Add sandbox support to filesystem APIs#16751
Merged
starr-openai merged 17 commits intomainfrom Apr 8, 2026
Merged
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 231e89f223
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
pakrym-oai
reviewed
Apr 7, 2026
pakrym-oai
reviewed
Apr 7, 2026
pakrym-oai
reviewed
Apr 7, 2026
pakrym-oai
reviewed
Apr 7, 2026
pakrym-oai
reviewed
Apr 7, 2026
pakrym-oai
reviewed
Apr 7, 2026
pakrym-oai
reviewed
Apr 7, 2026
pakrym-oai
reviewed
Apr 7, 2026
pakrym-oai
requested changes
Apr 7, 2026
Collaborator
pakrym-oai
left a comment
pakrym-oai
left a comment
There was a problem hiding this comment.
let's keep the sandbox parameter only in exec server + remove unrelated changes + simplify overloads maybe (non-blocking, up to you)
starr-openai
force-pushed
the
starr/ca-414-fs-sandbox
branch
from
47073cf to
d94e4c6
Compare
jif-oai
reviewed
Apr 7, 2026
starr-openai
added a commit
that referenced
this pull request
Apr 7, 2026
Co-authored-by: Codex <noreply@openai.com>
pakrym-oai
approved these changes
Apr 8, 2026
Use the same cmd.exe-based token reader and CRLF token file format on Windows as login auth tests, and increase the fixture timeout to avoid brittle shell startup timing under loaded CI workers. Co-authored-by: Codex <noreply@openai.com>
Poll MCP tool discovery before submitting the text-only rmcp image turn, matching the non-sanitized image test and avoiding macOS CI timeouts while the stdio server finishes startup. Co-authored-by: Codex <noreply@openai.com>
Use explicit sandbox policy parameters in exec-server filesystem calls, drop the app-server surface change, and back out unrelated PR churn. Co-authored-by: Codex <noreply@openai.com>
Co-authored-by: Codex <noreply@openai.com>
Co-authored-by: Codex <noreply@openai.com>
Co-authored-by: Codex <noreply@openai.com>
Co-authored-by: Codex <noreply@openai.com>
Co-authored-by: Codex <noreply@openai.com>
Co-authored-by: Codex <noreply@openai.com>
Co-authored-by: Codex <noreply@openai.com>
Co-authored-by: Codex <noreply@openai.com>
Co-authored-by: Codex <noreply@openai.com>
Keep sandboxed remote file operations on absolute paths without adding an exec-server filesystem cwd request field or reading the client process current directory per request. Co-authored-by: Codex <noreply@openai.com>
starr-openai
force-pushed
the
starr/ca-414-fs-sandbox
branch
4 times, most recently
from
2a36205 to
523aa37
Compare
Remove the unused sandbox cwd parameter from the exec-server filesystem trait and callsites. Keep the explicit cwd override private to the local access-check helper used by focused unit coverage. Co-authored-by: Codex <noreply@openai.com>
starr-openai
force-pushed
the
starr/ca-414-fs-sandbox
branch
from
523aa37 to
5697846
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
sandboxPolicysupport to the app-server filesystem request surfaceValidation
cargo test -p codex-app-server-protocolcargo test -p codex-exec-server file_systemcargo test -p codex-app-server suite::v2::fs