fix(rebase): restore protocol/core compatibility on main

Co-authored-by: Codex <noreply@openai.com>

Author: charley-oai

codex-rs/core/src/agent/control.rs

@@ -14,7 +14,6 @@ use crate::state_db;
 use crate::thread_manager::ThreadManagerState;
 use codex_protocol::ThreadId;
 use codex_protocol::models::FunctionCallOutputPayload;
-use codex_protocol::models::MessageRole;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::protocol::InitialHistory;
 use codex_protocol::protocol::Op;
@@ -504,6 +503,7 @@ mod tests {
     use assert_matches::assert_matches;
     use codex_protocol::config_types::ModeKind;
     use codex_protocol::models::ContentItem;
+    use codex_protocol::models::MessageRole;
     use codex_protocol::models::ResponseItem;
     use codex_protocol::protocol::ErrorEvent;
     use codex_protocol::protocol::EventMsg;

codex-rs/core/src/codex.rs

@@ -379,7 +379,6 @@ impl Codex {
         let (tx_sub, rx_sub) = async_channel::bounded(SUBMISSION_CHANNEL_CAPACITY);
         let (tx_event, rx_event) = async_channel::unbounded();
 
-        let loaded_plugins = plugins_manager.plugins_for_config(&config);
         let loaded_skills = skills_manager.skills_for_config(&config);
 
         for err in &loaded_skills.errors {

codex-rs/core/src/codex_tests.rs

@@ -3558,7 +3558,7 @@ async fn abort_review_task_emits_exited_then_aborted_and_records_history() {
                 let ContentItem::InputText { text } = content_item else {
                     return false;
                 };
-                text.contains(crate::contextual_user_message::TURN_ABORTED_OPEN_TAG)
+                text.contains(crate::model_visible_context::TURN_ABORTED_OPEN_TAG)
             })
         }),
         "expected a model-visible turn aborted marker in history after interrupt"

codex-rs/core/src/exec_policy.rs

@@ -540,7 +540,7 @@ pub fn render_decision_for_unmatched_command(
                     // In restricted sandboxes (ReadOnly/WorkspaceWrite), do not prompt for
                     // non‑escalated, non‑dangerous commands — let the sandbox enforce
                     // restrictions (e.g., block network/write) without a user prompt.
-                    if sandbox_permissions.requests_sandbox_override() {
+                    if sandbox_permissions.requires_escalated_permissions() {
                         Decision::Prompt
                     } else {
                         Decision::Allow
@@ -555,7 +555,7 @@ pub fn render_decision_for_unmatched_command(
                 Decision::Allow
             }
             SandboxPolicy::ReadOnly { .. } | SandboxPolicy::WorkspaceWrite { .. } => {
-                if sandbox_permissions.requests_sandbox_override() {
+                if sandbox_permissions.requires_escalated_permissions() {
                     Decision::Prompt
                 } else {
                     Decision::Allow

codex-rs/core/src/tools/handlers/mod.rs

@@ -187,12 +187,13 @@ pub(super) async fn apply_granted_turn_permissions(
         _ => false,
     };
 
-    let sandbox_permissions =
-        if effective_permissions.is_some() && !sandbox_permissions.uses_additional_permissions() {
-            SandboxPermissions::WithAdditionalPermissions
-        } else {
-            sandbox_permissions
-        };
+    let sandbox_permissions = if effective_permissions.is_some()
+        && !sandbox_permissions.requires_additional_permissions()
+    {
+        SandboxPermissions::WithAdditionalPermissions
+    } else {
+        sandbox_permissions
+    };
 
     EffectiveAdditionalPermissions {
         sandbox_permissions,

codex-rs/core/src/tools/handlers/shell.rs

@@ -354,7 +354,7 @@ impl ShellHandler {
         // continue through the normal exec approval flow for the command.
         if effective_additional_permissions
             .sandbox_permissions
-            .requests_sandbox_override()
+            .requires_escalated_permissions()
             && !effective_additional_permissions.permissions_preapproved
             && !matches!(
                 turn.approval_policy.value(),

codex-rs/core/src/tools/handlers/unified_exec.rs

@@ -182,7 +182,7 @@ impl ToolHandler for UnifiedExecHandler {
                 // continue through the normal exec approval flow for the command.
                 if effective_additional_permissions
                     .sandbox_permissions
-                    .requests_sandbox_override()
+                    .requires_escalated_permissions()
                     && !effective_additional_permissions.permissions_preapproved
                     && !matches!(
                         context.turn.approval_policy.value(),

codex-rs/core/tests/suite/approvals.rs

@@ -239,7 +239,7 @@ fn shell_event_with_prefix_rule(
         "command": command,
         "timeout_ms": timeout_ms,
     });
-    if sandbox_permissions.requests_sandbox_override() {
+    if sandbox_permissions.requires_escalated_permissions() {
         args["sandbox_permissions"] = json!(sandbox_permissions);
     }
     if let Some(prefix_rule) = prefix_rule {
@@ -262,7 +262,7 @@ fn exec_command_event(
     if let Some(yield_time_ms) = yield_time_ms {
         args["yield_time_ms"] = json!(yield_time_ms);
     }
-    if sandbox_permissions.requests_sandbox_override() {
+    if sandbox_permissions.requires_escalated_permissions() {
         args["sandbox_permissions"] = json!(sandbox_permissions);
         let reason = justification.unwrap_or(DEFAULT_UNIFIED_EXEC_JUSTIFICATION);
         args["justification"] = json!(reason);

codex-rs/core/tests/suite/permissions_messages.rs

@@ -490,6 +490,7 @@ async fn permissions_message_includes_writable_roots() -> Result<()> {
     let expected = developer_permissions_text(
         &sandbox_policy,
         AskForApproval::OnRequest,
+        false,
         &Policy::empty(),
         test.config.cwd.as_path(),
         false,

codex-rs/core/tests/suite/plugins.rs

@@ -21,6 +21,7 @@ use core_test_support::stdio_server_bin;
 use core_test_support::test_codex::test_codex;
 use core_test_support::wait_for_event;
 use core_test_support::wait_for_event_with_timeout;
+use dunce::canonicalize as normalize_path;
 use tempfile::TempDir;
 use wiremock::MockServer;