clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-05-15 16:53:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,542 Commits 3,142 Branches 976 Tags
8a5306ff88b868685ca76cfd5cdda42dca637d10
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Michael Bolin 8a5306ff88 app-server: use permission ids and runtime workspace roots (#22611) 
## Why

This PR builds on [#22610](https://github.com/openai/codex/pull/22610)
and is the app-server side of the migration from mutable per-turn
`SandboxPolicy` replacement toward selecting immutable permission
profiles by id plus mutable runtime workspace roots.

Once permission profiles can carry their own immutable
`workspace_roots`, app-server no longer needs to mutate the selected
`PermissionProfile` just to represent thread-specific filesystem
context. The mutable part now lives on the thread as explicit
`runtimeWorkspaceRoots`, while `:workspace_roots` remains symbolic until
the sandbox is realized for a turn.

## What Changed

- Replaced the v2 permission-selection wrapper surface with plain
profile ids for `thread/start`, `thread/resume`, `thread/fork`, and
`turn/start`.
- Removed the API surface for profile modifications
(`PermissionProfileSelectionParams`,
`PermissionProfileModificationParams`,
`ActivePermissionProfileModification`).
- Added experimental `runtimeWorkspaceRoots` fields to the thread
lifecycle and turn-start APIs.
- Threaded runtime workspace roots through core session/thread
snapshots, turn overrides, app-server request handling, and command
execution permission resolution.
- Kept session permission state symbolic so later runtime root updates
and cwd-only implicit-root retargeting rebind `:workspace_roots`
correctly.
- Updated the embedded clients just enough to send and restore the new
thread state.
- Refreshed the generated schema/TypeScript artifacts and the app-server
README to match the new contract.

## Verification

Targeted coverage for this layer lives in:

- `codex-rs/app-server-protocol/src/protocol/v2/tests.rs`
- `codex-rs/app-server/tests/suite/v2/thread_start.rs`
- `codex-rs/app-server/tests/suite/v2/thread_resume.rs`
- `codex-rs/app-server/tests/suite/v2/turn_start.rs`
- `codex-rs/core/src/session/tests.rs`

The key regression checks exercise that:

- `runtimeWorkspaceRoots` resolve against the effective cwd on thread
start.
- Profile-declared workspace roots are excluded from the runtime
workspace roots returned by app-server.
- A turn-level runtime workspace-root update persists onto the thread
and is returned by `thread/resume`.
- A named permission profile selected on one turn remains symbolic so a
later runtime-root-only turn update changes the actual sandbox writes.
- A cwd-only turn update retargets the implicit runtime cwd root while
preserving additional runtime roots.
- The protocol fixtures and generated client artifacts stay in sync with
the string-based permission selection contract.











---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/22611).
* #22612
* __->__ #22611
2026-05-14 23:00:05 -07:00
.codex
Deduplicate issue digest interactions by user (#22039)
2026-05-10 09:55:42 -07:00
.devcontainer
Harden package-manager install policy (#19163)
2026-04-24 14:36:19 -04:00
.github
ci: support signed macOS release promotion (#22737)
2026-05-14 18:36:20 -07:00
.vscode
[8/8] Add Python SDK Ruff formatting (#22021)
2026-05-12 01:10:29 +03:00
codex-cli
feat(cli): add codex doctor diagnostics (#22336)
2026-05-13 21:23:19 +00:00
codex-rs
app-server: use permission ids and runtime workspace roots (#22611)
2026-05-14 23:00:05 -07:00
docs
Add allow_managed_hooks_only hook requirement (#20319)
2026-05-12 19:05:25 -07:00
patches
Enable V8 sandboxing for source-built builds (#21146)
2026-05-05 14:36:37 -07:00
scripts
Fix rust-ci-full failures due to missing bwrap (#21604)
2026-05-08 09:52:19 -07:00
sdk
[codex] Remove unused legacy shell tools (#22246)
2026-05-13 16:43:25 +00:00
third_party
Enable V8 sandboxing for source-built builds (#21146)
2026-05-05 14:36:37 -07:00
tools/argument-comment-lint
fix(tui): preserve wrapped prose beside URLs (#21760)
2026-05-09 13:58:10 -03:00
.bazelignore
.bazelrc
Enable V8 sandboxing for source-built builds (#21146)
2026-05-05 14:36:37 -07:00
.bazelversion
.codespellignore
[codex] Update imagegen system skill (#18852)
2026-04-22 15:08:10 +00:00
.codespellrc
Remove js_repl feature (#19410)
2026-04-24 17:49:29 -07:00
.gitattributes
Mark hooks schema fixtures as generated (#19194)
2026-04-23 14:11:16 -07:00
.gitignore
Harden package-manager install policy (#19163)
2026-04-24 14:36:19 -04:00
.markdownlint-cli2.yaml
.npmrc
.prettierignore
.prettierrc.toml
AGENTS.md
Clarify docs folder guidance in AGENTS.md (#21772)
2026-05-08 10:11:57 -07:00
announcement_tip.toml
Add CLI update announcement (#17942)
2026-04-15 11:39:06 -07:00
BUILD.bazel
ci: cross-compile Windows Bazel tests (#20585)
2026-05-01 15:55:28 -07:00
CHANGELOG.md
cliff.toml
defs.bzl
Enable V8 sandboxing for source-built builds (#21146)
2026-05-05 14:36:37 -07:00
flake.lock
flake.nix
justfile
fix: prevent fmt from updating Python SDK lockfile (#22505)
2026-05-13 17:58:08 +02:00
LICENSE
MODULE.bazel
Enable V8 sandboxing for source-built builds (#21146)
2026-05-05 14:36:37 -07:00
MODULE.bazel.lock
config: add strict config parsing (#20559)
2026-05-13 16:08:05 +00:00
NOTICE
Remove js_repl feature (#19410)
2026-04-24 17:49:29 -07:00
package.json
Harden package-manager install policy (#19163)
2026-04-24 14:36:19 -04:00
pnpm-lock.yaml
[codex] Fix high severity dependency alerts (#18167)
2026-04-20 11:59:50 -07:00
pnpm-workspace.yaml
Harden package-manager install policy (#19163)
2026-04-24 14:36:19 -04:00
rbe.bzl
README.md
SECURITY.md
[docs] Restore SECURITY.md update from PR 17848 (#18004)
2026-04-15 15:09:39 -07:00
workspace_root_test_launcher.bat.tpl
ci: cross-compile Windows Bazel tests (#20585)
2026-05-01 15:55:28 -07:00
workspace_root_test_launcher.sh.tpl
ci: cross-compile Windows Bazel tests (#20585)
2026-05-01 15:55:28 -07:00

README.md

npm i -g @openai/codex
or brew install --cask codex

Codex CLI is a coding agent from OpenAI that runs locally on your computer.

Codex CLI splash


If you want Codex in your code editor (VS Code, Cursor, Windsurf), install in your IDE.
If you want the desktop app experience, run codex app or visit the Codex App page.
If you are looking for the cloud-based agent from OpenAI, Codex Web, go to chatgpt.com/codex.

Quickstart

Installing and running Codex CLI

Install globally with your preferred package manager:

# Install using npm
npm install -g @openai/codex

# Install using Homebrew
brew install --cask codex

Then simply run codex to get started.

You can also go to the latest GitHub Release and download the appropriate binary for your platform.

Each GitHub Release contains many executables, but in practice, you likely want one of these:

  • macOS
    • Apple Silicon/arm64: codex-aarch64-apple-darwin.tar.gz
    • x86_64 (older Mac hardware): codex-x86_64-apple-darwin.tar.gz
  • Linux
    • x86_64: codex-x86_64-unknown-linux-musl.tar.gz
    • arm64: codex-aarch64-unknown-linux-musl.tar.gz

Each archive contains a single entry with the platform baked into the name (e.g., codex-x86_64-unknown-linux-musl), so you likely want to rename it to codex after extracting it.

Using Codex with your ChatGPT plan

Run codex and select Sign in with ChatGPT. We recommend signing into your ChatGPT account to use Codex as part of your Plus, Pro, Business, Edu, or Enterprise plan. Learn more about what's included in your ChatGPT plan.

You can also use Codex with an API key, but this requires additional setup.

Docs

This repository is licensed under the Apache-2.0 License.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme Apache-2.0 1.4 GiB
Languages
Rust 96.2%
Python 2.8%
TypeScript 0.3%
Starlark 0.2%
Shell 0.2%
Other 0.1%