Conversation
## Why Several execution paths still converted profile-backed permissions into `SandboxPolicy` and then rebuilt runtime permissions from that legacy shape. Those round trips are unnecessary after the preceding PRs and can lose split filesystem semantics. Core approval and escalation should carry the resolved profile directly. ## What Changed - Removes `sandbox_policy` from `ResolvedPermissionProfile`; the resolved permission object now carries the canonical `PermissionProfile` directly. - Updates exec-policy fallback, shell/unified-exec interception, escalation reruns, and related tests to pass profiles instead of legacy policies. - Removes legacy additional-permission merge helpers that built an effective `SandboxPolicy` before rebuilding runtime permissions. - Keeps legacy projections only at compatibility boundaries that still require `SandboxPolicy`, not in core permission computation. ## Verification - `cargo test -p codex-core direct_write_roots` - `cargo test -p codex-core runtime_roots_to_legacy_projection` - `cargo test -p codex-app-server requested_permissions_trust_project_uses_permission_profile_intent` --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/19394). * #19737 * #19736 * #19735 * #19734 * #19395 * __->__ #19394
💡 Codex Reviewcodex/codex-rs/analytics/src/reducer.rs Lines 967 to 968 in e772ad6  Preserve network-restricted mode in managed sandbox metrics
This branch classifies every managed profile with full-disk write access as ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
bolinfest
force-pushed
the
pr19734
branch
3 times, most recently
from
efa5c79 to
874f927
Compare
|
[codex] Addressed by preserving the |
bolinfest
force-pushed
the
pr19734
branch
2 times, most recently
from
23d8790 to
b80c55b
Compare
2 participants
Why
The remaining migration work still needs
SandboxPolicyat a few compatibility boundaries, but those projections should come from one canonical path. Keeping ad hoc legacy projections scattered through app-server, CLI, and config code makes it easy for behavior to drift asPermissionProfilegains fidelity that the legacy enum cannot represent.What Changed
Permissions::legacy_sandbox_policy(cwd)andConfig::legacy_sandbox_policy()as the compatibility projection from the canonicalPermissionProfile.Permissions::can_set_legacy_sandbox_policy()so legacy inputs are checked after they are converted into profile semantics.SandboxPolicyin place only for boundary inputs/outputs that still speak the legacy abstraction.Verification
cargo check -p codex-config -p codex-core -p codex-sandboxing -p codex-app-server -p codex-cli -p codex-tuicargo test -p codex-tui permissions_selection_history_snapshot_full_access_to_default -- --nocapturecargo test -p codex-tui permissions_selection_sends_approvals_reviewer_in_override_turn_context -- --nocapturebazel test //codex-rs/tui:tui-unit-tests-bin --test_arg=permissions_selection_history_snapshot_full_access_to_default --test_output=errorsbazel test //codex-rs/tui:tui-unit-tests-bin --test_arg=permissions_selection_sends_approvals_reviewer_in_override_turn_context --test_output=errorsStack created with Sapling. Best reviewed with ReviewStack.