chore: sub-agent never ask for approval (#11464)
This commit is contained in:
jif-oai
GitHub
parent
b4ffb2eb58
commit
2fac9cc8cd
3 changed files with 9 additions and 28 deletions
|
|
@ -7,6 +7,7 @@ use codex_protocol::models::ContentItem;
|
|||
use codex_protocol::models::ResponseItem;
|
||||
use codex_protocol::protocol::AgentMessageContentDeltaEvent;
|
||||
use codex_protocol::protocol::AgentMessageDeltaEvent;
|
||||
use codex_protocol::protocol::AskForApproval;
|
||||
use codex_protocol::protocol::Event;
|
||||
use codex_protocol::protocol::EventMsg;
|
||||
use codex_protocol::protocol::ExitedReviewModeEvent;
|
||||
|
|
@ -95,6 +96,7 @@ async fn start_review_conversation(
|
|||
|
||||
// Set explicit review rubric for the sub-agent
|
||||
sub_agent_config.base_instructions = Some(crate::REVIEW_PROMPT.to_string());
|
||||
sub_agent_config.approval_policy = Constrained::allow_only(AskForApproval::Never);
|
||||
|
||||
let model = config
|
||||
.review_model
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ use crate::agent::exceeds_thread_spawn_depth_limit;
|
|||
use crate::codex::Session;
|
||||
use crate::codex::TurnContext;
|
||||
use crate::config::Config;
|
||||
use crate::config::Constrained;
|
||||
use crate::error::CodexErr;
|
||||
use crate::features::Feature;
|
||||
use crate::function_tool::FunctionCallError;
|
||||
|
|
@ -16,6 +17,7 @@ use async_trait::async_trait;
|
|||
use codex_protocol::ThreadId;
|
||||
use codex_protocol::models::BaseInstructions;
|
||||
use codex_protocol::models::FunctionCallOutputBody;
|
||||
use codex_protocol::protocol::AskForApproval;
|
||||
use codex_protocol::protocol::CollabAgentInteractionBeginEvent;
|
||||
use codex_protocol::protocol::CollabAgentInteractionEndEvent;
|
||||
use codex_protocol::protocol::CollabAgentSpawnBeginEvent;
|
||||
|
|
@ -819,12 +821,7 @@ fn build_agent_shared_config(
|
|||
config.shell_environment_policy = turn.shell_environment_policy.clone();
|
||||
config.codex_linux_sandbox_exe = turn.codex_linux_sandbox_exe.clone();
|
||||
config.cwd = turn.cwd.clone();
|
||||
config
|
||||
.approval_policy
|
||||
.set(turn.approval_policy)
|
||||
.map_err(|err| {
|
||||
FunctionCallError::RespondToModel(format!("approval_policy is invalid: {err}"))
|
||||
})?;
|
||||
config.approval_policy = Constrained::allow_only(AskForApproval::Never);
|
||||
config
|
||||
.sandbox_policy
|
||||
.set(turn.sandbox_policy.clone())
|
||||
|
|
@ -1690,22 +1687,6 @@ mod tests {
|
|||
|
||||
#[tokio::test]
|
||||
async fn build_agent_spawn_config_uses_turn_context_values() {
|
||||
fn pick_allowed_approval_policy(
|
||||
constraint: &crate::config::Constrained<AskForApproval>,
|
||||
base: AskForApproval,
|
||||
) -> AskForApproval {
|
||||
let candidates = [
|
||||
AskForApproval::Never,
|
||||
AskForApproval::UnlessTrusted,
|
||||
AskForApproval::OnRequest,
|
||||
AskForApproval::OnFailure,
|
||||
];
|
||||
candidates
|
||||
.into_iter()
|
||||
.find(|candidate| *candidate != base && constraint.can_set(candidate).is_ok())
|
||||
.unwrap_or(base)
|
||||
}
|
||||
|
||||
fn pick_allowed_sandbox_policy(
|
||||
constraint: &crate::config::Constrained<SandboxPolicy>,
|
||||
base: SandboxPolicy,
|
||||
|
|
@ -1734,10 +1715,6 @@ mod tests {
|
|||
let temp_dir = tempfile::tempdir().expect("temp dir");
|
||||
turn.cwd = temp_dir.path().to_path_buf();
|
||||
turn.codex_linux_sandbox_exe = Some(PathBuf::from("/bin/echo"));
|
||||
turn.approval_policy = pick_allowed_approval_policy(
|
||||
&turn.config.approval_policy,
|
||||
*turn.config.approval_policy.get(),
|
||||
);
|
||||
turn.sandbox_policy = pick_allowed_sandbox_policy(
|
||||
&turn.config.sandbox_policy,
|
||||
turn.config.sandbox_policy.get().clone(),
|
||||
|
|
@ -1757,7 +1734,7 @@ mod tests {
|
|||
expected.cwd = turn.cwd.clone();
|
||||
expected
|
||||
.approval_policy
|
||||
.set(turn.approval_policy)
|
||||
.set(AskForApproval::Never)
|
||||
.expect("approval policy set");
|
||||
expected
|
||||
.sandbox_policy
|
||||
|
|
@ -1804,7 +1781,7 @@ mod tests {
|
|||
expected.cwd = turn.cwd.clone();
|
||||
expected
|
||||
.approval_policy
|
||||
.set(turn.approval_policy)
|
||||
.set(AskForApproval::Never)
|
||||
.expect("approval policy set");
|
||||
expected
|
||||
.sandbox_policy
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ use pretty_assertions::assert_eq;
|
|||
|
||||
/// Delegate should surface ExecApprovalRequest from sub-agent and proceed
|
||||
/// after parent submits an approval decision.
|
||||
#[ignore = "TODO once we have a delegate that can ask for approvals"]
|
||||
#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
|
||||
async fn codex_delegate_forwards_exec_approval_and_proceeds_on_approval() {
|
||||
skip_if_no_network!();
|
||||
|
|
@ -114,6 +115,7 @@ async fn codex_delegate_forwards_exec_approval_and_proceeds_on_approval() {
|
|||
|
||||
/// Delegate should surface ApplyPatchApprovalRequest and honor parent decision
|
||||
/// so the sub-agent can proceed to completion.
|
||||
#[ignore = "TODO once we have a delegate that can ask for approvals"]
|
||||
#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
|
||||
async fn codex_delegate_forwards_patch_approval_and_proceeds_on_decision() {
|
||||
skip_if_no_network!();
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue