mirror of
https://github.com/pchuan98/codex.git
synced 2026-07-01 00:31:56 +08:00
2f048f2063
This implements the new config design where config _requirements_ are loaded separately (and with a special schema) as compared to config _settings_. In particular, on UNIX, with this PR, you could define `/etc/codex/requirements.toml` with: ```toml allowed_approval_policies = ["never", "on-request"] ``` to enforce that `Config.approval_policy` must be one of those two values when Codex runs. We plan to expand the set of things that can be restricted by `/etc/codex/requirements.toml` in short order. Note that requirements can come from several sources: - new MDM key on macOS (not implemented yet) - `/etc/codex/requirements.toml` - re-interpretation of legacy MDM key on macOS (`com.openai.codex/config_toml_base64`) - re-interpretation of legacy `/etc/codex/managed_config.toml` So our resolution strategy is to load TOML data from those sources, in order. Later TOMLs are "merged" into previous TOMLs, but any field that is already set cannot be overwritten. See `ConfigRequirementsToml::merge_unset_fields()`.
2f048f2063
ยท
2025-12-18 13:36:55 -08:00
History
codex-core
This crate implements the business logic for Codex. It is designed to be used by the various Codex UIs written in Rust.
Dependencies
Note that codex-core makes some assumptions about certain helper utilities being available in the environment. Currently, this support matrix is:
macOS
Expects /usr/bin/sandbox-exec to be present.
Linux
Expects the binary containing codex-core to run the equivalent of codex sandbox linux (legacy alias: codex debug landlock) when arg0 is codex-linux-sandbox. See the codex-arg0 crate for details.
All Platforms
Expects the binary containing codex-core to simulate the virtual apply_patch CLI when arg1 is --codex-run-as-apply-patch. See the codex-arg0 crate for details.