1af2a37ada
## Why
`codex-rs/core/src/lib.rs` re-exported a broad set of types and modules
from `codex-protocol` and `codex-shell-command`. That made it easy for
workspace crates to import those APIs through `codex-core`, which in
turn hides dependency edges and makes it harder to reduce compile-time
coupling over time.
This change removes those public re-exports so call sites must import
from the source crates directly. Even when a crate still depends on
`codex-core` today, this makes dependency boundaries explicit and
unblocks future work to drop `codex-core` dependencies where possible.
## What Changed
- Removed public re-exports from `codex-rs/core/src/lib.rs` for:
- `codex_protocol::protocol` and related protocol/model types (including
`InitialHistory`)
- `codex_protocol::config_types` (`protocol_config_types`)
- `codex_shell_command::{bash, is_dangerous_command, is_safe_command,
parse_command, powershell}`
- Migrated workspace Rust call sites to import directly from:
- `codex_protocol::protocol`
- `codex_protocol::config_types`
- `codex_protocol::models`
- `codex_shell_command`
- Added explicit `Cargo.toml` dependencies (`codex-protocol` /
`codex-shell-command`) in crates that now import those crates directly.
- Kept `codex-core` internal modules compiling by using `pub(crate)`
aliases in `core/src/lib.rs` (internal-only, not part of the public
API).
- Updated the two utility crates that can already drop a `codex-core`
dependency edge entirely:
- `codex-utils-approval-presets`
- `codex-utils-cli`
## Verification
- `cargo test -p codex-utils-approval-presets`
- `cargo test -p codex-utils-cli`
- `cargo check --workspace --all-targets`
- `just clippy`
46 lines
1.9 KiB
Rust
46 lines
1.9 KiB
Rust
use codex_protocol::protocol::AskForApproval;
|
|
use codex_protocol::protocol::SandboxPolicy;
|
|
|
|
/// A simple preset pairing an approval policy with a sandbox policy.
|
|
#[derive(Debug, Clone)]
|
|
pub struct ApprovalPreset {
|
|
/// Stable identifier for the preset.
|
|
pub id: &'static str,
|
|
/// Display label shown in UIs.
|
|
pub label: &'static str,
|
|
/// Short human description shown next to the label in UIs.
|
|
pub description: &'static str,
|
|
/// Approval policy to apply.
|
|
pub approval: AskForApproval,
|
|
/// Sandbox policy to apply.
|
|
pub sandbox: SandboxPolicy,
|
|
}
|
|
|
|
/// Built-in list of approval presets that pair approval and sandbox policy.
|
|
///
|
|
/// Keep this UI-agnostic so it can be reused by both TUI and MCP server.
|
|
pub fn builtin_approval_presets() -> Vec<ApprovalPreset> {
|
|
vec![
|
|
ApprovalPreset {
|
|
id: "read-only",
|
|
label: "Read Only",
|
|
description: "Codex can read files in the current workspace. Approval is required to edit files or access the internet.",
|
|
approval: AskForApproval::OnRequest,
|
|
sandbox: SandboxPolicy::new_read_only_policy(),
|
|
},
|
|
ApprovalPreset {
|
|
id: "auto",
|
|
label: "Default",
|
|
description: "Codex can read and edit files in the current workspace, and run commands. Approval is required to access the internet or edit other files. (Identical to Agent mode)",
|
|
approval: AskForApproval::OnRequest,
|
|
sandbox: SandboxPolicy::new_workspace_write_policy(),
|
|
},
|
|
ApprovalPreset {
|
|
id: "full-access",
|
|
label: "Full Access",
|
|
description: "Codex can edit files outside this workspace and access the internet without asking for approval. Exercise caution when using.",
|
|
approval: AskForApproval::Never,
|
|
sandbox: SandboxPolicy::DangerFullAccess,
|
|
},
|
|
]
|
|
}
|