fc073c9c5b
### Motivation - Git subcommand matching was being classified as "dangerous" and caused benign developer workflows (for example `git push --force-with-lease`) to be blocked by the preflight policy. - The change aligns behavior with the intent to reserve the dangerous checklist for truly destructive shell ops (e.g. `rm -rf`) and avoid surprising developer-facing blocks. ### Description - Remove git-specific subcommand checks from `is_dangerous_to_call_with_exec` in `codex-rs/shell-command/src/command_safety/is_dangerous_command.rs`, leaving only explicit `rm` and `sudo` passthrough checks. - Deleted the git-specific helper logic that classified `reset`, `branch`-delete, `push` (force/delete/refspec) and `clean --force` as dangerous. - Updated unit tests in the same file to assert that various `git reset`/`git branch`/`git push`/`git clean` variants are no longer classified as dangerous. - Kept `find_git_subcommand` (used by safe-command classification) intact so safe/unsafe parsing elsewhere remains functional. ### Testing - Ran formatter with `just fmt` successfully. - Ran unit tests with `cargo test -p codex-shell-command` and all tests passed (`144 passed; 0 failed`). ------ [Codex Task](https://chatgpt.com/codex/tasks/task_i_698d19dedb4883299c3ceb5bbc6a0dcf) |
||
|---|---|---|
| .. | ||
| src | ||
| BUILD.bazel | ||
| Cargo.toml | ||