clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-24 14:45:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9601f2af4b1ff546fcdac4e6480002b809f2a400
codex/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json
Owen Lin 30f6786d62 fix(guardian): make GuardianAssessmentEvent.action strongly typed (#16448) 
## Description

Previously the `action` field on `EventMsg::GuardianAssessment`, which
describes what Guardian is reviewing, was typed as an arbitrary JSON
blob. This PR cleans it up and defines a sum type representing all the
various actions that Guardian can review.

This is a breaking change (on purpose), which is fine because:
- the Codex app / VSCE does not actually use `action` at the moment
- the TUI code that consumes `action` is updated in this PR as well
- rollout files that serialized old `EventMsg::GuardianAssessment` will
just silently drop these guardian events
- the contract is defined as unstable, so other clients have a fair
warning :)

This will make things much easier for followup Guardian work.

## Why

The old guardian review payloads worked, but they pushed too much shape
knowledge into downstream consumers. The TUI had custom JSON parsing
logic for commands, patches, network requests, and MCP calls, and the
app-server protocol was effectively just passing through an opaque blob.

Typing this at the protocol boundary makes the contract clearer.
2026-04-01 15:42:18 -07:00

273 lines
6.6 KiB
JSON
Raw Blame History

{
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"GuardianApprovalReview": {
"description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
"properties": {
"rationale": {
"type": [
"string",
"null"
]
},
"riskLevel": {
"anyOf": [
{
"$ref": "#/definitions/GuardianRiskLevel"
},
{
"type": "null"
}
]
},
"riskScore": {
"format": "uint8",
"minimum": 0.0,
"type": [
"integer",
"null"
]
},
"status": {
"$ref": "#/definitions/GuardianApprovalReviewStatus"
}
},
"required": [
"status"
],
"type": "object"
},
"GuardianApprovalReviewAction": {
"oneOf": [
{
"properties": {
"command": {
"type": "string"
},
"cwd": {
"type": "string"
},
"source": {
"$ref": "#/definitions/GuardianCommandSource"
},
"type": {
"enum": [
"command"
],
"title": "CommandGuardianApprovalReviewActionType",
"type": "string"
}
},
"required": [
"command",
"cwd",
"source",
"type"
],
"title": "CommandGuardianApprovalReviewAction",
"type": "object"
},
{
"properties": {
"argv": {
"items": {
"type": "string"
},
"type": "array"
},
"cwd": {
"type": "string"
},
"program": {
"type": "string"
},
"source": {
"$ref": "#/definitions/GuardianCommandSource"
},
"type": {
"enum": [
"execve"
],
"title": "ExecveGuardianApprovalReviewActionType",
"type": "string"
}
},
"required": [
"argv",
"cwd",
"program",
"source",
"type"
],
"title": "ExecveGuardianApprovalReviewAction",
"type": "object"
},
{
"properties": {
"cwd": {
"type": "string"
},
"files": {
"items": {
"type": "string"
},
"type": "array"
},
"type": {
"enum": [
"applyPatch"
],
"title": "ApplyPatchGuardianApprovalReviewActionType",
"type": "string"
}
},
"required": [
"cwd",
"files",
"type"
],
"title": "ApplyPatchGuardianApprovalReviewAction",
"type": "object"
},
{
"properties": {
"host": {
"type": "string"
},
"port": {
"format": "uint16",
"minimum": 0.0,
"type": "integer"
},
"protocol": {
"$ref": "#/definitions/NetworkApprovalProtocol"
},
"target": {
"type": "string"
},
"type": {
"enum": [
"networkAccess"
],
"title": "NetworkAccessGuardianApprovalReviewActionType",
"type": "string"
}
},
"required": [
"host",
"port",
"protocol",
"target",
"type"
],
"title": "NetworkAccessGuardianApprovalReviewAction",
"type": "object"
},
{
"properties": {
"connectorId": {
"type": [
"string",
"null"
]
},
"connectorName": {
"type": [
"string",
"null"
]
},
"server": {
"type": "string"
},
"toolName": {
"type": "string"
},
"toolTitle": {
"type": [
"string",
"null"
]
},
"type": {
"enum": [
"mcpToolCall"
],
"title": "McpToolCallGuardianApprovalReviewActionType",
"type": "string"
}
},
"required": [
"server",
"toolName",
"type"
],
"title": "McpToolCallGuardianApprovalReviewAction",
"type": "object"
}
]
},
"GuardianApprovalReviewStatus": {
"description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
"enum": [
"inProgress",
"approved",
"denied",
"aborted"
],
"type": "string"
},
"GuardianCommandSource": {
"enum": [
"shell",
"unifiedExec"
],
"type": "string"
},
"GuardianRiskLevel": {
"description": "[UNSTABLE] Risk level assigned by guardian approval review.",
"enum": [
"low",
"medium",
"high"
],
"type": "string"
},
"NetworkApprovalProtocol": {
"enum": [
"http",
"https",
"socks5Tcp",
"socks5Udp"
],
"type": "string"
}
},
"description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
"properties": {
"action": {
"$ref": "#/definitions/GuardianApprovalReviewAction"
},
"review": {
"$ref": "#/definitions/GuardianApprovalReview"
},
"targetItemId": {
"type": "string"
},
"threadId": {
"type": "string"
},
"turnId": {
"type": "string"
}
},
"required": [
"action",
"review",
"targetItemId",
"threadId",
"turnId"
],
"title": "ItemGuardianApprovalReviewStartedNotification",
"type": "object"
}
Reference in New Issue View Git Blame Copy Permalink