Skip to content

permissions: remove core legacy policy round trips#19394

Open
bolinfest wants to merge 1 commit intopr19393from
pr19394
Open

permissions: remove core legacy policy round trips#19394
bolinfest wants to merge 1 commit intopr19393from
pr19394

Conversation

@bolinfest
Copy link
Copy Markdown
Collaborator

@bolinfest bolinfest commented Apr 24, 2026

Why

Several execution paths still converted profile-backed permissions into SandboxPolicy and then rebuilt runtime permissions from that legacy shape. Those round trips are unnecessary after the preceding PRs and can lose split filesystem semantics. Core approval and escalation should carry the resolved profile directly.

What Changed

  • Removes sandbox_policy from ResolvedPermissionProfile; the resolved permission object now carries the canonical PermissionProfile directly.
  • Updates exec-policy fallback, shell/unified-exec interception, escalation reruns, and related tests to pass profiles instead of legacy policies.
  • Removes legacy additional-permission merge helpers that built an effective SandboxPolicy before rebuilding runtime permissions.
  • Keeps legacy projections only at compatibility boundaries that still require SandboxPolicy, not in core permission computation.

Verification

  • cargo test -p codex-core direct_write_roots
  • cargo test -p codex-core runtime_roots_to_legacy_projection
  • cargo test -p codex-app-server requested_permissions_trust_project_uses_permission_profile_intent

Stack created with Sapling. Best reviewed with ReviewStack.

@bolinfest bolinfest requested a review from a team as a code owner April 24, 2026 16:02
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from 55c2f31 to 7010512 Compare April 24, 2026 16:47
@bolinfest bolinfest force-pushed the pr19393 branch 2 times, most recently from 2665e60 to 79f119e Compare April 24, 2026 17:05
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from 5c02727 to 1bdc3bd Compare April 24, 2026 18:08
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from f044efc to f8fb073 Compare April 24, 2026 19:09
@bolinfest bolinfest force-pushed the pr19393 branch 2 times, most recently from 8171f53 to 4a21ac5 Compare April 24, 2026 20:19
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from 716b5c9 to 8cfb152 Compare April 25, 2026 02:57
@bolinfest bolinfest force-pushed the pr19393 branch 2 times, most recently from 7ef8fba to a655a3e Compare April 25, 2026 03:42
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from b9e5dc4 to a56d7b0 Compare April 25, 2026 03:46
@bolinfest bolinfest force-pushed the pr19393 branch 2 times, most recently from b55d950 to 828b90d Compare April 25, 2026 04:23
@bolinfest bolinfest force-pushed the pr19394 branch 2 times, most recently from af09a5c to 5408197 Compare April 25, 2026 15:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant