feat: add --ignore-user-config and --ignore-rules#18646
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e75ff5a792
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
codex/codex-rs/core/src/exec_policy.rs
Lines 113 to 115 in 5157d8f
Include ignore-rules in exec-policy inheritance check
load_exec_policy() now changes behavior based on ConfigLayerStack::ignore_user_and_project_exec_policy_rules() (set by --ignore-rules), but child_uses_parent_exec_policy() does not compare that flag. A child thread can therefore reuse the parent ExecPolicyManager even when the two configs should load different rule sets, leading to incorrect allow/deny decisions.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
1 participant
Add those 2 flags to be able to fully isolate a run of
codex execfrom any rules or tools.This will be used by Chronicle