Skip to content

feat: enforce marketplace restrictions at plugin entry points#21459

Open
viyatb-oai wants to merge 1 commit intocodex/viyatb/managed-plugin-core-requirementsfrom
codex/viyatb/managed-plugin-entrypoints
Open

feat: enforce marketplace restrictions at plugin entry points#21459
viyatb-oai wants to merge 1 commit intocodex/viyatb/managed-plugin-core-requirementsfrom
codex/viyatb/managed-plugin-entrypoints

Conversation

@viyatb-oai
Copy link
Copy Markdown
Collaborator

@viyatb-oai viyatb-oai commented May 7, 2026
edited
Loading

Why

The core plugin manager can reject disallowed marketplaces, but enterprise policy also needs to hold at the entry points that add marketplaces or call remote plugin APIs. Those paths are where a user or automation would otherwise keep widening the local state.

What changed

  • Added a config-aware marketplace add helper that rejects user additions when managed requirements disable them.
  • Routed CLI, app-server, and external-agent import flows through the managed add/install checks.
  • Filtered remote marketplace reads, skill reads, installs, and listings against the managed allowlist, including the backend-resolved marketplace returned by plugin detail fetches.
  • Updated the remote plugin skill-read fixture for the detail lookup now required before reading skill contents.

Example config.toml

With the managed requirements stack applied, an approved marketplace can still appear in user config.toml like this:

[features]
plugins = true

[marketplaces.approved-marketplace]
source_type = "git"
source = "https://github.com/example/approved-marketplace.git"

There is intentionally no user-writable allowed_sources key in config.toml; skill-source restrictions are enforced only from managed requirements.

Verification

  • Added regression coverage for blocking managed marketplace additions in codex-rs/core-plugins/src/marketplace_add.rs.
  • Updated app-server remote skill-read coverage in codex-rs/app-server/tests/suite/v2/plugin_read.rs.

Stack

This was referenced May 7, 2026
Open
Open
Open
Merged
@viyatb-oai viyatb-oai force-pushed the codex/viyatb/managed-plugin-core-requirements branch from 8c02e63 to 9a5c49d Compare May 7, 2026 02:07
@viyatb-oai viyatb-oai force-pushed the codex/viyatb/managed-plugin-entrypoints branch from 5285721 to d6f1e19 Compare May 7, 2026 02:07
@viyatb-oai viyatb-oai mentioned this pull request May 7, 2026
Open
@viyatb-oai viyatb-oai force-pushed the codex/viyatb/managed-plugin-core-requirements branch from 9a5c49d to c251553 Compare May 7, 2026 02:20
@viyatb-oai viyatb-oai requested a review from a team as a code owner May 7, 2026 02:20
@viyatb-oai viyatb-oai force-pushed the codex/viyatb/managed-plugin-entrypoints branch from d6f1e19 to 9b4c779 Compare May 7, 2026 02:20
@viyatb-oai viyatb-oai changed the title feat: enforce managed plugin entrypoints feat: enforce marketplace restrictions at plugin entry points May 7, 2026
@github-actions github-actions Bot mentioned this pull request May 7, 2026
Open
@viyatb-oai viyatb-oai force-pushed the codex/viyatb/managed-plugin-core-requirements branch from c251553 to 641f65a Compare May 7, 2026 02:36
@viyatb-oai viyatb-oai force-pushed the codex/viyatb/managed-plugin-entrypoints branch from 9b4c779 to 294f4f9 Compare May 7, 2026 02:36
@viyatb-oai
feat: enforce managed plugin entrypoints
c7e7818 
Co-authored-by: Codex noreply@openai.com
@viyatb-oai viyatb-oai force-pushed the codex/viyatb/managed-plugin-entrypoints branch from 294f4f9 to c7e7818 Compare May 7, 2026 02:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@viyatb-oai