fix: relax codex restore approval mode
This commit is contained in:
parent
611ded42ca
commit
3ba526d282
|
|
@ -1,5 +1,11 @@
|
|||
# @composio/ao-plugin-agent-codex
|
||||
|
||||
## [Unreleased]
|
||||
|
||||
### Fixed
|
||||
|
||||
- Make Codex worker restore commands use `--ask-for-approval on-request` instead of resuming in `never` approval mode, while keeping permissionless orchestrator restores explicitly bypassed.
|
||||
|
||||
## 0.2.0
|
||||
|
||||
### Patch Changes
|
||||
|
|
|
|||
|
|
@ -1470,7 +1470,7 @@ describe("getRestoreCommand", () => {
|
|||
expect(cmd).toContain("--dangerously-bypass-approvals-and-sandbox");
|
||||
});
|
||||
|
||||
it("demotes worker restore permissionless mode to ask-for-approval never", async () => {
|
||||
it("demotes worker restore permissionless mode to ask-for-approval on-request", async () => {
|
||||
const content = jsonl(
|
||||
{ type: "session_meta", cwd: "/workspace/test", model: "gpt-4o" },
|
||||
{ threadId: "thread-1" },
|
||||
|
|
@ -1489,11 +1489,11 @@ describe("getRestoreCommand", () => {
|
|||
}),
|
||||
);
|
||||
|
||||
expect(cmd).toContain("--ask-for-approval never");
|
||||
expect(cmd).toContain("--ask-for-approval on-request");
|
||||
expect(cmd).not.toContain("--dangerously-bypass-approvals-and-sandbox");
|
||||
});
|
||||
|
||||
it("includes --ask-for-approval never from project config", async () => {
|
||||
it("downgrades auto-edit restore policy to ask-for-approval on-request", async () => {
|
||||
const content = jsonl(
|
||||
{ type: "session_meta", cwd: "/workspace/test", model: "gpt-4o" },
|
||||
{ threadId: "thread-1" },
|
||||
|
|
@ -1512,7 +1512,7 @@ describe("getRestoreCommand", () => {
|
|||
}),
|
||||
);
|
||||
|
||||
expect(cmd).toContain("--ask-for-approval never");
|
||||
expect(cmd).toContain("--ask-for-approval on-request");
|
||||
expect(cmd).not.toContain("--dangerously-bypass-approvals-and-sandbox");
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -404,6 +404,26 @@ function appendApprovalFlags(
|
|||
}
|
||||
}
|
||||
|
||||
/** Append restore-time approval flags, avoiding worker resumes in `never` mode. */
|
||||
function appendRestoreApprovalFlags(
|
||||
parts: string[],
|
||||
permissions: string | undefined,
|
||||
isOrchestrator: boolean,
|
||||
): void {
|
||||
const mode = normalizeAgentPermissionMode(permissions);
|
||||
if (mode === "permissionless") {
|
||||
if (isOrchestrator) {
|
||||
parts.push("--dangerously-bypass-approvals-and-sandbox");
|
||||
} else {
|
||||
parts.push("--ask-for-approval", "on-request");
|
||||
}
|
||||
} else if (mode === "auto-edit") {
|
||||
parts.push("--ask-for-approval", "on-request");
|
||||
} else if (mode === "suggest") {
|
||||
parts.push("--ask-for-approval", "untrusted");
|
||||
}
|
||||
}
|
||||
|
||||
/** Append model and reasoning flags to a command parts array */
|
||||
function appendModelFlags(parts: string[], model: string | undefined): void {
|
||||
if (!model) return;
|
||||
|
|
@ -734,7 +754,7 @@ function createCodexAgent(): Agent {
|
|||
appendNoUpdateCheckFlag(parts);
|
||||
|
||||
const isOrchestrator = session.metadata?.["role"] === "orchestrator";
|
||||
appendApprovalFlags(parts, project.agentConfig?.permissions, isOrchestrator);
|
||||
appendRestoreApprovalFlags(parts, project.agentConfig?.permissions, isOrchestrator);
|
||||
const effectiveModel = (project.agentConfig?.model ?? data.model) as string | undefined;
|
||||
appendModelFlags(parts, effectiveModel ?? undefined);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue