feat(permissions): support inheritable permissions profiles

[viyatb-oai]

Why

Named permission profiles need a reuse mechanism so we can define a shared base once, then specialize it without copying large filesystem and network tables. The motivating case is a profile that keeps Codex's canonical workspace sandbox behavior while opting into additional policy, for example:

[permissions.workspace_plus_network]
extends = ":workspace"

[permissions.workspace_plus_network.network]
enabled = true

That should inherit the real built-in :workspace behavior rather than a hand-maintained approximation.

What changed

• Add extends to [permissions.<profile>] entries and resolve inherited profiles parent-first with child overrides.
• Allow custom profiles to extend the built-in :workspace profile while preserving its runtime semantics before layering child overrides.
• Merge scoped filesystem rules and normalized domain keys predictably so child profiles refine parents without dropping unrelated inherited rules.
• Teach the network proxy loader to resolve inherited profiles across config layers and to handle built-in default_permissions selections consistently with the main config path.
• Surface the selected profile's direct extends metadata through the active-profile protocol types and refresh the config schema.

Relevant implementation areas:

• codex-rs/config/src/permissions_toml.rs
• codex-rs/core/src/config/permissions.rs
• codex-rs/core/src/network_proxy_loader.rs

Verification

• cargo test -p codex-config
• cargo test -p codex-core permissions_profiles_
• cargo test -p codex-core config_from_layers_resolves_inherited_profiles_across_layers
• cargo test -p codex-core selected_network_from_tables_
• cargo test -p codex-core default_permissions_profile_can_extend_builtin_workspace
• cargo test -p codex-core selected_network_from_tables_resolves_builtin_workspace_parent

Documentation

The Codex permissions docs on developers.openai.com should be updated alongside rollout to describe profile inheritance and extends = ":workspace".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a8a8ed4dff

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Recompute proxy config when the selected profile changes

When a higher-precedence layer changes default_permissions to a profile with no network table (or to a built-in profile), selected_network_from_tables returns None, so the subsequent apply leaves any domains/proxy options that were already applied from a lower-precedence selected profile in config. Since this loop now parses the cumulative merged config on each iteration, the effective proxy policy can retain a lower-layer allowlist even though the final merged default_permissions no longer selects that profile; compute/apply from the final merged config, or reset the mutable proxy config before applying each cumulative selection.

Useful? React with 👍 / 👎.