Attribute network approvals to parent tool items in core#15594
Open
charley-oai wants to merge 8 commits intomainfrom
Open
Attribute network approvals to parent tool items in core#15594charley-oai wants to merge 8 commits intomainfrom
charley-oai wants to merge 8 commits intomainfrom
Conversation
Thread a stable network owner id through managed proxy credentials and use it to resolve the exact active tool call for blocked network requests. This makes concurrent network approvals attribute deterministically and preserves parent tool item ids downstream. Co-authored-by: Codex <noreply@openai.com>
Remove the synthetic network approval token and carry parent_tool_item_id directly through the managed proxy attribution path. Co-authored-by: Codex <noreply@openai.com>
Bundle proxy-disabled response parameters into a single typed args struct so the callsites stay readable and clippy stops flagging the helper for too many arguments. Co-authored-by: Codex <noreply@openai.com>
Restore the parent tool item id field and helper on guardian network approvals, and wire the begin_network_approval callsite to pass the tool call id after splitting the work into stacked branches. Co-authored-by: Codex <noreply@openai.com>
This was referenced Mar 24, 2026
Keep the core-only PR focused by explicitly ignoring the new network approval parent field in the existing guardian action JSON pattern matches. Co-authored-by: Codex <noreply@openai.com>
Drop the unused protocol-formatting helper from the core-only branch so clippy does not fail on dead code after the PR split. Co-authored-by: Codex <noreply@openai.com>
Contributor
Author
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b45bbe8278
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Propagate the extracted parent tool item id through the CONNECT limited-mode MITM-required block path so core can attribute the denial to the correct active tool call. Also derive PartialEq/Eq for BlockedRequest to keep the focused regression test as a full-object assertion. Co-authored-by: Codex <noreply@openai.com>
Add the new parent tool item id field to the remaining network access guardian test fixture on the core-only branch. Co-authored-by: Codex <noreply@openai.com>
Contributor
Author
|
@codex review |
Contributor
|
Codex Review: Didn't find any major issues. Another round soon, please! ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
parent_tool_item_idthrough the managed network proxy path instead of inferring ownership from the global active-call setREASON_MITM_REQUIREDblock pathWhy This PR Exists
Today core can only attribute a blocked network request when there is exactly one active tool call. This branch moves attribution into the managed proxy path itself so blocked requests carry the owning parent tool item id back into core without ordering heuristics.
Verification
cargo test -p codex-network-proxycargo test -p codex-network-proxy http_connect_accept_blocks_in_limited_modecodex-core/codex-tui-app-servervalidation was partially rerun while splitting, but I stopped broad/local runs once they stopped giving incremental signal and am relying on PR CI for the full matrix