github-mirrors/openclaw
1
0
Fork 0
mirror of https://fastgit.cc/github.com/openclaw/openclaw synced 2026-04-30 14:02:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

security(codex): restore sandbox protections for resumed CLI sessions

Browse Source
This commit is contained in:
Pedro Gonzalez
2026-04-16 12:32:29 +00:00
committed by Peter Steinberger
parent 1a98090bf3
commit 4c66978591
2 changed files with 3 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
extensions/openai/cli-backend.ts
View File

@@ -31,7 +31,7 @@ export function buildOpenAICodexCliBackend(): CliBackendPlugin {
"workspace-write",
"--skip-git-repo-check",
],
resumeArgs: ["exec", "resume", "{sessionId}", "--dangerously-bypass-approvals-and-sandbox"],
resumeArgs: ["exec", "resume", "{sessionId}"],
output: "jsonl",
resumeOutput: "text",
input: "arg",

9
src/agents/cli-backends.test.ts
View File

@@ -244,7 +244,7 @@ beforeEach(() => {
"workspace-write",
"--skip-git-repo-check",
],
resumeArgs: ["exec", "resume", "{sessionId}", "--dangerously-bypass-approvals-and-sandbox"],
resumeArgs: ["exec", "resume", "{sessionId}"],
systemPromptFileConfigArg: "-c",
systemPromptFileConfigKey: "model_instructions_file",
systemPromptWhen: "first",
@@ -322,12 +322,7 @@ describe("resolveCliBackendConfig reliability merge", () => {
"workspace-write",
"--skip-git-repo-check",
]);
expect(resolved?.config.resumeArgs).toEqual([
"exec",
"resume",
"{sessionId}",
"--dangerously-bypass-approvals-and-sandbox",
]);
expect(resolved?.config.resumeArgs).toEqual(["exec", "resume", "{sessionId}"]);
});
it("deep-merges reliability watchdog overrides for codex", () => {