {
"properties": {
"allowedApprovalPolicies": {
"items": {
"$ref": "#/definitions/AskForApproval"
},
"type": [
"array",
"null"
]
},
"allowedSandboxModes": {
"items": {
"$ref": "#/definitions/SandboxMode"
},
"type": [
"array",
"null"
]
},
"allowedWebSearchModes": {
"items": {
"$ref": "#/definitions/WebSearchMode"
},
"type": [
"array",
"null"
]
},
"enforceResidency": {
"anyOf": [
{
"$ref": "#/definitions/ResidencyRequirement"
},
{
"type": "null"
}
]
},
"featureRequirements": {
"additionalProperties": {
"type": "boolean"
},
"type": [
"object",
"null"
]
},
"forcedChatgptWorkspaceId": {
"anyOf": [
{
"$ref": "#/definitions/ForcedChatgptWorkspaceIds"
},
{
"type": "null"
}
]
}
},
"type": "object"
},
"ForcedChatgptWorkspaceIds": {
"anyOf": [
{
"type": "string"
},
{
"items": {
"type": "string"
},
"type": "array"
}
],
"description": "Workspace IDs that ChatGPT auth is allowed to use.\n\nThe config parser accepts the historical single-string form and the newer list form for deployments that allow multiple ChatGPT workspaces."
},
"NetworkDomainPermission": {
"enum": [
"allow",
"deny"
],
"type": "string"
},
"NetworkRequirements": {
"properties": {
"allowLocalBinding": {
"type": [
"boolean",
"null"
]
},
"allowUnixSockets": {
"description": "Legacy compatibility view derived from `unix_sockets`.",
"items": {
"type": "string"
},
"type": [
"array",
"null"
]
},
"allowUpstreamProxy": {
"type": [
"boolean",
"null"
]
},
"allowedDomains": {
"description": "Legacy compatibility view derived from `domains`.",
"items": {
"type": "string"
},
"type": [
"array",
"null"
]
},
"dangerouslyAllowAllUnixSockets": {
"type": [
"boolean",
"null"
]
},
"dangerouslyAllowNonLoopbackProxy": {
"type": [
"boolean",
"null"
]
},
"deniedDomains": {
"description": "Legacy compatibility view derived from `domains`.",
"items": {
"type": "string"
},
"type": [
"array",
"null"
]
},
"domains": {
"additionalProperties": {
"$ref": "#/definitions/NetworkDomainPermission"
},
"description": "Canonical network permission map for `experimental_network`.",
"type": [
"object",
"null"
]
},
"enabled": {
"type": [
"boolean",
"null"
]
},
"httpPort": {
"format": "uint16",
"minimum": 0.0,
"type": [
"integer",
"null"
]
},
"managedAllowedDomainsOnly": {
"description": "When true, only managed allowlist entries are respected while managed network enforcement is active.",
"type": [
"boolean",
"null"
]
},
"socksPort": {
"format": "uint16",
"minimum": 0.0,
"type": [
"integer",
"null"
]
},
"unixSockets": {
"additionalProperties": {
"$ref": "#/definitions/NetworkUnixSocketPermission"
},
"description": "Canonical unix socket permission map for `experimental_network`.",
"type": [
"object",
"null"
]
}
},
"type": "object"
},
"NetworkUnixSocketPermission": {
"enum": [
"allow",
"none"
],
"type": "string"
},
"ResidencyRequirement": {
"enum": [
"us"
],
"type": "string"
},
"SandboxMode": {
"enum": [
"read-only",
"workspace-write",
"danger-full-access"
],
"type": "string"
},
"WebSearchMode": {
"enum": [
"disabled",
"cached",
"live"
],
"type": "string"
}
},
"properties": {
"requirements": {
"anyOf": [
{
"$ref": "#/definitions/ConfigRequirements"
},
{
"type": "null"
}
],
"description": "Null if no requirements are configured (e.g. no requirements.toml/MDM entries)."
}
},
"title": "ConfigRequirementsReadResponse",
"type": "object"
}
Reference in New Issue View Git Blame Copy Permalink