fe7a3f0c2b
adding execpolicycheck tool onto codex cli this is useful for validating policies (can be multiple) against commands. it will also surface errors in policy syntax: <img width="1150" height="281" alt="Screenshot 2025-11-19 at 12 46 21 PM" src="https://github.com/user-attachments/assets/8f99b403-564c-4172-acc9-6574a8d13dc3" /> this PR also changes output format when there's no match in the CLI. instead of returning the raw string `noMatch`, we return `{"noMatch":{}}` this PR is a rewrite of: https://github.com/openai/codex/pull/6932 (due to the numerous merge conflicts present in the original PR) --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
62 lines
2.4 KiB
Markdown
62 lines
2.4 KiB
Markdown
# codex-execpolicy
|
|
|
|
## Overview
|
|
- Policy engine and CLI built around `prefix_rule(pattern=[...], decision?, match?, not_match?)`.
|
|
- This release covers the prefix-rule subset of the execpolicy language; a richer language will follow.
|
|
- Tokens are matched in order; any `pattern` element may be a list to denote alternatives. `decision` defaults to `allow`; valid values: `allow`, `prompt`, `forbidden`.
|
|
- `match` / `not_match` supply example invocations that are validated at load time (think of them as unit tests); examples can be token arrays or strings (strings are tokenized with `shlex`).
|
|
- The CLI always prints the JSON serialization of the evaluation result.
|
|
- The legacy rule matcher lives in `codex-execpolicy-legacy`.
|
|
|
|
## Policy shapes
|
|
- Prefix rules use Starlark syntax:
|
|
```starlark
|
|
prefix_rule(
|
|
pattern = ["cmd", ["alt1", "alt2"]], # ordered tokens; list entries denote alternatives
|
|
decision = "prompt", # allow | prompt | forbidden; defaults to allow
|
|
match = [["cmd", "alt1"], "cmd alt2"], # examples that must match this rule
|
|
not_match = [["cmd", "oops"], "cmd alt3"], # examples that must not match this rule
|
|
)
|
|
```
|
|
|
|
## CLI
|
|
- From the Codex CLI, run `codex execpolicy check` subcommand with one or more policy files (for example `src/default.codexpolicy`) to check a command:
|
|
```bash
|
|
codex execpolicy check --policy path/to/policy.codexpolicy git status
|
|
```
|
|
- Pass multiple `--policy` flags to merge rules, evaluated in the order provided, and use `--pretty` for formatted JSON.
|
|
- You can also run the standalone dev binary directly during development:
|
|
```bash
|
|
cargo run -p codex-execpolicy -- check --policy path/to/policy.codexpolicy git status
|
|
```
|
|
- Example outcomes:
|
|
- Match: `{"match": { ... "decision": "allow" ... }}`
|
|
- No match: `{"noMatch": {}}`
|
|
|
|
## Response shapes
|
|
- Match:
|
|
```json
|
|
{
|
|
"match": {
|
|
"decision": "allow|prompt|forbidden",
|
|
"matchedRules": [
|
|
{
|
|
"prefixRuleMatch": {
|
|
"matchedPrefix": ["<token>", "..."],
|
|
"decision": "allow|prompt|forbidden"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
```
|
|
|
|
- No match:
|
|
```json
|
|
{"noMatch": {}}
|
|
```
|
|
|
|
- `matchedRules` lists every rule whose prefix matched the command; `matchedPrefix` is the exact prefix that matched.
|
|
- The effective `decision` is the strictest severity across all matches (`forbidden` > `prompt` > `allow`).
|
|
|
|
Note: `execpolicy` commands are still in preview. The API may have breaking changes in the future.
|