From 009e6c4817c6cf1a9795bb2a57e4f7c7f191f897 Mon Sep 17 00:00:00 2001 From: jif-oai Date: Mon, 1 Jun 2026 21:55:44 +0200 Subject: [PATCH] fix: deflake zsh-fork approval test (#25669) Fixes this flake: https://github.com/openai/codex/actions/runs/26773809591/job/78919970410?pr=25659 This test is about zsh-fork subcommand approval behavior, not workspace sandboxing, so it now runs with `DangerFullAccess` to avoid macOS sandbox setup failures before the second subcommand approval. --- .../app-server/tests/suite/v2/turn_start_zsh_fork.rs | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/codex-rs/app-server/tests/suite/v2/turn_start_zsh_fork.rs b/codex-rs/app-server/tests/suite/v2/turn_start_zsh_fork.rs index ec77af88d..de30da1ba 100644 --- a/codex-rs/app-server/tests/suite/v2/turn_start_zsh_fork.rs +++ b/codex-rs/app-server/tests/suite/v2/turn_start_zsh_fork.rs @@ -535,12 +535,11 @@ async fn turn_start_shell_zsh_fork_subcommand_decline_marks_parent_declined_v2() }], cwd: Some(workspace.clone()), approval_policy: Some(codex_app_server_protocol::AskForApproval::UnlessTrusted), - sandbox_policy: Some(codex_app_server_protocol::SandboxPolicy::WorkspaceWrite { - writable_roots: vec![workspace.clone().try_into()?], - network_access: false, - exclude_tmpdir_env_var: true, - exclude_slash_tmp: true, - }), + // This test is about execve-intercept approval propagation, not + // workspace sandboxing. Using full access avoids macOS sandbox + // setup failures that can terminate the parent shell before the + // second subcommand approval is observed. + sandbox_policy: Some(codex_app_server_protocol::SandboxPolicy::DangerFullAccess), model: Some("mock-model".to_string()), effort: Some(codex_protocol::openai_models::ReasoningEffort::Medium), summary: Some(codex_protocol::config_types::ReasoningSummary::Auto),