| ▲ | simonw 5 days ago | |
Yeah, I got excited about that option a while back but was put off by the fact that Apple's (minimal) documentation say sandbox-exec is deprecated. | ||
| ▲ | fzzzy 5 days ago | parent | next [-] | |
OpenAI's Codex CLI uses it on macOS. It's in typescript but maybe I'll take a look at what they do and port it to python. [edit] looks really simple, except I'll have to look into how their raw-exec takes care of writeableRoots: https://github.com/openai/codex/blob/0d6a98f9afa8697e57b9bae... [edit2] lol raw-exec doesn't do anything at all with writeableRoots, it's handled in the fullPolicy (from scopedWritePolicy) | ||
| ▲ | fzzzy 5 days ago | parent | prev [-] | |
I cleaned up the output of asking Gemini 2.5 Pro to rewrite it in python, and it seems to work well: https://gist.github.com/fzzzy/319d6cbbdfff9c340d0e9c362247ae... | ||