Skip to content

feat: add Codex permission profiles#83

Merged
galligan merged 1 commit into
mainfrom
dis-46-discover-app-server-permission-profiles-and-integrate-them
Jul 11, 2026
Merged

feat: add Codex permission profiles#83
galligan merged 1 commit into
mainfrom
dis-46-discover-app-server-permission-profiles-and-integrate-them

Conversation

@galligan

@galligan galligan commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

Context

Closes DIS-46. Dispatch could compose sandbox and approval values, but it could not discover or select Codex permission profiles. That made presets capable of inventing unsupported combinations and left agents without cwd-aware available-choice guidance.

What changed

  • add typed, paginated permissionProfile/list client support and generated protocol-manifest guards
  • persist cwd-scoped profile ids, descriptions, allowed state, source, and freshness in registry schema v20
  • add one authored permissions operation projected to top-level CLI and grouped daemon-read MCP
  • support permission_profile across global/repo defaults, named presets, launch packets, new, fork, initial/follow-up/queued sends, and daemon resume
  • make precedence symmetric: later profiles clear inherited granular policy, while later granular settings clear inherited profiles; same-layer conflicts remain invalid
  • cwd-revalidate persisted profiles before resume and fail closed on disallowed, missing, or older unsupported providers
  • isolate DISPATCH_HOME for every test so global config support cannot read live operator state
  • update README, usage docs, design, ADR, research record, generated manifest, and packaged Dispatch skill

Verification

  • just check: Ruff, format, strict mypy, 575 tests passed / 16 live tests deselected, package build and contents passed
  • targeted real App Server test: paginated the current catalog and applied :read-only to an isolated ephemeral thread without starting a model turn
  • isolated public daemon/CLI smoke: dispatch permissions --json returned :read-only, :workspace, and :danger-full-access, then stopped cleanly
  • derived dispatch permissions --help, dispatch schema permissions, CLI/MCP parity, manifest structural assertions, migration tests, and git diff --check passed
  • paired local review round 2: 5/5 code and 5/5 surface, no open P0-P2 findings

Risks and compatibility

  • profile discovery is stable in App Server 0.144; applying the provider permissions field is experimental and guarded in the generated manifest
  • a persisted profiled lane fails closed and becomes visibly error if a later provider/config no longer allows that profile
  • no release or publish is included

@linear-code

linear-code Bot commented Jul 11, 2026

Copy link
Copy Markdown

DIS-46

Copy link
Copy Markdown
Contributor Author

This stack of pull requests is managed by Graphite. Learn more about stacking.

@galligan galligan marked this pull request as ready for review July 11, 2026 13:48

galligan commented Jul 11, 2026

Copy link
Copy Markdown
Contributor Author

Merge activity

  • Jul 11, 1:49 PM UTC: A user started a stack merge that includes this pull request via Graphite.
  • Jul 11, 1:49 PM UTC: @galligan merged this pull request with Graphite.

@galligan galligan merged commit 6b04a96 into main Jul 11, 2026
5 checks passed

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: bc5d746459

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread src/outfitter/dispatch/core/handlers.py
Comment thread src/outfitter/dispatch/core/launch.py
galligan added a commit that referenced this pull request Jul 11, 2026
## Context

The final cumulative review of the App Server 0.144 adoption stack found five cross-milestone correctness gaps that milestone-local reviews had missed, plus stale hosted review threads and closeout evidence drift. This PR repairs those gaps and keeps the adoption goal active until hosted reconciliation and clean-main proof are complete.

## What changed

- Reconciles topology lifecycle from active and archived App Server pages separately, including cached transitions in both directions.
- Deduplicates capacity windows by provider-limit/window identity and conservatively maps id-less pushes to a named or sole existing limit.
- Makes explicit `sync --full` bypass unchanged/incremental shortcuts and rescan from byte zero.
- Resolves `permissions` cwd in the CLI caller while retaining the generic authored CLI derivation path.
- Moves `new` permission-profile conflicts onto `NewInput`, preserving the shared validation taxonomy across control socket, CLI, and MCP.
- Records the formal amendment that replaces one brittle/costly combined scenario with the checked-in milestone scenario and isolated integration matrix.
- Corrects the release audit: this goal performed no release or publish action, while independent PR #81 merged the 0.8.2 version bump during the execution window.

## Verification

- `just check`: 613 passed / 17 opt-in tests deselected, Ruff, formatting, strict mypy, wheel/sdist, and package-content validation.
- Focused repair/public-surface suite: 215 passed.
- Migration/concurrency suite: 21 passed.
- Post-repair isolated App Server proof: account/capacity, permission profiles, and persisted fork/topology all passed.
- Full-stack code re-review: 5/5 clean, no open P0/P1/P2.
- Full-stack surface re-review: every code/evidence finding fixed; only hosted thread reconciliation remains after this PR is submitted.

## Hosted review reconciliation

This PR fixes the six still-current review threads on merged PRs #78, #79, #82, and #83. Each thread will receive a reply linking this repair, then be resolved before this PR leaves draft.

## Scope

No release or package publish is included. No secrets, remote configuration, or unrelated tracker state are changed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant