codex

mirror of https://github.com/openai/codex.git synced 2026-04-26 15:45:02 +00:00

Files

Michael Bolin 425fff7ad6 feat: add Reject approval policy with granular prompt rejection controls (#12087 )

## Why

We need a way to auto-reject specific approval prompt categories without
switching all approvals off.

The goal is to let users independently control:
- sandbox escalation approvals,
- execpolicy `prompt` rule approvals,
- MCP elicitation prompts.

## What changed

- Added a new primary approval mode in `protocol/src/protocol.rs`:

```rust
pub enum AskForApproval {
    // ...
    Reject(RejectConfig),
    // ...
}

pub struct RejectConfig {
    pub sandbox_approval: bool,
    pub rules: bool,
    pub mcp_elicitations: bool,
}
```

- Wired `RejectConfig` semantics through approval paths in `core`:
  - `core/src/exec_policy.rs`
    - rejects rule-driven prompts when `rules = true`
    - rejects sandbox/escalation prompts when `sandbox_approval = true`
- preserves rule priority when both rule and sandbox prompt conditions
are present
  - `core/src/tools/sandboxing.rs`
- applies `sandbox_approval` to default exec approval decisions and
sandbox-failure retry gating
  - `core/src/safety.rs`
- keeps `Reject { all false }` behavior aligned with `OnRequest` for
patch safety
    - rejects out-of-root patch approvals when `sandbox_approval = true`
  - `core/src/mcp_connection_manager.rs`
    - auto-declines MCP elicitations when `mcp_elicitations = true`

- Ensured approval policy used by MCP elicitation flow stays in sync
with constrained session policy updates.

- Updated app-server v2 conversions and generated schema/TypeScript
artifacts for the new `Reject` shape.

## Verification

Added focused unit coverage for the new behavior in:
- `core/src/exec_policy.rs`
- `core/src/tools/sandboxing.rs`
- `core/src/mcp_connection_manager.rs`
- `core/src/safety.rs`
- `core/src/tools/runtimes/apply_patch.rs`

Key cases covered include rule-vs-sandbox prompt precedence, MCP
auto-decline behavior, and patch/sandbox retry behavior under
`RejectConfig`.

2026-02-19 11:41:49 -08:00

AccountLoginCompletedNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

AccountRateLimitsUpdatedNotification.json

feat: support multiple rate limits (#11260 )

2026-02-10 20:09:31 -08:00

AccountUpdatedNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

AgentMessageDeltaNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

AppListUpdatedNotification.json

[apps] Expose more fields from apps listing endpoints. (#11706 )

2026-02-17 11:45:04 -08:00

AppsListParams.json

[apps] Add thread_id param to optionally load thread config for apps feature check. (#11279 )

2026-02-09 23:10:26 -08:00

AppsListResponse.json

[apps] Expose more fields from apps listing endpoints. (#11706 )

2026-02-17 11:45:04 -08:00

CancelLoginAccountParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

CancelLoginAccountResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

CommandExecParams.json

feat: make sandbox read access configurable with ReadOnlyAccess (#11387 )

2026-02-11 18:31:14 -08:00

CommandExecResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

CommandExecutionOutputDeltaNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ConfigBatchWriteParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ConfigReadParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ConfigReadResponse.json

feat: add Reject approval policy with granular prompt rejection controls (#12087 )

2026-02-19 11:41:49 -08:00

ConfigRequirementsReadResponse.json

feat: add Reject approval policy with granular prompt rejection controls (#12087 )

2026-02-19 11:41:49 -08:00

ConfigValueWriteParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ConfigWarningNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ConfigWriteResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ContextCompactedNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

DeprecationNoticeNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ErrorNotification.json

change model cap to server overload (#11388 )

2026-02-11 17:16:27 -08:00

ExperimentalFeatureListParams.json

[app-server] Add a method to list experimental features. (#10721 )

2026-02-05 20:04:01 +00:00

ExperimentalFeatureListResponse.json

Add stage field for experimental flags. (#10793 )

2026-02-05 23:31:04 +00:00

FeedbackUploadParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

FeedbackUploadResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

FileChangeOutputDeltaNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

GetAccountParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

GetAccountRateLimitsResponse.json

feat: support multiple rate limits (#11260 )

2026-02-10 20:09:31 -08:00

GetAccountResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ItemCompletedNotification.json

Add message phase to agent message thread item (#12072 )

2026-02-17 20:46:53 -08:00

ItemStartedNotification.json

Add message phase to agent message thread item (#12072 )

2026-02-17 20:46:53 -08:00

ListMcpServerStatusParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ListMcpServerStatusResponse.json

feat: replace custom mcp-types crate with equivalents from rmcp (#10349 )

2026-02-02 17:41:55 -08:00

LoginAccountParams.json

fix(app-server): for external auth, replace id_token with chatgpt_acc… (#11240 )

2026-02-09 20:48:58 -08:00

LoginAccountResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

LogoutAccountResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

McpServerOauthLoginCompletedNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

McpServerOauthLoginParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

McpServerOauthLoginResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

McpServerRefreshResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

McpToolCallProgressNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ModelListParams.json

fix: send unfiltered models over model/list (#11793 )

2026-02-13 16:26:32 -08:00

ModelListResponse.json

fix: send unfiltered models over model/list (#11793 )

2026-02-13 16:26:32 -08:00

ModelReroutedNotification.json

Feat: add model reroute notification (#12001 )

2026-02-17 11:02:23 -08:00

PlanDeltaNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

RawResponseItemCompletedNotification.json

fix(tui): conditionally restore status indicator using message phase (#10947 )

2026-02-07 02:39:52 +00:00

ReasoningSummaryPartAddedNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ReasoningSummaryTextDeltaNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ReasoningTextDeltaNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ReviewStartParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ReviewStartResponse.json

Add message phase to agent message thread item (#12072 )

2026-02-17 20:46:53 -08:00

SkillsConfigWriteParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

SkillsConfigWriteResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

SkillsListParams.json

feat: extend skills/list to support additional roots. (#10835 )

2026-02-09 13:30:38 -08:00

SkillsListResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

SkillsRemoteReadParams.json

app-server: Emit thread archive/unarchive notifications (#12030 )

2026-02-17 14:53:58 -08:00

SkillsRemoteReadResponse.json

feat: add APIs to list and download public remote skills (#10448 )

2026-02-03 14:09:37 -08:00

SkillsRemoteWriteParams.json

Add remote skill scope/product_surface/enabled params and cleanup (#11801 )

2026-02-17 11:05:22 -08:00

SkillsRemoteWriteResponse.json

app-server: Emit thread archive/unarchive notifications (#12030 )

2026-02-17 14:53:58 -08:00

TerminalInteractionNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadArchivedNotification.json

app-server: Emit thread archive/unarchive notifications (#12030 )

2026-02-17 14:53:58 -08:00

ThreadArchiveParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadArchiveResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadCompactStartParams.json

Add thread/compact v2 (#10445 )

2026-02-03 18:15:55 -08:00

ThreadCompactStartResponse.json

Add thread/compact v2 (#10445 )

2026-02-03 18:15:55 -08:00

ThreadForkParams.json

feat: add Reject approval policy with granular prompt rejection controls (#12087 )

2026-02-19 11:41:49 -08:00

ThreadForkResponse.json

feat: add Reject approval policy with granular prompt rejection controls (#12087 )

2026-02-19 11:41:49 -08:00

ThreadListParams.json

Add cwd as an optional field to thread/list (#11651 )

2026-02-13 02:05:04 +00:00

ThreadListResponse.json

app-server: expose loaded thread status via read/list and notifications (#11786 )

2026-02-18 15:20:03 -08:00

ThreadLoadedListParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadLoadedListResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadNameUpdatedNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadReadParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadReadResponse.json

app-server: expose loaded thread status via read/list and notifications (#11786 )

2026-02-18 15:20:03 -08:00

ThreadResumeParams.json

feat: add Reject approval policy with granular prompt rejection controls (#12087 )

2026-02-19 11:41:49 -08:00

ThreadResumeResponse.json

feat: add Reject approval policy with granular prompt rejection controls (#12087 )

2026-02-19 11:41:49 -08:00

ThreadRollbackParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadRollbackResponse.json

app-server: expose loaded thread status via read/list and notifications (#11786 )

2026-02-18 15:20:03 -08:00

ThreadSetNameParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadSetNameResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadStartedNotification.json

app-server: expose loaded thread status via read/list and notifications (#11786 )

2026-02-18 15:20:03 -08:00

ThreadStartParams.json

feat: add Reject approval policy with granular prompt rejection controls (#12087 )

2026-02-19 11:41:49 -08:00

ThreadStartResponse.json

feat: add Reject approval policy with granular prompt rejection controls (#12087 )

2026-02-19 11:41:49 -08:00

ThreadStatusChangedNotification.json

app-server: expose loaded thread status via read/list and notifications (#11786 )

2026-02-18 15:20:03 -08:00

ThreadTokenUsageUpdatedNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadUnarchivedNotification.json

app-server: Emit thread archive/unarchive notifications (#12030 )

2026-02-17 14:53:58 -08:00

ThreadUnarchiveParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

ThreadUnarchiveResponse.json

app-server: expose loaded thread status via read/list and notifications (#11786 )

2026-02-18 15:20:03 -08:00

TurnCompletedNotification.json

Add message phase to agent message thread item (#12072 )

2026-02-17 20:46:53 -08:00

TurnDiffUpdatedNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

TurnInterruptParams.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

TurnInterruptResponse.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

TurnPlanUpdatedNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00

TurnStartedNotification.json

Add message phase to agent message thread item (#12072 )

2026-02-17 20:46:53 -08:00

TurnStartParams.json

feat: add Reject approval policy with granular prompt rejection controls (#12087 )

2026-02-19 11:41:49 -08:00

TurnStartResponse.json

Add message phase to agent message thread item (#12072 )

2026-02-17 20:46:53 -08:00

TurnSteerParams.json

feat(app-server): turn/steer API (#10821 )

2026-02-06 00:35:04 +00:00

TurnSteerResponse.json

feat(app-server): turn/steer API (#10821 )

2026-02-06 00:35:04 +00:00

WindowsSandboxSetupCompletedNotification.json

app-server support for Windows sandbox setup. (#12025 )

2026-02-18 13:03:16 -08:00

WindowsSandboxSetupStartParams.json

app-server support for Windows sandbox setup. (#12025 )

2026-02-18 13:03:16 -08:00

WindowsSandboxSetupStartResponse.json

app-server support for Windows sandbox setup. (#12025 )

2026-02-18 13:03:16 -08:00

WindowsWorldWritableWarningNotification.json

feat: vendor app-server protocol schema fixtures (#10371 )

2026-02-01 23:38:43 -08:00