Bug
In Codex CLI 0.124.0, selecting:
/permissions -> Full Access -> Yes, continue anyway
is described as applying Full Access "for this session", but it also persists approvals_reviewer = "user" to config.toml.
Expected
The session-only confirmation should update the active session state only.
Actual
approvals_reviewer is written to config.toml, which can overwrite a persisted reviewer such as guardian_subagent.
Reproduction
- Start Codex with a non-Full Access permission state and a persisted reviewer, for example
approvals_reviewer = "guardian_subagent".
- Open
/permissions.
- Select
Full Access.
- In the confirmation prompt, select
Yes, continue anyway, whose description is Apply full access for this session.
- Inspect
~/.codex/config.toml.
Observed locally on codex-cli 0.124.0: the persisted config changed approvals_reviewer to user even though the prompt said the choice was session-scoped.
Patch
I prepared a minimal fix in my fork:
The patch adds a session-only UpdateApprovalsReviewerForSession event and uses it for /permissions preset selection. The existing persistent UpdateApprovalsReviewer event remains available for paths that intentionally write approvals_reviewer to config.toml.
I could not open a PR because this repository currently limits pull request creation to collaborators.
Local verification
Not run locally:
cargo fmtcargo test -p codex-tui permissions_full_access_history_cell_emitted_only_after_confirmation
Reason: the local shell used for preparing the patch does not currently have cargo, rustfmt, or just on PATH.
Bug
In Codex CLI 0.124.0, selecting:
is described as applying Full Access "for this session", but it also persists
approvals_reviewer = "user"toconfig.toml.Expected
The session-only confirmation should update the active session state only.
Actual
approvals_revieweris written toconfig.toml, which can overwrite a persisted reviewer such asguardian_subagent.Reproduction
approvals_reviewer = "guardian_subagent"./permissions.Full Access.Yes, continue anyway, whose description isApply full access for this session.~/.codex/config.toml.Observed locally on
codex-cli 0.124.0: the persisted config changedapprovals_reviewertousereven though the prompt said the choice was session-scoped.Patch
I prepared a minimal fix in my fork:
The patch adds a session-only
UpdateApprovalsReviewerForSessionevent and uses it for/permissionspreset selection. The existing persistentUpdateApprovalsReviewerevent remains available for paths that intentionally writeapprovals_reviewertoconfig.toml.I could not open a PR because this repository currently limits pull request creation to collaborators.
Local verification
git diff --checkpassedNot run locally:
cargo fmtcargo test -p codex-tui permissions_full_access_history_cell_emitted_only_after_confirmationReason: the local shell used for preparing the patch does not currently have
cargo,rustfmt, orjustonPATH.