feat: introduce codex_execpolicy crate for defining "safe" commands (#634)

As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: 5e40d9d221/codex-cli/src/approvals.ts (L333-L354) Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
parent 5e40d9d221
commit 58f0e5ab74
29 changed files with 3830 additions and 47 deletions
--- a/codex-rs/execpolicy/src/sed_command.rs
+++ b/codex-rs/execpolicy/src/sed_command.rs
@@ -0,0 +1,17 @@
+use crate::error::Error;
+use crate::error::Result;
+
+pub fn parse_sed_command(sed_command: &str) -> Result<()> {
+    // For now, we parse only commands like `122,202p`.
+    if let Some(stripped) = sed_command.strip_suffix("p") {
+        if let Some((first, rest)) = stripped.split_once(",") {
+            if first.parse::<u64>().is_ok() && rest.parse::<u64>().is_ok() {
+                return Ok(());
+            }
+        }
+    }
+
+    Err(Error::SedCommandNotProvablySafe {
+        command: sed_command.to_string(),
+    })
+}