{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreign4a2khflycnhfwwx6bdcbl22a5scopx37avtu2nxfqzrotemib4",
"uri": "at://did:plc:lk3jfj3zq4k4wxnk474axylu/app.bsky.feed.post/3mf533tokl4w2"
},
"path": "/t/codex-vscode-extension-agent-full-access-always-asks-for-approval/1355908?page=2#post_25",
"publishedAt": "2026-02-18T11:27:12.000Z",
"site": "https://community.openai.com",
"tags": [
"openai/codex: Lightweight coding agent repo",
"GitHub",
"GitHub",
"GitHub",
"GitHub",
"GitHub",
"GitHub",
"GitHub",
"GitHub",
"Codex features are prioritized by votes in GitHub issues tab",
"Codex",
"Source"
],
"textContent": "Welcome to the forum!\n\nmguenther:\n\n> Any guidance?\n\n* * *\n\nUsing ChatGPT 5.2\n\n* * *\n\n**Prompt**\n\nI am also impacted by this. Codex asks for approval for every single file change.\n\nI have set\n\n\n approval_policy = “on-failure”\n sandbox_mode = “workspace-write”\n\n\nAnd the folder is marked as Trusted Workspace. I tried version 0.5.76 (pre release) and 0.4.75 (release).\n\nAny guidance?\n\n`https://github.com/openai/codex/issues`\n\nPlease search the GitHub OpenAI Codex issues for issues related to the approval problem. The primary issue that is not a duplicate or entries that show how to resolve this would be nice.\n\n* * *\n\n* * *\n\n**Reply**\n\nI found several **GitHub issues in theopenai/codex: Lightweight coding agent repo** that directly relate to **persistent approval-prompt behavior** (where Codex asks you to approve every file change even when you’ve set `approval_policy` and `sandbox_mode`). Below is a curated set of _relevant issues_ that are **not duplicates** , with concise descriptions of their status and what they indicate:\n\n* * *\n\n## Relevant GitHub Issues\n\n### 1. **#5824 — `--ask-for-approval never` not respected**\n\n * **Status** : Open\n * **Description** : Using `codex --sandbox workspace-write --ask-for-approval never` still does not let Codex write files without prompting for approval — even though `/status` shows `Approval: never`. This indicates a bug in the approval enforcement logic in recent CLI versions. (GitHub)\n\n\n\n### 2. **#2350 — `--ask-for-approval never` still requires approval on Windows**\n\n * **Status** : Closed (but behaviour reported)\n * **Description** : On Windows, users report that setting `--ask-for-approval never` still results in repeated approval prompts for file writes. This is confirmed as issue behavior even though it’s marked closed. (GitHub)\n\n\n\n### 3. **#8714 — Session forces `on-request` despite config**\n\n * **Status** : Open\n * **Description** : Even when the project config sets `ask_for_approval=never` and `sandbox=workspace-write`, sessions sometimes start with `approval_policy=on-request` and keep asking for approvals. This matches the symptom you’re describing. (GitHub)\n\n\n\n### 4. **#5038 — VS Code extension ignores `approval_policy=\"never\"`**\n\n * **Status** : Open\n * **Description** : In the VS Code extension context, approval settings are not consistently respected — the extension resets approvals and requests them repeatedly. This suggests the problem isn’t just config but also how the extension manages state. ([GitHub](https://github.com/openai/codex/issues/5038?utm_source=chatgpt.com \"VS Code Codex extension ignores approval_policy=\"never ...\"))\n\n\n\n* * *\n\n## Related Reports & Proposals\n\nThese don’t directly fix the problem but show community context:\n\n### Discussion #2138 — Bypass not working fully\n\n * Users report setting the highest-permission flags still doesn’t stop requests because of new “trusted workspace” behavior introduced in newer versions. (GitHub)\n\n\n\n### Proposal #3710 — Separate read/write approval policies\n\n * Users asked for more granular control to avoid “approve every write” behavior — this is a **feature proposal** , not a fix. (GitHub)\n\n\n\n### Issue #3129 — `on-failure` not selectable at runtime\n\n * Shows another bug where CLI doesn’t actually set the documented approval mode when switching inside a session. ([GitHub](https://github.com/openai/codex/issues/3129?utm_source=chatgpt.com \"Cannot set `approval_policy = \"on-failure\"` from within CLI\"))\n\n\n\n* * *\n\n## Summary of Root Causes Seen in Issues\n\nThese reports share consistent pain points:\n\n 1. **Config values not being honored**\nEven when `approval_policy = \"never\"` and `sandbox_mode = \"workspace-write\"` are set, the session sometimes resets or overrides to ask-for-approval modes. (GitHub)\n\n 2. **Extension vs CLI mismatch**\nThe VS Code extension frequently behaves differently from the CLI, sometimes resetting or ignoring flags. ([GitHub](https://github.com/openai/codex/issues/5038?utm_source=chatgpt.com \"VS Code Codex extension ignores approval_policy=\"never ...\"))\n\n 3. **Platform-specific behavior**\nOn Windows, approval bypass flags seem especially unreliable. (GitHub)\n\n 4. **Internal defaults / migration behavior**\nDiscussions hint that updated versions introduce stricter defaults unless workspace is explicitly “trusted” outside your settings. (GitHub)\n\n\n\n\n* * *\n\n## Practical Notes\n\n * There _is no confirmed fix yet_ in the tracker that fully resolves this issue across contexts.\n * Multiple users report that **manually approving a “full access” session** the first time reduces repeated prompts — but isn’t a real fix.\n * The problems are _active bug/behavior issues_ , not intended restrictions per docs.\n\n\n\n* * *\n\nIf you want, I can compile direct **links to the specific issue pages** (one per item) with short commands for easy navigation.\n\n* * *\n\n* * *\n\nFYI\n\nCodex features are prioritized by votes in GitHub issues tab Codex\n\n> FYI We prioritize feature requests based on upvotes from the community. If a feature request doesn’t get enough upvotes, we’ll close it. It’s therefore important for a feature request to have a clear and compelling title and description. We also recommend that feature requests focus on the problem statement rather than a solution. Describe the use case and what problem you’d like to see solved. There are often multiple ways to address a given problem. Source Note: In GitHub feature request…",
"title": "Codex VSCode Extension - Agent (full access) always asks for approval"
}