Skip to content

Commit 3a12a7a

Browse files
vincentkocvincentkoc
committed
test(live): tolerate codex ask-back preflight refusal
1 parent 6587832 commit 3a12a7a

1 file changed

Lines changed: 12 additions & 3 deletions

File tree

src/gateway/gateway-codex-harness.live.test.ts

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -376,11 +376,13 @@ function findGuardianReviewStatus(events: CapturedAgentEvent[]): "approved" | "d
376376
function assertGuardianReviewCompleted(params: {
377377
events: CapturedAgentEvent[];
378378
label: string;
379+
requireEvents?: boolean;
379380
}): CapturedAgentEvent | undefined {
380381
const completedEvents = params.events.filter(
381382
(event) => event.data?.phase === "completed" && event.data?.status,
382383
);
383-
if (completedEvents.length === 0 && !CODEX_HARNESS_REQUIRE_GUARDIAN_EVENTS) {
384+
const requireEvents = params.requireEvents ?? CODEX_HARNESS_REQUIRE_GUARDIAN_EVENTS;
385+
if (completedEvents.length === 0 && !requireEvents) {
384386
return undefined;
385387
}
386388
expect(
@@ -441,13 +443,20 @@ async function verifyCodexGuardianProbe(params: {
441443
const review = assertGuardianReviewCompleted({
442444
events: deniedResult.events,
443445
label: "ask-back probe",
446+
requireEvents: false,
444447
});
445448
// The approve/deny call is Codex policy-owned and may change independently.
446-
// OpenClaw's contract here is that Guardian mode reaches Codex app-server and
447-
// projects the structured review lifecycle back onto the agent event bus.
449+
// OpenClaw's strict projection contract is covered by the allow probe above.
450+
// Riskier prompts may be refused or ask back before Codex creates a review
451+
// event, depending on current policy/model behavior.
448452
if (review?.data?.status === "denied") {
449453
expect(deniedResult.text).toContain(askBackToken);
450454
expect(deniedResult.text.toLowerCase()).toMatch(/approv|permission|guardian|reject|denied/);
455+
} else if (!review) {
456+
expect(deniedResult.text).toContain(askBackToken);
457+
expect(deniedResult.text.toLowerCase()).toMatch(
458+
/approv|permission|guardian|reject|denied|block|cannot|can't/,
459+
);
451460
}
452461
expect(deniedResult.text.trim().length).toBeGreaterThan(0);
453462
}

0 commit comments

Comments
 (0)