@openai/codex 0.23.0 → 0.24.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md
CHANGED
|
@@ -383,6 +383,13 @@ base_url = "http://my-ollama.example.com:11434/v1"
|
|
|
383
383
|
|
|
384
384
|
### Platform sandboxing details
|
|
385
385
|
|
|
386
|
+
By default, Codex CLI runs code and shell commands inside a restricted sandbox to protect your system.
|
|
387
|
+
|
|
388
|
+
> [!IMPORTANT]
|
|
389
|
+
> Not all tool calls are sandboxed. Specifically, **trusted Model Context Protocol (MCP) tool calls** are executed outside of the sandbox.
|
|
390
|
+
> This is intentional: MCP tools are explicitly configured and trusted by you, and they often need to connect to **external applications or services** (e.g. issue trackers, databases, messaging systems).
|
|
391
|
+
> Running them outside the sandbox allows Codex to integrate with these external systems without being blocked by sandbox restrictions.
|
|
392
|
+
|
|
386
393
|
The mechanism Codex uses to implement the sandbox policy depends on your OS:
|
|
387
394
|
|
|
388
395
|
- **macOS 12+** uses **Apple Seatbelt** and runs commands using `sandbox-exec` with a profile (`-p`) that corresponds to the `--sandbox` that was specified.
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|