Skip to content

fix(core): emit unified exec sandbox denial lifecycle#22395

Open
mldangelo-oai wants to merge 2 commits into
mainfrom
fix/unified-exec-sandbox-denial-lifecycle
Open

fix(core): emit unified exec sandbox denial lifecycle#22395
mldangelo-oai wants to merge 2 commits into
mainfrom
fix/unified-exec-sandbox-denial-lifecycle

Conversation

@mldangelo-oai
Copy link
Copy Markdown

@mldangelo-oai mldangelo-oai commented May 12, 2026

What

  • Emit a failed unified-exec command lifecycle when sandbox setup is denied before process spawn.
  • Add focused regression coverage for the pre-spawn sandbox-denial path.

Why

In the publicly released Codex app server surface, a unified-exec sandbox denial can become model-visible while the raw app-server stream omits the corresponding commandExecution lifecycle entirely. That leaves clients without the expected start/end execution signals for a failed command.

Reproduction

Observed against public codex-cli 0.130.0:

  1. Start codex app-server with unified exec enabled.
  2. Trigger a command that is denied during sandbox setup before spawn.
  3. Inspect raw app-server notifications.
  4. The model-visible denial is present, but the raw stream does not emit the expected item/started / failed item/completed command lifecycle.

Control case:

  • Re-running the same probe with codex app-server --disable unified_exec emits the expected command lifecycle notifications.

Root cause

UnifiedExecProcessManager::exec_command(...) returns early on UnifiedExecError::SandboxDenied before emitting begin/end lifecycle notifications.

Fix

Emit a failed unified-exec lifecycle for that pre-spawn denial branch, preserving the denial result while keeping the app-server event stream consistent with other failed command paths.

Duplicate audit

Before opening this PR, I searched public issues and PRs for commandExecution, item/commandExecution/outputDelta, unified_exec, SandboxDenied, sandbox_apply, ExecCommandBegin, and ExecCommandEnd. I found adjacent context, but no exact public duplicate report or fix for this missing lifecycle path.

Validation

  • cargo test -p codex-core failed_pre_spawn_sandbox_denial_emits_begin_and_end --lib
  • cargo test -p codex-core failed_initial_end_for_unstored_process_uses_fallback_output --lib
  • cargo fmt --check
  • git diff --check
  • just fmt
  • just fix -p codex-core

Public bug-report evidence and repro notes were prepared before this PR so the behavior can be evaluated independently of the patch.

@mldangelo-oai mldangelo-oai requested a review from a team as a code owner May 12, 2026 23:44
@mldangelo-oai mldangelo-oai added codex Label used by connector to tag PRs that have been reviewed by Codex codex-automation labels May 12, 2026 — with ChatGPT Codex Connector
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 12, 2026
edited
Loading

All contributors have signed the CLA ✍️ ✅
Posted by the CLA Assistant Lite bot.

@mldangelo-oai ChatGPT Codex Connector
Copy link
Copy Markdown
Author

mldangelo-oai commented May 12, 2026

I have read the CLA Document and I hereby sign the CLA

github-actions Bot added a commit that referenced this pull request May 12, 2026
@github-actions
@mldangelo-oai has signed the CLA in #22395
2a8e1ee
@mldangelo-oai mldangelo-oai removed codex-automation codex Label used by connector to tag PRs that have been reviewed by Codex labels May 13, 2026
@mldangelo-oai mldangelo-oai added codex Label used by connector to tag PRs that have been reviewed by Codex codex-automation labels May 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

codex Label used by connector to tag PRs that have been reviewed by Codex codex-automation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mldangelo-oai