/goal continuation uses stale permission context after permissions changes

[2c67cc18]

What issue are you seeing?

/goal can start autonomous continuation with an older core permission context after the TUI permission mode has changed.

Observed effect: permission prompts can appear during goal continuation even after selecting Full Access, or approval routing can remain user-facing after selecting Auto-review.

A fresh session with Full Access or Auto-review as the default can work, which points to stale runtime permission state after an in-session permission change.

What steps can reproduce the bug?

1. Start Codex with the goals feature enabled.
2. In the TUI, change permissions to Full Access or Auto-review.
3. Set a goal with /goal <objective>.
4. Let goal continuation start work that would otherwise trigger a permission or approval path.
5. Observe that continuation can use the previous approval policy, reviewer, or permission profile.

What is the expected behavior?

/goal continuation should use the current TUI permission context:

• current approval policy
• current approvals reviewer
• current permission profile
• current active permission profile

Additional information

Root-cause hypothesis: thread/goal/set carries goal fields only, while turn/start carries permission context through turn-context overrides. When /goal activates a goal and immediately starts continuation, core can continue from stale session settings.

Reference patch branch:
main...2c67cc18:codex:fix-goal-permission-context

Local verification for the patch:
RUSTUP_TOOLCHAIN=stable cargo check -p codex-core -p codex-app-server -p codex-tui passed.

[github-actions]

Potential duplicates detected. Please review them and close your issue if it is a duplicate.

• Previously-existing sessions with full access require approvals #21839

Powered by Codex Action