core/core-agent-ide
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
core-agent-ide/codex-rs/app-server/tests/suite/v2
History
Owen Lin edacbf7b6e
feat(core): zsh exec bridge (#12052) 
zsh fork PR stack:
- https://github.com/openai/codex/pull/12051 
- https://github.com/openai/codex/pull/12052 👈 

### Summary
This PR introduces a feature-gated native shell runtime path that routes
shell execution through a patched zsh exec bridge, removing MCP-specific
behavior from the shell hot path while preserving existing
CommandExecution lifecycle semantics.

When shell_zsh_fork is enabled, shell commands run via patched zsh with
per-`execve` interception through EXEC_WRAPPER. Core receives wrapper
IPC requests over a Unix socket, applies existing approval policy, and
returns allow/deny before the subcommand executes.

### What’s included
**1) New zsh exec bridge runtime in core**
- Wrapper-mode entrypoint (maybe_run_zsh_exec_wrapper_mode) for
EXEC_WRAPPER invocations.
- Per-execution Unix-socket IPC handling for wrapper requests/responses.
- Approval callback integration using existing core approval
orchestration.
- Streaming stdout/stderr deltas to existing command output event
pipeline.
- Error handling for malformed IPC, denial/abort, and execution
failures.

**2) Session lifecycle integration**
SessionServices now owns a `ZshExecBridge`.
Session startup initializes bridge state; shutdown tears it down
cleanly.

**3) Shell runtime routing (feature-gated)**
When `shell_zsh_fork` is enabled:
- Build execution env/spec as usual.
- Add wrapper socket env wiring.
- Execute via `zsh_exec_bridge.execute_shell_request(...)` instead of
the regular shell path.
- Non-zsh-fork behavior remains unchanged.

**4) Config + feature wiring**
- Added `Feature::ShellZshFork` (under development).
- Added config support for `zsh_path` (optional absolute path to patched
zsh):
- `Config`, `ConfigToml`, `ConfigProfile`, overrides, and schema.
- Session startup validates that `zsh_path` exists/usable when zsh-fork
is enabled.
- Added startup test for missing `zsh_path` failure mode.

**5) Seatbelt/sandbox updates for wrapper IPC**
- Extended seatbelt policy generation to optionally allow outbound
connection to explicitly permitted Unix sockets.
- Wired sandboxing path to pass wrapper socket path through to seatbelt
policy generation.
- Added/updated seatbelt tests for explicit socket allow rule and
argument emission.

**6) Runtime entrypoint hooks**
- This allows the same binary to act as the zsh wrapper subprocess when
invoked via `EXEC_WRAPPER`.

**7) Tool selection behavior**
- ToolsConfig now prefers ShellCommand type when shell_zsh_fork is
enabled.
- Added test coverage for precedence with unified-exec enabled.
2026-02-17 20:19:53 -08:00
..
account.rs fix(app-server): for external auth, replace id_token with chatgpt_acc… (#11240) 2026-02-09 20:48:58 -08:00
analytics.rs Reapply "Add app-server transport layer with websocket support" (#11370) 2026-02-11 18:13:39 +00:00
app_list.rs [apps] Expose more fields from apps listing endpoints. (#11706) 2026-02-17 11:45:04 -08:00
collaboration_mode_list.rs Remove test-support feature from codex-core and replace it with explicit test toggles (#11405) 2026-02-10 22:44:02 -08:00
compaction.rs Treat compaction failure as failure state (#10927) 2026-02-06 13:51:46 -08:00
config_rpc.rs Reapply "Add app-server transport layer with websocket support" (#11370) 2026-02-11 18:13:39 +00:00
connection_handling_websocket.rs Reapply "Add app-server transport layer with websocket support" (#11370) 2026-02-11 18:13:39 +00:00
dynamic_tools.rs feat(app-server, core): allow text + image content items for dynamic tool outputs (#10567) 2026-02-04 16:12:47 -08:00
experimental_api.rs feat: opt-out of events in the app-server (#11319) 2026-02-10 18:04:52 +00:00
experimental_feature_list.rs Add stage field for experimental flags. (#10793) 2026-02-05 23:31:04 +00:00
initialize.rs feat: opt-out of events in the app-server (#11319) 2026-02-10 18:04:52 +00:00
mod.rs feat(core): zsh exec bridge (#12052) 2026-02-17 20:19:53 -08:00
model_list.rs fix: send unfiltered models over model/list (#11793) 2026-02-13 16:26:32 -08:00
output_schema.rs Add text element metadata to types (#9235) 2026-01-14 16:41:50 -08:00
plan_item.rs chore: rm remote models fflag (#11699) 2026-02-17 11:43:16 -08:00
rate_limits.rs feat: support multiple rate limits (#11260) 2026-02-10 20:09:31 -08:00
request_user_input.rs change collaboration mode to struct (#9793) 2026-01-23 17:00:23 -08:00
review.rs chore: rm remote models fflag (#11699) 2026-02-17 11:43:16 -08:00
safety_check_downgrade.rs Chore: remove response model check and rely on header model for downgrade (#12061) 2026-02-18 01:50:06 +00:00
skills_list.rs feat: extend skills/list to support additional roots. (#10835) 2026-02-09 13:30:38 -08:00
thread_archive.rs app-server: Emit thread archive/unarchive notifications (#12030) 2026-02-17 14:53:58 -08:00
thread_fork.rs Defer persistence of rollout file (#11028) 2026-02-07 23:05:03 -08:00
thread_list.rs Add cwd as an optional field to thread/list (#11651) 2026-02-13 02:05:04 +00:00
thread_loaded_list.rs [chore] move app server tests from chat completion to responses (#8939) 2026-01-08 22:27:55 +00:00
thread_read.rs Defer persistence of rollout file (#11028) 2026-02-07 23:05:03 -08:00
thread_resume.rs chore: rm remote models fflag (#11699) 2026-02-17 11:43:16 -08:00
thread_rollback.rs Add text element metadata to types (#9235) 2026-01-14 16:41:50 -08:00
thread_start.rs Defer persistence of rollout file (#11028) 2026-02-07 23:05:03 -08:00
thread_unarchive.rs app-server: Emit thread archive/unarchive notifications (#12030) 2026-02-17 14:53:58 -08:00
turn_interrupt.rs Fix test_shell_command_interruption flake (#10649) 2026-02-04 22:19:06 +00:00
turn_start.rs chore: rm remote models fflag (#11699) 2026-02-17 11:43:16 -08:00
turn_start_zsh_fork.rs feat(core): zsh exec bridge (#12052) 2026-02-17 20:19:53 -08:00
turn_steer.rs feat(app-server): turn/steer API (#10821) 2026-02-06 00:35:04 +00:00