feat: introduce codex_execpolicy crate for defining "safe" commands (#634)

As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: 5e40d9d221/codex-cli/src/approvals.ts (L333-L354) Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
parent 5e40d9d221
commit 58f0e5ab74
29 changed files with 3830 additions and 47 deletions
--- a/codex-rs/execpolicy/tests/literal.rs
+++ b/codex-rs/execpolicy/tests/literal.rs
@@ -0,0 +1,50 @@
+use codex_execpolicy::ArgType;
+use codex_execpolicy::Error;
+use codex_execpolicy::ExecCall;
+use codex_execpolicy::MatchedArg;
+use codex_execpolicy::MatchedExec;
+use codex_execpolicy::PolicyParser;
+use codex_execpolicy::Result;
+use codex_execpolicy::ValidExec;
+
+extern crate codex_execpolicy;
+
+#[test]
+fn test_invalid_subcommand() -> Result<()> {
+    let unparsed_policy = r#"
+define_program(
+    program="fake_executable",
+    args=["subcommand", "sub-subcommand"],
+)
+"#;
+    let parser = PolicyParser::new("test_invalid_subcommand", unparsed_policy);
+    let policy = parser.parse().expect("failed to parse policy");
+    let valid_call = ExecCall::new("fake_executable", &["subcommand", "sub-subcommand"]);
+    assert_eq!(
+        Ok(MatchedExec::Match {
+            exec: ValidExec::new(
+                "fake_executable",
+                vec![
+                    MatchedArg::new(0, ArgType::Literal("subcommand".to_string()), "subcommand")?,
+                    MatchedArg::new(
+                        1,
+                        ArgType::Literal("sub-subcommand".to_string()),
+                        "sub-subcommand"
+                    )?,
+                ],
+                &[]
+            )
+        }),
+        policy.check(&valid_call)
+    );
+
+    let invalid_call = ExecCall::new("fake_executable", &["subcommand", "not-a-real-subcommand"]);
+    assert_eq!(
+        Err(Error::LiteralValueDidNotMatch {
+            expected: "sub-subcommand".to_string(),
+            actual: "not-a-real-subcommand".to_string()
+        }),
+        policy.check(&invalid_call)
+    );
+    Ok(())
+}