mirror of
https://github.com/openai/codex.git
synced 2026-05-16 17:23:57 +00:00
8a5306ff88
## Why This PR builds on [#22610](https://github.com/openai/codex/pull/22610) and is the app-server side of the migration from mutable per-turn `SandboxPolicy` replacement toward selecting immutable permission profiles by id plus mutable runtime workspace roots. Once permission profiles can carry their own immutable `workspace_roots`, app-server no longer needs to mutate the selected `PermissionProfile` just to represent thread-specific filesystem context. The mutable part now lives on the thread as explicit `runtimeWorkspaceRoots`, while `:workspace_roots` remains symbolic until the sandbox is realized for a turn. ## What Changed - Replaced the v2 permission-selection wrapper surface with plain profile ids for `thread/start`, `thread/resume`, `thread/fork`, and `turn/start`. - Removed the API surface for profile modifications (`PermissionProfileSelectionParams`, `PermissionProfileModificationParams`, `ActivePermissionProfileModification`). - Added experimental `runtimeWorkspaceRoots` fields to the thread lifecycle and turn-start APIs. - Threaded runtime workspace roots through core session/thread snapshots, turn overrides, app-server request handling, and command execution permission resolution. - Kept session permission state symbolic so later runtime root updates and cwd-only implicit-root retargeting rebind `:workspace_roots` correctly. - Updated the embedded clients just enough to send and restore the new thread state. - Refreshed the generated schema/TypeScript artifacts and the app-server README to match the new contract. ## Verification Targeted coverage for this layer lives in: - `codex-rs/app-server-protocol/src/protocol/v2/tests.rs` - `codex-rs/app-server/tests/suite/v2/thread_start.rs` - `codex-rs/app-server/tests/suite/v2/thread_resume.rs` - `codex-rs/app-server/tests/suite/v2/turn_start.rs` - `codex-rs/core/src/session/tests.rs` The key regression checks exercise that: - `runtimeWorkspaceRoots` resolve against the effective cwd on thread start. - Profile-declared workspace roots are excluded from the runtime workspace roots returned by app-server. - A turn-level runtime workspace-root update persists onto the thread and is returned by `thread/resume`. - A named permission profile selected on one turn remains symbolic so a later runtime-root-only turn update changes the actual sandbox writes. - A cwd-only turn update retargets the implicit runtime cwd root while preserving additional runtime roots. - The protocol fixtures and generated client artifacts stay in sync with the string-based permission selection contract. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/22611). * #22612 * __->__ #22611
180 lines
4.2 KiB
JSON
Generated
180 lines
4.2 KiB
JSON
Generated
{
|
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
"definitions": {
|
|
"ApprovalsReviewer": {
|
|
"description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `auto_review` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request. The legacy value `guardian_subagent` is accepted for compatibility.",
|
|
"enum": [
|
|
"user",
|
|
"auto_review",
|
|
"guardian_subagent"
|
|
],
|
|
"type": "string"
|
|
},
|
|
"AskForApproval": {
|
|
"oneOf": [
|
|
{
|
|
"enum": [
|
|
"untrusted",
|
|
"on-failure",
|
|
"on-request",
|
|
"never"
|
|
],
|
|
"type": "string"
|
|
},
|
|
{
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"granular": {
|
|
"properties": {
|
|
"mcp_elicitations": {
|
|
"type": "boolean"
|
|
},
|
|
"request_permissions": {
|
|
"default": false,
|
|
"type": "boolean"
|
|
},
|
|
"rules": {
|
|
"type": "boolean"
|
|
},
|
|
"sandbox_approval": {
|
|
"type": "boolean"
|
|
},
|
|
"skill_approval": {
|
|
"default": false,
|
|
"type": "boolean"
|
|
}
|
|
},
|
|
"required": [
|
|
"mcp_elicitations",
|
|
"rules",
|
|
"sandbox_approval"
|
|
],
|
|
"type": "object"
|
|
}
|
|
},
|
|
"required": [
|
|
"granular"
|
|
],
|
|
"title": "GranularAskForApproval",
|
|
"type": "object"
|
|
}
|
|
]
|
|
},
|
|
"SandboxMode": {
|
|
"enum": [
|
|
"read-only",
|
|
"workspace-write",
|
|
"danger-full-access"
|
|
],
|
|
"type": "string"
|
|
},
|
|
"ThreadSource": {
|
|
"enum": [
|
|
"user",
|
|
"subagent",
|
|
"memory_consolidation"
|
|
],
|
|
"type": "string"
|
|
}
|
|
},
|
|
"description": "There are two ways to fork a thread: 1. By thread_id: load the thread from disk by thread_id and fork it into a new thread. 2. By path: load the thread from disk by path and fork it into a new thread.\n\nIf using path, the thread_id param will be ignored.\n\nPrefer using thread_id whenever possible.",
|
|
"properties": {
|
|
"approvalPolicy": {
|
|
"anyOf": [
|
|
{
|
|
"$ref": "#/definitions/AskForApproval"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
]
|
|
},
|
|
"approvalsReviewer": {
|
|
"anyOf": [
|
|
{
|
|
"$ref": "#/definitions/ApprovalsReviewer"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Override where approval requests are routed for review on this thread and subsequent turns."
|
|
},
|
|
"baseInstructions": {
|
|
"type": [
|
|
"string",
|
|
"null"
|
|
]
|
|
},
|
|
"config": {
|
|
"additionalProperties": true,
|
|
"type": [
|
|
"object",
|
|
"null"
|
|
]
|
|
},
|
|
"cwd": {
|
|
"type": [
|
|
"string",
|
|
"null"
|
|
]
|
|
},
|
|
"developerInstructions": {
|
|
"type": [
|
|
"string",
|
|
"null"
|
|
]
|
|
},
|
|
"ephemeral": {
|
|
"type": "boolean"
|
|
},
|
|
"model": {
|
|
"description": "Configuration overrides for the forked thread, if any.",
|
|
"type": [
|
|
"string",
|
|
"null"
|
|
]
|
|
},
|
|
"modelProvider": {
|
|
"type": [
|
|
"string",
|
|
"null"
|
|
]
|
|
},
|
|
"sandbox": {
|
|
"anyOf": [
|
|
{
|
|
"$ref": "#/definitions/SandboxMode"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
]
|
|
},
|
|
"serviceTier": {
|
|
"type": [
|
|
"string",
|
|
"null"
|
|
]
|
|
},
|
|
"threadId": {
|
|
"type": "string"
|
|
},
|
|
"threadSource": {
|
|
"anyOf": [
|
|
{
|
|
"$ref": "#/definitions/ThreadSource"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Optional client-supplied analytics source classification for this forked thread."
|
|
}
|
|
},
|
|
"required": [
|
|
"threadId"
|
|
],
|
|
"title": "ThreadForkParams",
|
|
"type": "object"
|
|
} |