mirror of https://github.com/openai/codex.git synced 2026-05-23 20:44:50 +00:00

Files

Andrei Eternal 2b2de3f38b codex: support hooks in config.toml and requirements.toml (#18893 )

## Summary

Support the existing hooks schema in inline TOML so hooks can be
configured from both `config.toml` and enterprise-managed
`requirements.toml` without requiring a separate `hooks.json` payload.

This gives enterprise admins a way to ship managed hook policy through
the existing requirements channel while still leaving script delivery to
MDM or other device-management tooling, and it keeps `hooks.json`
working unchanged for existing users.

This also lays the groundwork for follow-on managed filtering work such
as #15937, while continuing to respect project trust gating from #14718.
It does **not** implement `allow_managed_hooks_only` itself.

NOTE: yes, it's a bit unfortunate that the toml isn't formatted as
closely as normal to our default styling. This is because we're trying
to stay compatible with the spec for plugins/hooks that we'll need to
support & the main usecase here is embedding into requirements.toml

## What changed

- moved the shared hook serde model out of `codex-rs/hooks` into
`codex-rs/config` so the same schema can power `hooks.json`, inline
`config.toml` hooks, and managed `requirements.toml` hooks
- added `hooks` support to both `ConfigToml` and
`ConfigRequirementsToml`, including requirements-side `managed_dir` /
`windows_managed_dir`
- treated requirements-managed hooks as one constrained value via
`Constrained`, so managed hook policy is merged atomically and cannot
drift across requirement sources
- updated hook discovery to load requirements-managed hooks first, then
per-layer `hooks.json`, then per-layer inline TOML hooks, with a warning
when a single layer defines both representations
- threaded managed hook metadata through discovered handlers and exposed
requirements hooks in app-server responses, generated schemas, and
`/debug-config`
- added hook/config coverage in `codex-rs/config`, `codex-rs/hooks`,
`codex-rs/core/src/config_loader/tests.rs`, and
`codex-rs/core/tests/suite/hooks.rs`

## Testing

- `cargo test -p codex-config`
- `cargo test -p codex-hooks`
- `cargo test -p codex-app-server config_api`

## Documentation

Companion updates are needed in the developers website repo for:

- the hooks guide
- the config reference, sample, basic, and advanced pages
- the enterprise managed configuration guide

---------

Co-authored-by: Michael Bolin <mbolin@openai.com>

2026-04-22 21:20:09 -07:00

layer_io.rs

Refactor config loading to use filesystem abstraction (#18209 )

2026-04-17 00:51:21 +00:00

macos.rs

Add remote_sandbox_config to our config requirements (#18763 )

2026-04-21 05:05:02 +00:00

mod.rs

codex: support hooks in config.toml and requirements.toml (#18893 )

2026-04-22 21:20:09 -07:00

README.md

Add remote_sandbox_config to our config requirements (#18763 )

2026-04-21 05:05:02 +00:00

tests.rs

codex: support hooks in config.toml and requirements.toml (#18893 )

2026-04-22 21:20:09 -07:00

README.md

`codex-core` config loader

This module is the canonical place to load and describe Codex configuration layers (user config, CLI/session overrides, managed config, and MDM-managed preferences) and to produce:

An effective merged TOML config.
Per-key origins metadata (which layer “wins” for a given key).
Per-layer versions (stable fingerprints) used for optimistic concurrency / conflict detection.

Public surface

Exported from codex_core::config_loader:

load_config_layers_state(fs, codex_home, cwd_opt, cli_overrides, overrides, cloud_requirements, thread_config_loader, host_name) -> ConfigLayerStack
ConfigLayerStack
- effective_config() -> toml::Value
- origins() -> HashMap<String, ConfigLayerMetadata>
- layers_high_to_low() -> Vec<ConfigLayer>
- with_user_config(user_config) -> ConfigLayerStack
ConfigLayerEntry (one layer’s {name, config, version, disabled_reason}; name carries source metadata)
LoaderOverrides (test/override hooks for managed config sources)
merge_toml_values(base, overlay) (public helper used elsewhere)

Layering model

Precedence is top overrides bottom:

MDM managed preferences (macOS only)
System managed config (e.g. managed_config.toml)
Session flags (CLI overrides, applied as dotted-path TOML writes)
User config (config.toml)

Thread config entries supplied by thread_config_loader are inserted according to their translated ConfigLayerSource precedence.

Layers with a disabled_reason are still surfaced for UI, but are ignored when computing the effective config and origins metadata. This is what ConfigLayerStack::effective_config() implements.

Typical usage

Most callers want the effective config plus metadata:

use codex_core::config_loader::{CloudRequirementsLoader, LoaderOverrides, load_config_layers_state};
use codex_config::NoopThreadConfigLoader;
use codex_exec_server::LOCAL_FS;
use codex_utils_absolute_path::AbsolutePathBuf;
use toml::Value as TomlValue;

let cli_overrides: Vec<(String, TomlValue)> = Vec::new();
let cwd = AbsolutePathBuf::current_dir()?;
let layers = load_config_layers_state(
    LOCAL_FS.as_ref(),
    &codex_home,
    Some(cwd),
    &cli_overrides,
    LoaderOverrides::default(),
    CloudRequirementsLoader::default(),
    &NoopThreadConfigLoader,
    /*host_name*/ None,
).await?;

let effective = layers.effective_config();
let origins = layers.origins();
let layers_for_ui = layers.layers_high_to_low();

Internal layout

Implementation is split by concern:

state.rs: public types (ConfigLayerEntry, ConfigLayerStack) + merge/origins convenience methods.
layer_io.rs: reading config.toml, managed config, and managed preferences inputs.
overrides.rs: CLI dotted-path overrides → TOML “session flags” layer.
merge.rs: recursive TOML merge.
fingerprint.rs: stable per-layer hashing and per-key origins traversal.
macos.rs: managed preferences integration (macOS only).

README.md Unescape Escape

codex-core config loader

Public surface

Layering model

Typical usage

Internal layout

README.md

`codex-core` config loader