feat(cli): add sandbox profile config controls#20118
Merged
viyatb-oai merged 2 commits intomainfrom Apr 29, 2026
Merged
Conversation
This was referenced Apr 29, 2026
This was referenced Apr 29, 2026
viyatb-oai
force-pushed
the
codex/viyatb/sandbox-ui-config
branch
from
731ec51 to
0483839
Compare
viyatb-oai
force-pushed
the
codex/viyatb/sandbox-ui-profile
branch
from
7b4615b to
8fcc1c3
Compare
viyatb-oai
force-pushed
the
codex/viyatb/sandbox-ui-config
branch
from
0483839 to
dcc592e
Compare
bolinfest
approved these changes
Apr 29, 2026
viyatb-oai
added a commit
that referenced
this pull request
Apr 29, 2026
## Why `codex sandbox` is useful for exercising sandbox behavior directly, but before this stack the CLI only picked up permission profiles indirectly from the active config. The existing debug-sandbox path already compiled `[permissions]` profiles through normal config loading, as covered by the existing profile tests in [`debug_sandbox.rs`](https://github.com/openai/codex/blob/de2ccf94735a3d8a2a7077e6a5292026413867cf/codex-rs/cli/src/debug_sandbox.rs#L715-L760). This adds the smallest stable entry point first: an explicit profile selector that reuses the same config machinery as normal Codex config, so standalone testing becomes possible without changing current no-selector behavior. ## What changed - Add additive `--permissions-profile NAME` support to `codex sandbox macos|linux|windows`. - Resolve built-in and user-defined profile names by feeding `default_permissions` through the existing config compilation path instead of inventing a sandbox-only parser. - Make an explicit selector win over an ambient active profile's legacy `sandbox_mode`. - Keep the existing no-selector behavior unchanged. ## Stack 1. #20117 `sandbox-ui-profile` --> this PR 2. #20118 `sandbox-ui-config` Both PRs are additive. Replay JSON is intentionally deferred to a follow-up design pass. ## Tests ran - `cargo test -p codex-cli debug_sandbox` - `cargo test -p codex-cli sandbox_macos_parses_permissions_profile` - `cargo test -p codex-core cli_override_takes_precedence_over_profile_sandbox_mode` - macOS branch-binary smoke on the rebased top of stack: built-in `:workspace` and user-defined profiles both executed successfully through `--permissions-profile`. - Linux devbox branch-binary smoke on the rebased top of stack: built-in `:workspace` and user-defined profiles both executed successfully through `--permissions-profile`.
Co-authored-by: Codex noreply@openai.com
Co-authored-by: Codex noreply@openai.com
viyatb-oai
force-pushed
the
codex/viyatb/sandbox-ui-config
branch
from
3152d62 to
3ec0fbd
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
The explicit profile path from #20117 is meant for standalone testing, but it still inherited the
shell cwd and all managed requirements implicitly. The pre-existing launcher path even called out
that it did not support a separate cwd yet in
debug_sandbox.rs.For a standalone command, the useful default is to let the caller choose the project directory being
tested and to avoid administrator-provided constraints unless the caller explicitly wants to test
those too.
What changed
-C/--cd DIR, and use that cwd for both profile resolution and commandexecution.
--include-managed-config.requirements, MDM requirements,
/etc/codex/requirements.toml, and the legacy managed-configrequirements projection.
Stack
sandbox-ui-profilesandbox-ui-config--> this PRBoth PRs are additive. Replay JSON is intentionally deferred to a follow-up design pass.
Tests ran
cargo test -p codex-cli debug_sandboxcargo test -p codex-cli sandbox_macos_cargo test -p codex-core load_config_layers_can_ignore_managed_requirementscargo test -p codex-core load_config_layers_includes_cloud_requirements-Cchanged execution cwd, explicitprofile mode omitted managed proxy env under
env -i, and--include-managed-configrestored it.-Cchanged execution cwd forbuilt-in and user-defined explicit profiles.