fix(codex): handle remote request_user_input approvals#382
Open
lwc-alex wants to merge 1 commit intotiann:mainfrom
Open
fix(codex): handle remote request_user_input approvals#382lwc-alex wants to merge 1 commit intotiann:mainfrom
lwc-alex wants to merge 1 commit intotiann:mainfrom
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Findings
- [Major] Explicit deny for
request_user_inputis downgraded to cancel.handleUserInputRequest()rejects the non-accept path, and this launcher catch always returns{ decision: 'cancel' }, so Telegram or any genericdenyPermission()caller can never propagatedeclineback to Codex. The same path also records the completed request as canceled instead of denied incli/src/codex/utils/permissionHandler.ts. This changes user-visible behavior for deny actions instead of only fixing the hang. Evidence:cli/src/codex/codexRemoteLauncher.ts:519,cli/src/codex/utils/permissionHandler.ts:168,hub/src/telegram/callbacks.ts:90.
Suggested fix:type UserInputApproval = | { decision: 'accept'; answers: RequestUserInputAnswers } | { decision: 'decline' | 'cancel'; reason?: string } const result = await permissionHandler.handleUserInputRequest(id, input) return result.decision === 'accept' ? result : { decision: result.decision }
Summary
- Review mode: initial
- 1 major finding. Main risk is that explicit deny paths for remote
request_user_inputprompts no longer behave like deny; they are collapsed into cancel/abort semantics instead.
Testing
- Not run (automation environment missing
bun;bun x vitest ...andbun run typecheckboth failed with/bin/bash: bun: command not found)
HAPI Bot
| const message = error instanceof Error ? error.message : String(error); | ||
| logger.debug(`[Codex] request_user_input failed: ${message}`); | ||
| return { | ||
| decision: 'cancel' |
There was a problem hiding this comment.
[MAJOR] Explicit deny is being collapsed to cancel here. handleUserInputRequest() rejects every non-accept outcome, and this catch hard-codes { decision: 'cancel' }, so Telegram or any other denyPermission() caller never returns decline to Codex. The same path is then finalized as canceled instead of denied in cli/src/codex/utils/permissionHandler.ts:168, which changes the behavior of real deny actions rather than only fixing the hang.
Suggested fix:
type UserInputApproval =
| { decision: 'accept'; answers: RequestUserInputAnswers }
| { decision: 'decline' | 'cancel'; reason?: string }
const result = await permissionHandler.handleUserInputRequest(id, input)
return result.decision === 'accept'
? result
: { decision: result.decision }
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix remote Codex sessions hanging/canceling on
request_user_inputtool approvals.Root cause:
codexRemoteLauncherregisters app-server permission handlers withoutonUserInputRequestappServerPermissionAdapterfalls back tocancelforitem/tool/requestUserInputThis patch wires
request_user_inputinto the existing Codex remote permission flow and adds focused tests.Validated with:
bun x vitest run src/codex/utils/permissionHandler.test.ts src/codex/utils/appServerPermissionAdapter.test.ts src/codex/codexRemoteLauncher.test.tsbun run typecheck