mirror of
https://github.com/pchuan98/codex.git
synced 2026-07-01 00:31:56 +08:00
2f048f2063
This implements the new config design where config _requirements_ are loaded separately (and with a special schema) as compared to config _settings_. In particular, on UNIX, with this PR, you could define `/etc/codex/requirements.toml` with: ```toml allowed_approval_policies = ["never", "on-request"] ``` to enforce that `Config.approval_policy` must be one of those two values when Codex runs. We plan to expand the set of things that can be restricted by `/etc/codex/requirements.toml` in short order. Note that requirements can come from several sources: - new MDM key on macOS (not implemented yet) - `/etc/codex/requirements.toml` - re-interpretation of legacy MDM key on macOS (`com.openai.codex/config_toml_base64`) - re-interpretation of legacy `/etc/codex/managed_config.toml` So our resolution strategy is to load TOML data from those sources, in order. Later TOMLs are "merged" into previous TOMLs, but any field that is already set cannot be overwritten. See `ConfigRequirementsToml::merge_unset_fields()`.
2f048f2063
ยท
2025-12-18 13:36:55 -08:00
History