core/core-agent-ide
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
core-agent-ide/codex-rs/protocol/src
History
viyatb-oai 9060dc7557
fix: fix symlinked writable roots in sandbox policies (#14674) 
## Summary
- normalize effective readable, writable, and unreadable sandbox roots
after resolving special paths so symlinked roots use canonical runtime
paths
- add a protocol regression test for a symlinked writable root with a
denied child and update protocol expectations to canonicalized effective
paths
- update macOS seatbelt tests to assert against effective normalized
roots produced by the shared policy helpers

## Testing
- just fmt
- cargo test -p codex-protocol
- cargo test -p codex-core explicit_unreadable_paths_are_excluded_
- cargo clippy -p codex-protocol -p codex-core --tests -- -D warnings

## Notes
- This is intended to fix the symlinked TMPDIR bind failure in
bubblewrap described in #14672.
Fixes #14672
2026-03-14 13:24:43 -07:00
..
prompts Simplify permissions available in request permissions tool (#14529) 2026-03-12 21:13:17 -07:00
account.rs add error messages for the go plan type (#10181) 2026-01-30 01:17:25 +00:00
approvals.rs Add Smart Approvals guardian review across core, app-server, and TUI (#13860) 2026-03-13 15:27:00 -07:00
config_types.rs Add Smart Approvals guardian review across core, app-server, and TUI (#13860) 2026-03-13 15:27:00 -07:00
custom_prompts.rs [app-server] remove serde(skip_serializing_if = "Option::is_none") annotations (#5939) 2025-10-30 18:18:53 +00:00
dynamic_tools.rs dynamic tool calls: add param exposeToContext to optionally hide tool (#14501) 2026-03-14 01:58:43 -07:00
items.rs Enabling CWD Saving for Image-Gen (#13607) 2026-03-06 00:47:21 -08:00
lib.rs Add request permissions tool (#13092) 2026-03-08 20:23:06 -07:00
mcp.rs feat: replace custom mcp-types crate with equivalents from rmcp (#10349) 2026-02-02 17:41:55 -08:00
message_history.rs Generate JSON schema for app-server protocol (#5063) 2025-10-20 11:45:11 -07:00
models.rs Improve granular approval policy prompt (#14553) 2026-03-13 10:42:17 -07:00
num_format.rs Fix execpolicy parsing for multiline quoted args (#9565) 2026-01-22 22:16:53 -08:00
openai_models.rs feat(search_tool): gate search_tool on model supports_search_tool field (#14502) 2026-03-12 16:03:50 -07:00
parse_command.rs [app-server] remove serde(skip_serializing_if = "Option::is_none") annotations (#5939) 2025-10-30 18:18:53 +00:00
permissions.rs fix: fix symlinked writable roots in sandbox policies (#14674) 2026-03-14 13:24:43 -07:00
plan_tool.rs Plan mode: stream proposed plans, emit plan items, and render in TUI (#9786) 2026-01-30 18:59:30 +00:00
protocol.rs fix: fix symlinked writable roots in sandbox policies (#14674) 2026-03-14 13:24:43 -07:00
request_permissions.rs Simplify permissions available in request permissions tool (#14529) 2026-03-12 21:13:17 -07:00
request_user_input.rs Better handling skill depdenencies on ENV VAR. (#9017) 2026-01-29 14:13:30 -05:00
thread_id.rs feat: sqlite 1 (#10004) 2026-01-28 15:29:14 +01:00
user_input.rs feat: structured plugin parsing (#13711) 2026-03-06 11:08:36 -08:00