mirror of
https://github.com/openai/codex.git
synced 2026-05-06 06:12:59 +03:00
1af2a37ada
## Why
`codex-rs/core/src/lib.rs` re-exported a broad set of types and modules
from `codex-protocol` and `codex-shell-command`. That made it easy for
workspace crates to import those APIs through `codex-core`, which in
turn hides dependency edges and makes it harder to reduce compile-time
coupling over time.
This change removes those public re-exports so call sites must import
from the source crates directly. Even when a crate still depends on
`codex-core` today, this makes dependency boundaries explicit and
unblocks future work to drop `codex-core` dependencies where possible.
## What Changed
- Removed public re-exports from `codex-rs/core/src/lib.rs` for:
- `codex_protocol::protocol` and related protocol/model types (including
`InitialHistory`)
- `codex_protocol::config_types` (`protocol_config_types`)
- `codex_shell_command::{bash, is_dangerous_command, is_safe_command,
parse_command, powershell}`
- Migrated workspace Rust call sites to import directly from:
- `codex_protocol::protocol`
- `codex_protocol::config_types`
- `codex_protocol::models`
- `codex_shell_command`
- Added explicit `Cargo.toml` dependencies (`codex-protocol` /
`codex-shell-command`) in crates that now import those crates directly.
- Kept `codex-core` internal modules compiling by using `pub(crate)`
aliases in `core/src/lib.rs` (internal-only, not part of the public
API).
- Updated the two utility crates that can already drop a `codex-core`
dependency edge entirely:
- `codex-utils-approval-presets`
- `codex-utils-cli`
## Verification
- `cargo test -p codex-utils-approval-presets`
- `cargo test -p codex-utils-cli`
- `cargo check --workspace --all-targets`
- `just clippy`
148 lines
4.7 KiB
Rust
148 lines
4.7 KiB
Rust
use std::path::PathBuf;
|
|
use std::sync::Arc;
|
|
|
|
use codex_core::CodexThread;
|
|
use codex_protocol::ThreadId;
|
|
use codex_protocol::parse_command::ParsedCommand;
|
|
use codex_protocol::protocol::Op;
|
|
use codex_protocol::protocol::ReviewDecision;
|
|
use rmcp::model::ErrorData;
|
|
use rmcp::model::RequestId;
|
|
use serde::Deserialize;
|
|
use serde::Serialize;
|
|
use serde_json::Value;
|
|
use serde_json::json;
|
|
use tracing::error;
|
|
|
|
/// Conforms to the MCP elicitation request params shape, so it can be used as
|
|
/// the `params` field of an `elicitation/create` request.
|
|
#[derive(Debug, Deserialize, Serialize)]
|
|
pub struct ExecApprovalElicitRequestParams {
|
|
// These fields are required so that `params`
|
|
// conforms to ElicitRequestParams.
|
|
pub message: String,
|
|
|
|
#[serde(rename = "requestedSchema")]
|
|
pub requested_schema: Value,
|
|
|
|
// These are additional fields the client can use to
|
|
// correlate the request with the codex tool call.
|
|
#[serde(rename = "threadId")]
|
|
pub thread_id: ThreadId,
|
|
pub codex_elicitation: String,
|
|
pub codex_mcp_tool_call_id: String,
|
|
pub codex_event_id: String,
|
|
pub codex_call_id: String,
|
|
pub codex_command: Vec<String>,
|
|
pub codex_cwd: PathBuf,
|
|
pub codex_parsed_cmd: Vec<ParsedCommand>,
|
|
}
|
|
|
|
// TODO(mbolin): ExecApprovalResponse does not conform to ElicitResult. See:
|
|
// - https://github.com/modelcontextprotocol/modelcontextprotocol/blob/f962dc1780fa5eed7fb7c8a0232f1fc83ef220cd/schema/2025-06-18/schema.json#L617-L636
|
|
// - https://modelcontextprotocol.io/specification/draft/client/elicitation#protocol-messages
|
|
// It should have "action" and "content" fields.
|
|
#[derive(Debug, Serialize, Deserialize)]
|
|
pub struct ExecApprovalResponse {
|
|
pub decision: ReviewDecision,
|
|
}
|
|
|
|
#[allow(clippy::too_many_arguments)]
|
|
pub(crate) async fn handle_exec_approval_request(
|
|
command: Vec<String>,
|
|
cwd: PathBuf,
|
|
outgoing: Arc<crate::outgoing_message::OutgoingMessageSender>,
|
|
codex: Arc<CodexThread>,
|
|
request_id: RequestId,
|
|
tool_call_id: String,
|
|
event_id: String,
|
|
call_id: String,
|
|
approval_id: String,
|
|
codex_parsed_cmd: Vec<ParsedCommand>,
|
|
thread_id: ThreadId,
|
|
) {
|
|
let escaped_command =
|
|
shlex::try_join(command.iter().map(String::as_str)).unwrap_or_else(|_| command.join(" "));
|
|
let message = format!(
|
|
"Allow Codex to run `{escaped_command}` in `{cwd}`?",
|
|
cwd = cwd.to_string_lossy()
|
|
);
|
|
|
|
let params = ExecApprovalElicitRequestParams {
|
|
message,
|
|
requested_schema: json!({"type":"object","properties":{}}),
|
|
thread_id,
|
|
codex_elicitation: "exec-approval".to_string(),
|
|
codex_mcp_tool_call_id: tool_call_id.clone(),
|
|
codex_event_id: event_id.clone(),
|
|
codex_call_id: call_id,
|
|
codex_command: command,
|
|
codex_cwd: cwd,
|
|
codex_parsed_cmd,
|
|
};
|
|
let params_json = match serde_json::to_value(¶ms) {
|
|
Ok(value) => value,
|
|
Err(err) => {
|
|
let message = format!("Failed to serialize ExecApprovalElicitRequestParams: {err}");
|
|
error!("{message}");
|
|
|
|
outgoing
|
|
.send_error(request_id.clone(), ErrorData::invalid_params(message, None))
|
|
.await;
|
|
|
|
return;
|
|
}
|
|
};
|
|
|
|
let on_response = outgoing
|
|
.send_request("elicitation/create", Some(params_json))
|
|
.await;
|
|
|
|
// Listen for the response on a separate task so we don't block the main agent loop.
|
|
{
|
|
let codex = codex.clone();
|
|
let approval_id = approval_id.clone();
|
|
let event_id = event_id.clone();
|
|
tokio::spawn(async move {
|
|
on_exec_approval_response(approval_id, event_id, on_response, codex).await;
|
|
});
|
|
}
|
|
}
|
|
|
|
async fn on_exec_approval_response(
|
|
approval_id: String,
|
|
event_id: String,
|
|
receiver: tokio::sync::oneshot::Receiver<serde_json::Value>,
|
|
codex: Arc<CodexThread>,
|
|
) {
|
|
let response = receiver.await;
|
|
let value = match response {
|
|
Ok(value) => value,
|
|
Err(err) => {
|
|
error!("request failed: {err:?}");
|
|
return;
|
|
}
|
|
};
|
|
|
|
// Try to deserialize `value` and then make the appropriate call to `codex`.
|
|
let response = serde_json::from_value::<ExecApprovalResponse>(value).unwrap_or_else(|err| {
|
|
error!("failed to deserialize ExecApprovalResponse: {err}");
|
|
// If we cannot deserialize the response, we deny the request to be
|
|
// conservative.
|
|
ExecApprovalResponse {
|
|
decision: ReviewDecision::Denied,
|
|
}
|
|
});
|
|
|
|
if let Err(err) = codex
|
|
.submit(Op::ExecApproval {
|
|
id: approval_id,
|
|
turn_id: Some(event_id),
|
|
decision: response.decision,
|
|
})
|
|
.await
|
|
{
|
|
error!("failed to submit ExecApproval: {err}");
|
|
}
|
|
}
|