Commit 9025550
authored
app-server-protocol: remove PermissionProfile from API (openai#22924)
## Why
The app server API should expose permission profile identity, not the
lower-level runtime permission model. `PermissionProfile` is the
compiled sandbox/network representation that the server uses internally;
exposing it through app-server-protocol forces clients to understand
details that should remain implementation-level.
The API boundary should prefer `ActivePermissionProfile`: a stable
profile id, plus future parent-profile metadata, that clients can pass
back when they want to select the same active permissions. This also
avoids schema generation collisions between the app-server v2 API type
space and the core protocol model.
Incidentally, while PR makes a number of changes to `command/exec`, note
that we are hoping to deprecate this API in favor of `process/spawn`, so
we don't need to be too finicky about these changes.
## What Changed
- Removed `PermissionProfile` from the app-server-protocol API surface,
including generated schema and TypeScript exports.
- Changed `CommandExecParams.permissionProfile` to
`ActivePermissionProfile`.
- Resolve command exec profile ids through `ConfigManager` for the
command cwd, matching turn override selection semantics.
- Updated downstream TUI tests/helpers to use core permission types
directly instead of app-server-protocol `PermissionProfile` shims.1 parent bbb5c28 commit 9025550
31 files changed
Lines changed: 436 additions & 1440 deletions
File tree
- codex-rs
- app-server-protocol
- schema
- json
- v2
- typescript/v2
- src
- protocol
- v2
- app-server
- src
- request_processors
- tests/suite/v2
- protocol/src
- tui/src
- app
- chatwidget/tests
- history_cell
- status
Lines changed: 20 additions & 325 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments