core-agent-ide

History

viyatb-oai 6fe8a05dcb fix: honor active permission profiles in sandbox debug (#14293 ) ## Summary - stop `codex sandbox` from forcing legacy `sandbox_mode` when active `[permissions]` profiles are configured - keep the legacy `read-only` / `workspace-write` fallback for legacy configs and reject `--full-auto` for profile-based configs - use split filesystem and network policies in the macOS/Linux debug sandbox helpers and add regressions for the config-loading behavior assuming "codex/docs/private/secret.txt" = "none" ``` codex -c 'default_permissions="limited-read-test"' sandbox macos -- <command> ... codex sandbox macos -- cat codex/docs/private/secret.txt >/dev/null; echo EXIT:$? cat: codex/docs/private/secret.txt: Operation not permitted EXIT:1 ``` --------- Co-authored-by: celia-oai <celia@openai.com>		2026-03-18 01:52:02 +00:00
..
debug_sandbox	add codex debug seatbelt --log-denials (#4098 )	2025-11-10 22:48:14 +00:00
desktop_app	Add `codex app` macOS launcher (#10418 )	2026-02-02 17:37:04 -08:00
app_cmd.rs	Add `codex app` macOS launcher (#10418 )	2026-02-02 17:37:04 -08:00
debug_sandbox.rs	fix: honor active permission profiles in sandbox debug (#14293 )	2026-03-18 01:52:02 +00:00
exit_status.rs	feat: experimental env var: CODEX_SANDBOX_NETWORK_DISABLED (#879 )	2025-05-09 18:29:34 -07:00
lib.rs	refactor: make bubblewrap the default Linux sandbox (#13996 )	2026-03-11 23:31:18 -07:00
login.rs	feat: add auth login diagnostics (#13797 )	2026-03-06 15:00:37 -08:00
main.rs	generate an internal json schema for `RolloutLine` (#14434 )	2026-03-17 11:19:42 -07:00
mcp_cmd.rs	Apply argument comment lint across codex-rs (#14652 )	2026-03-16 16:48:15 -07:00
wsl_paths.rs	Fix toasts on Windows under WSL 2 (#7137 )	2025-12-11 15:09:00 -08:00