core-agent-ide

History

Michael Bolin 425fff7ad6 feat: add Reject approval policy with granular prompt rejection controls (#12087 ) ## Why We need a way to auto-reject specific approval prompt categories without switching all approvals off. The goal is to let users independently control: - sandbox escalation approvals, - execpolicy `prompt` rule approvals, - MCP elicitation prompts. ## What changed - Added a new primary approval mode in `protocol/src/protocol.rs`: ```rust pub enum AskForApproval { // ... Reject(RejectConfig), // ... } pub struct RejectConfig { pub sandbox_approval: bool, pub rules: bool, pub mcp_elicitations: bool, } ``` - Wired `RejectConfig` semantics through approval paths in `core`: - `core/src/exec_policy.rs` - rejects rule-driven prompts when `rules = true` - rejects sandbox/escalation prompts when `sandbox_approval = true` - preserves rule priority when both rule and sandbox prompt conditions are present - `core/src/tools/sandboxing.rs` - applies `sandbox_approval` to default exec approval decisions and sandbox-failure retry gating - `core/src/safety.rs` - keeps `Reject { all false }` behavior aligned with `OnRequest` for patch safety - rejects out-of-root patch approvals when `sandbox_approval = true` - `core/src/mcp_connection_manager.rs` - auto-declines MCP elicitations when `mcp_elicitations = true` - Ensured approval policy used by MCP elicitation flow stays in sync with constrained session policy updates. - Updated app-server v2 conversions and generated schema/TypeScript artifacts for the new `Reject` shape. ## Verification Added focused unit coverage for the new behavior in: - `core/src/exec_policy.rs` - `core/src/tools/sandboxing.rs` - `core/src/mcp_connection_manager.rs` - `core/src/safety.rs` - `core/src/tools/runtimes/apply_patch.rs` Key cases covered include rule-vs-sandbox prompt precedence, MCP auto-decline behavior, and patch/sandbox retry behavior under `RejectConfig`.		2026-02-19 11:41:49 -08:00
..
v1	feat: add Reject approval policy with granular prompt rejection controls (#12087 )	2026-02-19 11:41:49 -08:00
v2	feat: add Reject approval policy with granular prompt rejection controls (#12087 )	2026-02-19 11:41:49 -08:00
ApplyPatchApprovalParams.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
ApplyPatchApprovalResponse.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
ChatgptAuthTokensRefreshParams.json	fix(app-server): for external auth, replace id_token with chatgpt_acc… (#11240 )	2026-02-09 20:48:58 -08:00
ChatgptAuthTokensRefreshResponse.json	fix(app-server): for external auth, replace id_token with chatgpt_acc… (#11240 )	2026-02-09 20:48:58 -08:00
ClientNotification.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
ClientRequest.json	feat: add Reject approval policy with granular prompt rejection controls (#12087 )	2026-02-19 11:41:49 -08:00
codex_app_server_protocol.schemas.json	feat: add Reject approval policy with granular prompt rejection controls (#12087 )	2026-02-19 11:41:49 -08:00
CommandExecutionRequestApprovalParams.json	feat(core): plumb distinct approval ids for command approvals (#12051 )	2026-02-18 01:55:57 +00:00
CommandExecutionRequestApprovalResponse.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
DynamicToolCallParams.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
DynamicToolCallResponse.json	feat(app-server, core): allow text + image content items for dynamic tool outputs (#10567 )	2026-02-04 16:12:47 -08:00
EventMsg.json	feat: add Reject approval policy with granular prompt rejection controls (#12087 )	2026-02-19 11:41:49 -08:00
ExecCommandApprovalParams.json	feat(core): plumb distinct approval ids for command approvals (#12051 )	2026-02-18 01:55:57 +00:00
ExecCommandApprovalResponse.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
FileChangeRequestApprovalParams.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
FileChangeRequestApprovalResponse.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
FuzzyFileSearchParams.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
FuzzyFileSearchResponse.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
FuzzyFileSearchSessionCompletedNotification.json	[app-server] add fuzzyFileSearch/sessionCompleted (#11773 )	2026-02-13 15:08:14 -08:00
FuzzyFileSearchSessionUpdatedNotification.json	app-server: add fuzzy search sessions for streaming file search (#10268 )	2026-02-12 10:49:44 -08:00
JSONRPCError.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
JSONRPCErrorError.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
JSONRPCMessage.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
JSONRPCNotification.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
JSONRPCRequest.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
JSONRPCResponse.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
RequestId.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
ServerNotification.json	feat: add Reject approval policy with granular prompt rejection controls (#12087 )	2026-02-19 11:41:49 -08:00
ServerRequest.json	feat(core): plumb distinct approval ids for command approvals (#12051 )	2026-02-18 01:55:57 +00:00
ToolRequestUserInputParams.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00
ToolRequestUserInputResponse.json	feat: vendor app-server protocol schema fixtures (#10371 )	2026-02-01 23:38:43 -08:00