Skip to content

refactor: split sandboxed-exec engine out of codex-core (slice F)#527

Open
CSRessel wants to merge 1 commit into
refactor/sever-acp-corefrom
refactor/split-codex-core
Open

refactor: split sandboxed-exec engine out of codex-core (slice F)#527
CSRessel wants to merge 1 commit into
refactor/sever-acp-corefrom
refactor/split-codex-core

Conversation

@CSRessel

@CSRessel CSRessel commented Jul 4, 2026

Copy link
Copy Markdown
Collaborator

Summary

Slice F of docs/specs/crate-layering.md §6 (stacked on #526). The codex-core god crate is dissolved into two honest crates:

  • codex-sandbox (new, 3.1k LOC) — the pure exec engine: process_exec_tool_call, spawn, platform sandbox selection (Seatbelt/Landlock/Windows), env policy application, output encoding/truncation, and the CodexErr/SandboxErr types. No config or auth dependencies; the policy types it consumes live in codex_protocol::config_types (ShellEnvironmentPolicy family hoisted there, same pattern as slice E's Mcp move). Its integration tests (exec/seatbelt/text_encoding) move with it.
  • codex-core (11.3k LOC) — what remains: config/config_loader, auth/token_data, MCP auth helpers, git_info, model metadata, project_doc, features, otel_init. Depends on codex-sandbox (matching the pre-existing call direction: config calls platform-sandbox selection).

Also deleted along the way: TruncationPolicy::new(&Config) plus four uncalled truncate helpers, and TruncationPolicy::mul (clippy trait-confusable, zero callers). Renaming codex-core itself is deferred to a dedicated pass.

Validation

  • cargo check --workspace --all-targets clean; standalone cargo check -p codex-sandbox clean (caught two tokio features masked by workspace unification — the independent-crate payoff working)
  • Workspace test suites green; dedicated e2e 23 suites ok
  • Close-the-loop: elizacp TUI drive + nori sandbox linux -- echo smoke through the moved engine
  • Noridocs: new sandbox/docs.md, updates to core/linux-sandbox/windows-sandbox/cli/tui/protocol/root docs and the README crate table
    🤖 Generated with Nori

Co-Authored-By: Nori contact@tilework.tech

…x-sandbox

New crate codex-sandbox owns exec, exec_env, spawn, safety, sandboxing,
seatbelt (+ policies), landlock, text_encoding, truncate, and error
(CodexErr/SandboxErr). Its integration tests move with it. Policy types
(ShellEnvironmentPolicy*) hoist to codex_protocol::config_types alongside
the Mcp types. codex-core keeps config/auth/model-metadata and now depends
on codex-sandbox (matching the existing call direction); tui, cli,
linux-sandbox, and core_test_support import codex_sandbox directly.
Dead Config-coupled truncate ctor and uncalled helpers deleted.

Slice F of docs/specs/crate-layering.md §6.
@cursor

cursor Bot commented Jul 4, 2026

Copy link
Copy Markdown

Bugbot is not enabled for your account, so this pull request was not reviewed.

Enable Bugbot in the Cursor dashboard to get automatic reviews on future PRs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant