cecbd5b021
This PR adds the API V2 version of the command‑execution approval flow
for the shell tool.
This PR wires the new RPC (`item/commandExecution/requestApproval`, V2
only) and related events (`item/started`, `item/completed`, and
`item/commandExecution/delta`, which are emitted in both V1 and V2)
through the app-server
protocol. The new approval RPC is only sent when the user initiates a
turn with the new `turn/start` API so we don't break backwards
compatibility with VSCE.
The approach I took was to make as few changes to the Codex core as
possible, leveraging existing `EventMsg` core events, and translating
those in app-server. I did have to add additional fields to
`EventMsg::ExecCommandEndEvent` to capture the command's input so that
app-server can statelessly transform these events to a
`ThreadItem::CommandExecution` item for the `item/completed` event.
Once we stabilize the API and it's complete enough for our partners, we
can work on migrating the core to be aware of command execution items as
a first-class concept.
**Note**: We'll need followup work to make sure these APIs work for the
unified exec tool, but will wait til that's stable and landed before
doing a pass on app-server.
Example payloads below:
```
{
"method": "item/started",
"params": {
"item": {
"aggregatedOutput": null,
"command": "/bin/zsh -lc 'touch /tmp/should-trigger-approval'",
"cwd": "/Users/owen/repos/codex/codex-rs",
"durationMs": null,
"exitCode": null,
"id": "call_lNWWsbXl1e47qNaYjFRs0dyU",
"parsedCmd": [
{
"cmd": "touch /tmp/should-trigger-approval",
"type": "unknown"
}
],
"status": "inProgress",
"type": "commandExecution"
}
}
}
```
```
{
"id": 0,
"method": "item/commandExecution/requestApproval",
"params": {
"itemId": "call_lNWWsbXl1e47qNaYjFRs0dyU",
"parsedCmd": [
{
"cmd": "touch /tmp/should-trigger-approval",
"type": "unknown"
}
],
"reason": "Need to create file in /tmp which is outside workspace sandbox",
"risk": null,
"threadId": "019a93e8-0a52-7fe3-9808-b6bc40c0989a",
"turnId": "1"
}
}
```
```
{
"id": 0,
"result": {
"acceptSettings": {
"forSession": false
},
"decision": "accept"
}
}
```
```
{
"params": {
"item": {
"aggregatedOutput": null,
"command": "/bin/zsh -lc 'touch /tmp/should-trigger-approval'",
"cwd": "/Users/owen/repos/codex/codex-rs",
"durationMs": 224,
"exitCode": 0,
"id": "call_lNWWsbXl1e47qNaYjFRs0dyU",
"parsedCmd": [
{
"cmd": "touch /tmp/should-trigger-approval",
"type": "unknown"
}
],
"status": "completed",
"type": "commandExecution"
}
}
}
```
290 lines
7.4 KiB
TOML
290 lines
7.4 KiB
TOML
[workspace]
|
|
members = [
|
|
"backend-client",
|
|
"ansi-escape",
|
|
"async-utils",
|
|
"app-server",
|
|
"app-server-protocol",
|
|
"app-server-test-client",
|
|
"apply-patch",
|
|
"arg0",
|
|
"feedback",
|
|
"codex-backend-openapi-models",
|
|
"cloud-tasks",
|
|
"cloud-tasks-client",
|
|
"cli",
|
|
"common",
|
|
"core",
|
|
"exec",
|
|
"execpolicy",
|
|
"execpolicy2",
|
|
"keyring-store",
|
|
"file-search",
|
|
"linux-sandbox",
|
|
"lmstudio",
|
|
"login",
|
|
"mcp-server",
|
|
"mcp-types",
|
|
"ollama",
|
|
"process-hardening",
|
|
"protocol",
|
|
"rmcp-client",
|
|
"responses-api-proxy",
|
|
"stdio-to-uds",
|
|
"otel",
|
|
"tui",
|
|
"utils/git",
|
|
"utils/cache",
|
|
"utils/image",
|
|
"utils/json-to-toml",
|
|
"utils/pty",
|
|
"utils/readiness",
|
|
"utils/string",
|
|
"utils/tokenizer",
|
|
]
|
|
resolver = "2"
|
|
|
|
[workspace.package]
|
|
version = "0.0.0"
|
|
# Track the edition for all workspace crates in one place. Individual
|
|
# crates can still override this value, but keeping it here means new
|
|
# crates created with `cargo new -w ...` automatically inherit the 2024
|
|
# edition.
|
|
edition = "2024"
|
|
|
|
[workspace.dependencies]
|
|
# Internal
|
|
app_test_support = { path = "app-server/tests/common" }
|
|
codex-ansi-escape = { path = "ansi-escape" }
|
|
codex-app-server = { path = "app-server" }
|
|
codex-app-server-protocol = { path = "app-server-protocol" }
|
|
codex-apply-patch = { path = "apply-patch" }
|
|
codex-arg0 = { path = "arg0" }
|
|
codex-async-utils = { path = "async-utils" }
|
|
codex-backend-client = { path = "backend-client" }
|
|
codex-chatgpt = { path = "chatgpt" }
|
|
codex-common = { path = "common" }
|
|
codex-core = { path = "core" }
|
|
codex-exec = { path = "exec" }
|
|
codex-feedback = { path = "feedback" }
|
|
codex-file-search = { path = "file-search" }
|
|
codex-git = { path = "utils/git" }
|
|
codex-keyring-store = { path = "keyring-store" }
|
|
codex-linux-sandbox = { path = "linux-sandbox" }
|
|
codex-lmstudio = { path = "lmstudio" }
|
|
codex-login = { path = "login" }
|
|
codex-mcp-server = { path = "mcp-server" }
|
|
codex-ollama = { path = "ollama" }
|
|
codex-otel = { path = "otel" }
|
|
codex-process-hardening = { path = "process-hardening" }
|
|
codex-protocol = { path = "protocol" }
|
|
codex-responses-api-proxy = { path = "responses-api-proxy" }
|
|
codex-rmcp-client = { path = "rmcp-client" }
|
|
codex-stdio-to-uds = { path = "stdio-to-uds" }
|
|
codex-tui = { path = "tui" }
|
|
codex-utils-cache = { path = "utils/cache" }
|
|
codex-utils-image = { path = "utils/image" }
|
|
codex-utils-json-to-toml = { path = "utils/json-to-toml" }
|
|
codex-utils-pty = { path = "utils/pty" }
|
|
codex-utils-readiness = { path = "utils/readiness" }
|
|
codex-utils-string = { path = "utils/string" }
|
|
codex-utils-tokenizer = { path = "utils/tokenizer" }
|
|
codex-windows-sandbox = { path = "windows-sandbox-rs" }
|
|
core_test_support = { path = "core/tests/common" }
|
|
mcp-types = { path = "mcp-types" }
|
|
mcp_test_support = { path = "mcp-server/tests/common" }
|
|
|
|
# External
|
|
allocative = "0.3.3"
|
|
ansi-to-tui = "7.0.0"
|
|
anyhow = "1"
|
|
arboard = { version = "3", features = ["wayland-data-control"] }
|
|
askama = "0.14"
|
|
assert_cmd = "2"
|
|
assert_matches = "1.5.0"
|
|
async-channel = "2.3.1"
|
|
async-stream = "0.3.6"
|
|
async-trait = "0.1.89"
|
|
axum = { version = "0.8", default-features = false }
|
|
base64 = "0.22.1"
|
|
bytes = "1.10.1"
|
|
chrono = "0.4.42"
|
|
clap = "4"
|
|
clap_complete = "4"
|
|
color-eyre = "0.6.3"
|
|
crossterm = "0.28.1"
|
|
ctor = "0.5.0"
|
|
derive_more = "2"
|
|
diffy = "0.4.2"
|
|
dirs = "6"
|
|
dotenvy = "0.15.7"
|
|
dunce = "1.0.4"
|
|
env-flags = "0.1.1"
|
|
env_logger = "0.11.5"
|
|
escargot = "0.5"
|
|
eventsource-stream = "0.2.3"
|
|
futures = { version = "0.3", default-features = false }
|
|
http = "1.3.1"
|
|
icu_decimal = "2.1"
|
|
icu_locale_core = "2.1"
|
|
icu_provider = { version = "2.1", features = ["sync"] }
|
|
ignore = "0.4.23"
|
|
image = { version = "^0.25.8", default-features = false }
|
|
indexmap = "2.12.0"
|
|
insta = "1.43.2"
|
|
itertools = "0.14.0"
|
|
keyring = { version = "3.6", default-features = false }
|
|
landlock = "0.4.1"
|
|
lazy_static = "1"
|
|
libc = "0.2.175"
|
|
log = "0.4"
|
|
lru = "0.12.5"
|
|
maplit = "1.0.2"
|
|
mime_guess = "2.0.5"
|
|
multimap = "0.10.0"
|
|
notify = "8.2.0"
|
|
nucleo-matcher = "0.3.1"
|
|
once_cell = "1"
|
|
openssl-sys = "*"
|
|
opentelemetry = "0.30.0"
|
|
opentelemetry-appender-tracing = "0.30.0"
|
|
opentelemetry-otlp = "0.30.0"
|
|
opentelemetry-semantic-conventions = "0.30.0"
|
|
opentelemetry_sdk = "0.30.0"
|
|
os_info = "3.12.0"
|
|
owo-colors = "4.2.0"
|
|
path-absolutize = "3.1.1"
|
|
pathdiff = "0.2"
|
|
portable-pty = "0.9.0"
|
|
predicates = "3"
|
|
pretty_assertions = "1.4.1"
|
|
pulldown-cmark = "0.10"
|
|
rand = "0.9"
|
|
ratatui = "0.29.0"
|
|
ratatui-macros = "0.6.0"
|
|
regex-lite = "0.1.7"
|
|
reqwest = "0.12"
|
|
rmcp = { version = "0.8.5", default-features = false }
|
|
schemars = "0.8.22"
|
|
seccompiler = "0.5.0"
|
|
sentry = "0.34.0"
|
|
serde = "1"
|
|
serde_json = "1"
|
|
serde_with = "3.14"
|
|
serial_test = "3.2.0"
|
|
sha1 = "0.10.6"
|
|
sha2 = "0.10"
|
|
shlex = "1.3.0"
|
|
similar = "2.7.0"
|
|
starlark = "0.13.0"
|
|
strum = "0.27.2"
|
|
strum_macros = "0.27.2"
|
|
supports-color = "3.0.2"
|
|
sys-locale = "0.3.2"
|
|
tempfile = "3.23.0"
|
|
test-log = "0.2.18"
|
|
textwrap = "0.16.2"
|
|
thiserror = "2.0.17"
|
|
tiktoken-rs = "0.9"
|
|
time = "0.3"
|
|
tiny_http = "0.12"
|
|
tokio = "1"
|
|
tokio-stream = "0.1.17"
|
|
tokio-test = "0.4"
|
|
tokio-util = "0.7.16"
|
|
toml = "0.9.5"
|
|
toml_edit = "0.23.4"
|
|
tonic = "0.13.1"
|
|
tracing = "0.1.41"
|
|
tracing-appender = "0.2.3"
|
|
tracing-subscriber = "0.3.20"
|
|
tracing-test = "0.2.5"
|
|
tree-sitter = "0.25.10"
|
|
tree-sitter-bash = "0.25"
|
|
tree-sitter-highlight = "0.25.10"
|
|
ts-rs = "11"
|
|
uds_windows = "1.1.0"
|
|
unicode-segmentation = "1.12.0"
|
|
unicode-width = "0.2"
|
|
url = "2"
|
|
urlencoding = "2.1"
|
|
uuid = "1"
|
|
vt100 = "0.16.2"
|
|
walkdir = "2.5.0"
|
|
webbrowser = "1.0"
|
|
which = "6"
|
|
wildmatch = "2.5.0"
|
|
|
|
wiremock = "0.6"
|
|
zeroize = "1.8.2"
|
|
|
|
[workspace.lints]
|
|
rust = {}
|
|
|
|
[workspace.lints.clippy]
|
|
expect_used = "deny"
|
|
identity_op = "deny"
|
|
manual_clamp = "deny"
|
|
manual_filter = "deny"
|
|
manual_find = "deny"
|
|
manual_flatten = "deny"
|
|
manual_map = "deny"
|
|
manual_memcpy = "deny"
|
|
manual_non_exhaustive = "deny"
|
|
manual_ok_or = "deny"
|
|
manual_range_contains = "deny"
|
|
manual_retain = "deny"
|
|
manual_strip = "deny"
|
|
manual_try_fold = "deny"
|
|
manual_unwrap_or = "deny"
|
|
needless_borrow = "deny"
|
|
needless_borrowed_reference = "deny"
|
|
needless_collect = "deny"
|
|
needless_late_init = "deny"
|
|
needless_option_as_deref = "deny"
|
|
needless_question_mark = "deny"
|
|
needless_update = "deny"
|
|
redundant_clone = "deny"
|
|
redundant_closure = "deny"
|
|
redundant_closure_for_method_calls = "deny"
|
|
redundant_static_lifetimes = "deny"
|
|
trivially_copy_pass_by_ref = "deny"
|
|
uninlined_format_args = "deny"
|
|
unnecessary_filter_map = "deny"
|
|
unnecessary_lazy_evaluations = "deny"
|
|
unnecessary_sort_by = "deny"
|
|
unnecessary_to_owned = "deny"
|
|
unwrap_used = "deny"
|
|
|
|
# cargo-shear cannot see the platform-specific openssl-sys usage, so we
|
|
# silence the false positive here instead of deleting a real dependency.
|
|
[workspace.metadata.cargo-shear]
|
|
ignored = [
|
|
"icu_provider",
|
|
"openssl-sys",
|
|
"codex-utils-readiness",
|
|
"codex-utils-tokenizer",
|
|
]
|
|
|
|
[profile.release]
|
|
lto = "fat"
|
|
# Because we bundle some of these executables with the TypeScript CLI, we
|
|
# remove everything to make the binary as small as possible.
|
|
strip = "symbols"
|
|
|
|
# See https://github.com/openai/codex/issues/1411 for details.
|
|
codegen-units = 1
|
|
|
|
[profile.ci-test]
|
|
debug = 1 # Reduce debug symbol size
|
|
inherits = "test"
|
|
opt-level = 0
|
|
|
|
[patch.crates-io]
|
|
# Uncomment to debug local changes.
|
|
# ratatui = { path = "../../ratatui" }
|
|
crossterm = { git = "https://github.com/nornagon/crossterm", branch = "nornagon/color-query" }
|
|
ratatui = { git = "https://github.com/nornagon/ratatui", branch = "nornagon-v0.29.0-patch" }
|
|
|
|
# Uncomment to debug local changes.
|
|
# rmcp = { path = "../../rust-sdk/crates/rmcp" }
|