Michael Bolin a1ecf0cf1c thread-store: store permission profiles (#23165) ...

## Why

`SandboxPolicy` is the legacy compatibility shape, but
`codex-thread-store` still exposed it through `StoredThread`,
`ThreadMetadataPatch`, and live metadata sync. That kept thread-store
consumers tied to the legacy representation and meant richer permission
profile data could not round-trip through thread metadata or cold
rollout reconciliation.

## What Changed

- Replaced thread-store `sandbox_policy` API fields with canonical
`PermissionProfile` fields.
- Persist new permission-profile metadata as canonical JSON in the
existing SQLite metadata slot while continuing to read older legacy
sandbox policy values.
- Updated local, in-memory, live metadata sync, and rollout extraction
paths to propagate `TurnContextItem::permission_profile()`.
- Re-materialize legacy permission metadata against the final rollout
cwd when rollout-derived metadata replaces stale SQLite summaries.
- Updated affected app-server and core test constructors to build
`PermissionProfile` values directly.

## Test Plan

- `cargo test -p codex-state`
- `cargo test -p codex-thread-store`
- `cargo test -p codex-app-server
summary_from_stored_thread_preserves_millisecond_precision --lib`
- `cargo test -p codex-core realtime_context --lib`

2026-05-29 11:55:31 -07:00

..

goals_migrations

feat: dedicated goal DB (#23300)

2026-05-19 11:11:41 +02:00

logs_migrations

Align SQLite feedback logs with feedback formatter (#13494)

2026-03-18 22:44:31 +00:00

memory_migrations

Move memory state to a dedicated SQLite DB (#24591)

2026-05-26 20:07:25 +02:00

migrations

Move memory state to a dedicated SQLite DB (#24591)

2026-05-26 20:07:25 +02:00

src

thread-store: store permission profiles (#23165)

2026-05-29 11:55:31 -07:00

BUILD.bazel

Move memory state to a dedicated SQLite DB (#24591)

2026-05-26 20:07:25 +02:00

Cargo.toml

Move git utilities into a dedicated crate (#15564)

2026-03-24 13:26:23 -07:00