Skip to content

[mcp] Fix plugin MCP approval policy.#19537

Merged
mzeng-openai merged 14 commits intomainfrom
dev/mzeng/plugin-mcp-policy
Apr 29, 2026
Merged

[mcp] Fix plugin MCP approval policy.#19537
mzeng-openai merged 14 commits intomainfrom
dev/mzeng/plugin-mcp-policy

Conversation

@mzeng-openai
Copy link
Copy Markdown
Collaborator

@mzeng-openai mzeng-openai commented Apr 25, 2026
edited
Loading

Plugin MCP servers are loaded from plugin manifests rather than top-level [mcp_servers], so their tool approval preferences need to be stored and applied through the owning plugin config. Without this, choosing "Always allow" for a plugin MCP tool could write a preference that was not reliably used on later tool calls.

Summary

  • Add plugin-scoped MCP policy config under plugins.<plugin>.mcp_servers, including server enablement, tool allow/deny lists, server defaults, and per-tool approval modes.
  • Overlay plugin MCP policy onto manifest-provided server configs when plugins are loaded.
  • Route persistent "Always allow" writes for plugin MCP tools back to the owning plugins.<plugin>.mcp_servers.<server>.tools.<tool> config entry.
  • Reload user config after persisting an approval and make the plugin load cache config-aware so stale plugin MCP policy is not reused after config.toml changes.
  • Regenerate the config schema and add coverage for plugin MCP policy loading, approval lookup, persistence, and stale-cache prevention.

Testing

  • cargo test -p codex-config
  • cargo test -p codex-core-plugins
  • cargo test -p codex-core --lib plugin_mcp

@mzeng-openai mzeng-openai changed the title Add plugin MCP policy persistence [mcp] Save Plugin MCP policies to config.toml Apr 25, 2026
@mzeng-openai mzeng-openai marked this pull request as ready for review April 26, 2026 07:17
@mzeng-openai mzeng-openai requested a review from a team as a code owner April 26, 2026 07:17
@mzeng-openai mzeng-openai changed the title [mcp] Save Plugin MCP policies to config.toml [mcp] Fix plugin MCP approval policy. Apr 26, 2026
mzeng-openai
mzeng-openai commented Apr 27, 2026
View reviewed changes
Comment thread codex-rs/core/src/plugins/manager.rs
}

if !force_reload && let Some(outcome) = self.cached_enabled_outcome() {
let config_version = version_for_toml(&config.config_layer_stack.effective_config());
Copy link
Copy Markdown
Collaborator Author

@mzeng-openai mzeng-openai Apr 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Invalidate plugin cache when the actual config changes.

This was referenced Apr 28, 2026
Open
Open
shijie-oai
shijie-oai reviewed Apr 28, 2026
View reviewed changes
Comment thread codex-rs/config/src/types.rs
shijie-oai
shijie-oai reviewed Apr 28, 2026
View reviewed changes
Comment thread codex-rs/config/src/types.rs
@mzeng-openai
Merge branch 'main' of github.com:openai/codex into dev/mzeng/plugin-…
db793b6 
…mcp-policy

# Conflicts:
#	codex-rs/core/src/plugins/manager.rs
#	codex-rs/core/src/plugins/manager_tests.rs
@mzeng-openai
Merge branch 'dev/mzeng/plugin-mcp-policy' of github.com:openai/codex…
b48b58e 
… into dev/mzeng/plugin-mcp-policy
@mzeng-openai
Merge branch 'main' into dev/mzeng/plugin-mcp-policy
af5fb2d
@mzeng-openai mzeng-openai merged commit e20391e into main Apr 29, 2026
25 checks passed
@mzeng-openai mzeng-openai deleted the dev/mzeng/plugin-mcp-policy branch April 29, 2026 22:40
@github-actions github-actions Bot locked and limited conversation to collaborators Apr 29, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@owenlin0 owenlin0 owenlin0 approved these changes

@xl-openai xl-openai xl-openai approved these changes

@shijie-oai shijie-oai shijie-oai approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@mzeng-openai @owenlin0 @xl-openai @shijie-oai