RobbyV2/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2025-12-03 18:35:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
codex/codex-rs/execpolicy/README.md
zhao-oai fe7a3f0c2b execpolicycheck command in codex cli (#7012) 
adding execpolicycheck tool onto codex cli

this is useful for validating policies (can be multiple) against
commands.

it will also surface errors in policy syntax:
<img width="1150" height="281" alt="Screenshot 2025-11-19 at 12 46
21 PM"
src="https://github.com/user-attachments/assets/8f99b403-564c-4172-acc9-6574a8d13dc3"
/>

this PR also changes output format when there's no match in the CLI.
instead of returning the raw string `noMatch`, we return
`{"noMatch":{}}`

this PR is a rewrite of: https://github.com/openai/codex/pull/6932 (due
to the numerous merge conflicts present in the original PR)

---------

Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-11-20 16:44:31 -05:00

2.4 KiB
Raw Permalink Blame History

codex-execpolicy

Overview

  • Policy engine and CLI built around prefix_rule(pattern=[...], decision?, match?, not_match?).
  • This release covers the prefix-rule subset of the execpolicy language; a richer language will follow.
  • Tokens are matched in order; any pattern element may be a list to denote alternatives. decision defaults to allow; valid values: allow, prompt, forbidden.
  • match / not_match supply example invocations that are validated at load time (think of them as unit tests); examples can be token arrays or strings (strings are tokenized with shlex).
  • The CLI always prints the JSON serialization of the evaluation result.
  • The legacy rule matcher lives in codex-execpolicy-legacy.

Policy shapes

  • Prefix rules use Starlark syntax:
prefix_rule(
    pattern = ["cmd", ["alt1", "alt2"]], # ordered tokens; list entries denote alternatives
    decision = "prompt",                 # allow | prompt | forbidden; defaults to allow
    match = [["cmd", "alt1"], "cmd alt2"],           # examples that must match this rule
    not_match = [["cmd", "oops"], "cmd alt3"],       # examples that must not match this rule
)

CLI

  • From the Codex CLI, run codex execpolicy check subcommand with one or more policy files (for example src/default.codexpolicy) to check a command:
codex execpolicy check --policy path/to/policy.codexpolicy git status
  • Pass multiple --policy flags to merge rules, evaluated in the order provided, and use --pretty for formatted JSON.
  • You can also run the standalone dev binary directly during development:
cargo run -p codex-execpolicy -- check --policy path/to/policy.codexpolicy git status
  • Example outcomes:
    • Match: {"match": { ... "decision": "allow" ... }}
    • No match: {"noMatch": {}}

Response shapes

  • Match:
{
  "match": {
    "decision": "allow|prompt|forbidden",
    "matchedRules": [
      {
        "prefixRuleMatch": {
          "matchedPrefix": ["<token>", "..."],
          "decision": "allow|prompt|forbidden"
        }
      }
    ]
  }
}
  • No match:
{"noMatch": {}}
  • matchedRules lists every rule whose prefix matched the command; matchedPrefix is the exact prefix that matched.
  • The effective decision is the strictest severity across all matches (forbidden > prompt > allow).

Note: execpolicy commands are still in preview. The API may have breaking changes in the future.

Reference in New Issue View Git Blame Copy Permalink