clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-25 15:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ab132113f9a9268405fcea74ff95518e221e305c
codex/codex-rs/app-server-protocol/schema/json
History
Owen Lin ded559680d feat(requirements): support allowed_approval_reviewers (#16701) 
## Description

Add requirements.toml support for `allowed_approvals_reviewers =
["user", "guardian_subagent"]`, so admins can now restrict the use of
guardian mode.

Note: If a user sets a reviewer that isn’t allowed by requirements.toml,
config loading falls back to the first allowed reviewer and emits a
startup warning.

The table below describes the possible admin controls.
| Admin intent | `requirements.toml` | User `config.toml` | End result |
|---|---|---|---|
| Leave Guardian optional | omit `allowed_approvals_reviewers` or set
`["user", "guardian_subagent"]` | user chooses `approvals_reviewer =
"user"` or `"guardian_subagent"` | Guardian off for `user`, on for
`guardian_subagent` + `approval_policy = "on-request"` |
| Force Guardian off | `allowed_approvals_reviewers = ["user"]` | any
user value | Effective reviewer is `user`; Guardian off |
| Force Guardian on | `allowed_approvals_reviewers =
["guardian_subagent"]` and usually `allowed_approval_policies =
["on-request"]` | any user reviewer value; user should also have
`approval_policy = "on-request"` unless policy is forced | Effective
reviewer is `guardian_subagent`; Guardian on when effective approval
policy is `on-request` |
| Allow both, but default to manual if user does nothing |
`allowed_approvals_reviewers = ["user", "guardian_subagent"]` | omit
`approvals_reviewer` | Effective reviewer is `user`; Guardian off |
| Allow both, and user explicitly opts into Guardian |
`allowed_approvals_reviewers = ["user", "guardian_subagent"]` |
`approvals_reviewer = "guardian_subagent"` and `approval_policy =
"on-request"` | Guardian on |
| Invalid admin config | `allowed_approvals_reviewers = []` | anything |
Config load error |
2026-04-06 11:11:44 -07:00
..
v1
app-server: Return codex home in initialize response (#15689)
2026-03-24 16:13:34 -07:00
v2
feat(requirements): support allowed_approval_reviewers (#16701)
2026-04-06 11:11:44 -07:00
ApplyPatchApprovalParams.json
chore: remove codex-core public protocol/shell re-exports (#12432)
2026-02-20 23:45:35 -08:00
ApplyPatchApprovalResponse.json
feat: include available decisions in command approval requests (#12758)
2026-02-26 01:10:46 +00:00
ChatgptAuthTokensRefreshParams.json
fix(app-server): for external auth, replace id_token with chatgpt_acc… (#11240)
2026-02-09 20:48:58 -08:00
ChatgptAuthTokensRefreshResponse.json
fix(app-server): for external auth, replace id_token with chatgpt_acc… (#11240)
2026-02-09 20:48:58 -08:00
ClientNotification.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
ClientRequest.json
Add ChatGPT device-code login to app server (#15525)
2026-03-27 00:27:15 -07:00
codex_app_server_protocol.schemas.json
Fix fork source display in /status (expose forked_from_id in app server) (#16596)
2026-04-02 14:05:29 -07:00
codex_app_server_protocol.v2.schemas.json
Fix fork source display in /status (expose forked_from_id in app server) (#16596)
2026-04-02 14:05:29 -07:00
CommandExecutionRequestApprovalParams.json
permissions: remove macOS seatbelt extension profiles (#15918)
2026-03-26 17:12:45 -07:00
CommandExecutionRequestApprovalResponse.json
feat: include available decisions in command approval requests (#12758)
2026-02-26 01:10:46 +00:00
DynamicToolCallParams.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
DynamicToolCallResponse.json
feat(app-server, core): allow text + image content items for dynamic tool outputs (#10567)
2026-02-04 16:12:47 -08:00
ExecCommandApprovalParams.json
chore: remove codex-core public protocol/shell re-exports (#12432)
2026-02-20 23:45:35 -08:00
ExecCommandApprovalResponse.json
feat: include available decisions in command approval requests (#12758)
2026-02-26 01:10:46 +00:00
FileChangeRequestApprovalParams.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
FileChangeRequestApprovalResponse.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
FuzzyFileSearchParams.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
FuzzyFileSearchResponse.json
Simple directory mentions (#14970)
2026-03-19 05:24:09 +00:00
FuzzyFileSearchSessionCompletedNotification.json
[app-server] add fuzzyFileSearch/sessionCompleted (#11773)
2026-02-13 15:08:14 -08:00
FuzzyFileSearchSessionUpdatedNotification.json
Simple directory mentions (#14970)
2026-03-19 05:24:09 +00:00
JSONRPCError.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
JSONRPCErrorError.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
JSONRPCMessage.json
feat(app-server): add tracing to all app-server APIs (#13285)
2026-03-02 16:01:41 -08:00
JSONRPCNotification.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
JSONRPCRequest.json
feat(app-server): add tracing to all app-server APIs (#13285)
2026-03-02 16:01:41 -08:00
JSONRPCResponse.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
McpServerElicitationRequestParams.json
[elicitations] Switch to use MCP style elicitation payload for mcp tool approvals. (#13621)
2026-03-06 01:50:26 -08:00
McpServerElicitationRequestResponse.json
[elicitations] Switch to use MCP style elicitation payload for mcp tool approvals. (#13621)
2026-03-06 01:50:26 -08:00
PermissionsRequestApprovalParams.json
Use request permission profile in app server (#14665)
2026-03-16 10:12:23 -07:00
PermissionsRequestApprovalResponse.json
Use request permission profile in app server (#14665)
2026-03-16 10:12:23 -07:00
RequestId.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
ServerNotification.json
Fix fork source display in /status (expose forked_from_id in app server) (#16596)
2026-04-02 14:05:29 -07:00
ServerRequest.json
permissions: remove macOS seatbelt extension profiles (#15918)
2026-03-26 17:12:45 -07:00
ToolRequestUserInputParams.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00
ToolRequestUserInputResponse.json
feat: vendor app-server protocol schema fixtures (#10371)
2026-02-01 23:38:43 -08:00