Skip to content

permissions: finish profile-backed app surfaces#19395

Merged
bolinfest merged 1 commit intomainfrom
pr19395
Apr 27, 2026
Merged

permissions: finish profile-backed app surfaces#19395
bolinfest merged 1 commit intomainfrom
pr19395

Conversation

@bolinfest
Copy link
Copy Markdown
Collaborator

@bolinfest bolinfest commented Apr 24, 2026
edited
Loading

Why

Now that core execution is profile-backed, the user-facing and app-facing surfaces should stop presenting the legacy sandbox projection as authoritative. This matters for fidelity: External and Disabled can both look permissive through old sandbox-mode summaries, but they mean different operational states.

What Changed

  • Sends PermissionProfile from the in-process exec client for thread start, resume, and turn start instead of falling back to legacy sandbox mode.
  • Summarizes CLI and TUI sandbox state from profiles, including distinct labels for external-sandbox and danger-full-access plus writable-root summaries for managed profiles.
  • Updates app-server project-trust checks to ask whether the active/requested profile can write the project cwd, rather than matching legacy sandbox variants.
  • Computes bwrap warnings from whether the profile actually requires a platform sandbox.
  • Classifies analytics sandbox mode directly from profile filesystem/network state while preserving the legacy external_sandbox bucket for managed full-filesystem profiles with restricted network.
  • Adds coverage for managed, disabled, and external profile summaries, plus analytics classification for managed full-disk/restricted-network profiles.

Verification

  • cargo check -p codex-config -p codex-core -p codex-sandboxing -p codex-app-server -p codex-cli -p codex-tui
  • cargo test -p codex-analytics managed_full_disk_with_restricted_network_reports_external_sandbox
  • cargo test -p codex-core direct_write_roots
  • cargo test -p codex-core runtime_roots_to_legacy_projection
  • cargo test -p codex-app-server requested_permissions_trust_project_uses_permission_profile_intent

Stack created with Sapling. Best reviewed with ReviewStack.

This was referenced Apr 24, 2026
Merged
Merged
Merged
Merged
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Apr 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 6c1797f185

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread codex-rs/exec/src/event_processor_with_human_output_tests.rs Outdated
@bolinfest bolinfest force-pushed the pr19395 branch 2 times, most recently from 2cdb4ca to f697657 Compare April 24, 2026 16:19
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from 55c2f31 to 7010512 Compare April 24, 2026 16:47
@bolinfest bolinfest force-pushed the pr19395 branch 2 times, most recently from 63d386f to 38fc750 Compare April 24, 2026 17:18
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from 7642d2e to 5c02727 Compare April 24, 2026 17:28
@bolinfest bolinfest force-pushed the pr19395 branch 2 times, most recently from 2f73fca to 4145cae Compare April 24, 2026 18:08
@bolinfest bolinfest mentioned this pull request Apr 24, 2026
Merged
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from f044efc to f8fb073 Compare April 24, 2026 19:09
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from 5408197 to 93f49ad Compare April 25, 2026 16:17
@bolinfest bolinfest force-pushed the pr19395 branch 2 times, most recently from 47ce60e to d958f52 Compare April 25, 2026 17:25
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from 7937eb3 to de2513e Compare April 25, 2026 20:48
@bolinfest bolinfest force-pushed the pr19395 branch 2 times, most recently from e154f63 to a9df4bd Compare April 25, 2026 22:28
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from 39d56bc to e422ec7 Compare April 25, 2026 22:46
This was referenced Apr 25, 2026
Merged
Merged
This was referenced Apr 26, 2026
Open
Open
Open
@Huynhthuongg Huynhthuongg mentioned this pull request Apr 26, 2026
Open
This was referenced Apr 26, 2026
Merged
Merged
Merged
Merged
Merged
@github-actions github-actions Bot mentioned this pull request Apr 27, 2026
Open
This was referenced Apr 27, 2026
Open
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@viyatb-oai viyatb-oai viyatb-oai approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bolinfest @viyatb-oai