History

zhao-oai 87b211709e bypass sandbox for policy approved commands (#7110 ) allowing cmds greenlit by execpolicy to bypass sandbox + minor refactor for a world where we have execpolicy rules with specific sandbox requirements		2025-11-21 18:03:23 -05:00
..
src	bypass sandbox for policy approved commands (#7110 )	2025-11-21 18:03:23 -05:00
templates	fix: parallel tool call instruction injection (#6893 )	2025-11-19 11:01:57 +00:00
tests	refactor: inline sandbox type lookup in process_exec_tool_call (#7122 )	2025-11-21 22:53:05 +00:00
Cargo.toml	Windows: flag some invocations that launch browsers/URLs as dangerous (#7111 )	2025-11-21 13:36:17 -08:00
gpt-5.1-codex-max_prompt.md	feat: arcticfox in the wild (#6906 )	2025-11-19 16:31:06 +00:00
gpt_5_1_prompt.md	chore(core) Update shell instructions (#6679 )	2025-11-17 13:05:15 -08:00
gpt_5_codex_prompt.md	chore(core) Update shell instructions (#6679 )	2025-11-17 13:05:15 -08:00
prompt.md	Add file reference guidelines to gpt-5 prompt (#3651 )	2025-09-15 08:35:30 -07:00
README.md	docs: align sandbox defaults, dedupe sections and improve getting started guide (#5357 )	2025-10-19 16:41:10 -07:00
review_prompt.md	docs: Fix markdown list item spacing in codex-rs/core/review_prompt.md (#4144 )	2025-10-30 17:39:21 -07:00

README.md

codex-core

This crate implements the business logic for Codex. It is designed to be used by the various Codex UIs written in Rust.

Dependencies

Note that codex-core makes some assumptions about certain helper utilities being available in the environment. Currently, this support matrix is:

macOS

Expects /usr/bin/sandbox-exec to be present.

Linux

Expects the binary containing codex-core to run the equivalent of codex sandbox linux (legacy alias: codex debug landlock) when arg0 is codex-linux-sandbox. See the codex-arg0 crate for details.

All Platforms

Expects the binary containing codex-core to simulate the virtual apply_patch CLI when arg1 is --codex-run-as-apply-patch. See the codex-arg0 crate for details.