Skip to content

core tests: configure profiles directly#20015

Merged
bolinfest merged 1 commit intomainfrom
pr20015
Apr 29, 2026
Merged

core tests: configure profiles directly#20015
bolinfest merged 1 commit intomainfrom
pr20015

Conversation

@bolinfest
Copy link
Copy Markdown
Collaborator

@bolinfest bolinfest commented Apr 28, 2026
edited
Loading

Summary

  • Replace legacy sandbox config setup in delegate and telemetry tests with direct PermissionProfile configuration.
  • Move no-sandbox and read-only test turns in tools.rs, code_mode.rs, user_shell_cmd.rs, and model_visible_layout.rs from legacy SandboxPolicy values to PermissionProfile helpers, while leaving the deny-glob read-only compatibility case for a later targeted cleanup.
  • Use PermissionProfile::read_only() where tests need managed read-only behavior and PermissionProfile::Disabled where they intentionally need no sandbox.
  • Reduce SandboxPolicy references in codex-rs/core/tests from 27 files after core tests: migrate more turns to permission profiles #20013 to 22 files.

Testing

  • cargo check -p codex-core --tests
  • just fmt

@bolinfest bolinfest requested a review from a team as a code owner April 28, 2026 16:19
@bolinfest bolinfest changed the base branch from main to pr20013 April 28, 2026 16:19
This was referenced Apr 28, 2026
Merged
Merged
Merged
Merged
Merged
@bolinfest bolinfest force-pushed the pr20015 branch 3 times, most recently from 9f7581f to 63ed7a6 Compare April 28, 2026 16:23
@bolinfest bolinfest mentioned this pull request Apr 28, 2026
Merged
@chatgpt-codex-connector
Copy link
Copy Markdown
Contributor

chatgpt-codex-connector Bot commented Apr 28, 2026

💡 Codex Review

codex/codex-rs/tui/src/app_server_session.rs

Lines 1121 to 1124 in 44a6fc8

} else if file_system_policy.can_write_path_with_cwd(cwd, cwd) {
Some(codex_app_server_protocol::SandboxMode::WorkspaceWrite)
} else {
Some(codex_app_server_protocol::SandboxMode::ReadOnly)

P2 Badge Classify compatible managed profiles as workspace-write

This branch downgrades any managed profile that cannot write cwd to ReadOnly, but profiles with writable roots outside the workspace are still compatibility-projected as workspace-write elsewhere (for example via compatibility_sandbox_policy_for_permission_profile). Because thread_start_params_from_config / resume / fork call this helper in remote mode, those valid profiles are initialized as read-only on the app-server side, which can make thread-level permissions stricter than the configured profile until a turn override is sent.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@bolinfest
Copy link
Copy Markdown
Collaborator Author

bolinfest commented Apr 28, 2026

[codex] Addressed in 5f618ba, which is in this stack below #20015. Remote start/resume/fork sandbox-mode mapping now treats any managed profile with writable roots as workspace-write instead of only checking whether cwd itself is writable; added coverage for a non-cwd write root.

@bolinfest bolinfest mentioned this pull request Apr 28, 2026
Merged
This was referenced Apr 28, 2026
Merged
Merged
Merged
This was referenced Apr 28, 2026
Merged
Merged
Merged
@bolinfest bolinfest mentioned this pull request Apr 28, 2026
Merged
This was referenced Apr 28, 2026
Merged
Merged
Merged
Merged
Merged
bolinfest added a commit that referenced this pull request Apr 28, 2026
@bolinfest
permissions: add built-in default profiles (#19900)
9e26613 
## Why

The migration away from `SandboxPolicy` needs new configs to start from
permissions profiles instead of deriving profiles from legacy sandbox
modes. Existing users can have empty `config.toml` files, and we should
not rewrite user-owned config files that may live in shared
repositories.

This PR introduces built-in profile names so an empty config can resolve
to a canonical `PermissionProfile`, while explicit named `[permissions]`
profiles still behave predictably.

## What changed

- Adds built-in `default_permissions` profile names:
  - `:read-only` maps to `PermissionProfile::read_only()`.
- `:workspace` maps to the workspace-write profile, including
project-root metadata carveouts.
- `:danger-no-sandbox` maps to `PermissionProfile::Disabled`, preserving
the distinction between no sandbox and a broad managed sandbox.
- Reserves the `:` prefix for built-in profiles so user-defined
`[permissions]` profiles cannot collide with future built-ins.
- Allows `default_permissions` to reference a built-in profile without
requiring a `[permissions]` table.
- Makes an otherwise empty config choose a built-in profile by
trust/platform context: trusted or untrusted project roots use
`:workspace` when the platform supports that sandbox, while roots
without a trust decision use `:read-only`.
- Keeps legacy `sandbox_mode` configs on the legacy path, and still
rejects user-defined `[permissions]` profiles that omit
`default_permissions` so we do not silently guess among custom profiles.
- Preserves compatibility behavior for implicit defaults: bare
`network.enabled = true` allows runtime network without starting the
managed proxy, explicit profile proxy policy still starts the proxy, and
implicit workspace/add-dir roots keep legacy metadata carveouts.

## Verification

- `cargo test -p codex-core builtin --lib`
- `cargo test -p codex-core profile_network_proxy_config`
- `cargo test -p codex-core
implicit_builtin_workspace_profile_preserves_add_dir_metadata_carveouts`
- `cargo test -p codex-core
permissions_profiles_network_enabled_allows_runtime_network_without_proxy`
- `cargo test -p codex-core
permissions_profiles_proxy_policy_starts_managed_network_proxy`

## Documentation

Public Codex config docs should mention these built-in names when the
`[permissions]` config format is ready to document as stable.









---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/19900).
* #20041
* #20040
* #20037
* #20035
* #20034
* #20033
* #20032
* #20030
* #20028
* #20027
* #20026
* #20024
* #20021
* #20018
* #20016
* #20015
* #20013
* #20011
* #20010
* #20008
* __->__ #19900
@bolinfest bolinfest force-pushed the pr20015 branch 3 times, most recently from 6ad6560 to 7fc48fd Compare April 28, 2026 20:02
@bolinfest bolinfest force-pushed the pr20013 branch 2 times, most recently from 820a699 to faa8528 Compare April 28, 2026 20:10
@bolinfest bolinfest force-pushed the pr20015 branch 2 times, most recently from 34fa952 to 9bc08ac Compare April 28, 2026 20:18
bolinfest added a commit that referenced this pull request Apr 28, 2026
@bolinfest
tui: use permission profiles for sandbox state (#20008)
3b74a4d 
## Summary
- Move TUI permission state from legacy `SandboxPolicy` values to
canonical `PermissionProfile` values across presets, app events, chat
widget state, app commands, thread routing, and cached thread session
state.
- Keep app-server compatibility boundaries explicit: embedded sessions
send `permissionProfile`, while remote sessions send only a legacy
`sandbox` projection and fall back to read-only when a custom profile
cannot be projected.
- Update status/add-dir UI summaries and snapshots to render the active
permission profile, including workspace profiles selected by the new
built-in defaults.

## Verification
- `rg '\bSandboxPolicy\b' codex-rs/tui -n` returns no matches.
- `cargo test -p codex-tui`
- `cargo check -p codex-tui --tests`
- `cargo test -p codex-tui additional_dirs`
- `just fmt`
- `just fix -p codex-tui`




































---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/20008).
* #20041
* #20040
* #20037
* #20035
* #20034
* #20033
* #20032
* #20030
* #20028
* #20027
* #20026
* #20024
* #20021
* #20018
* #20016
* #20015
* #20013
* #20011
* #20010
* __->__ #20008
@bolinfest bolinfest requested a review from viyatb-oai April 29, 2026 00:03
Base automatically changed from pr20013 to main April 29, 2026 00:05
@bolinfest bolinfest merged commit 158b2a4 into main Apr 29, 2026
25 of 36 checks passed
@bolinfest bolinfest deleted the pr20015 branch April 29, 2026 00:07
@github-actions github-actions Bot locked and limited conversation to collaborators Apr 29, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@viyatb-oai viyatb-oai Awaiting requested review from viyatb-oai

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bolinfest