2 Commits

  • cli: rename sandbox permission profile flag (#30095)
    ## Why
    
    `codex sandbox` accepts a single named permissions profile, so the
    existing plural `--permissions-profile` spelling is misleading. The
    canonical flag and its help text should use the singular form without
    breaking scripts that already use the old spelling.
    
    ## What changed
    
    - Make `--permission-profile` the canonical flag for all sandbox
    backends.
    - Keep `--permissions-profile` as a hidden backwards-compatible alias.
    - Cover the canonical spelling, legacy alias, and help visibility with
    regression tests.
    
    ## Testing
    
    Ran `just c sandbox --help` and verified I saw:
    
    ```shell
      -P, --permission-profile <NAME>
              Named permissions profile to apply from the active configuration stack
    ```
  • Enforce configured network proxy in codex sandbox (#27035)
    ## Why
    
    `codex sandbox` can start a network proxy from a configured permission
    profile. Previously, sandbox-level containment was tied to managed
    network requirements rather than whether a proxy was actually active.
    This meant config-driven proxy policies were not consistently enforced
    as the sandbox's only network path.
    
    ## What changed
    
    - Enable proxy-only network containment whenever `codex sandbox` starts
    a network proxy.
    - Apply the same active-proxy check to the macOS and Linux sandbox
    paths.
    - Add a Linux regression test that verifies a sandboxed command cannot
    establish a direct connection while the configured proxy is active.
    
    ## Test plan
    
    - `just test -p codex-cli debug_sandbox::tests`
    - `sandbox_with_network_proxy_blocks_direct_loopback_access` runs on
    Linux to cover the config-driven proxy path end to end.