A way to exclude sensitive files · Issue #2847 · openai/codex · GitHub

//voltron/issues_fragments/issue_layout" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

//voltron/issues_fragments/issue_layout;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

Uh oh!

There was an error while loading. Please reload this page.

openai

codex

Public

Notifications<br>You must be signed in to change notification settings

Fork<br>14k

Star<br>94.2k

A way to exclude sensitive files #2847

New issue<br>Copy link

New issue<br>Copy link

Open

Open<br>A way to exclude sensitive files#2847

Copy link

Labels<br>enhancementNew feature or requestNew feature or requestsandboxIssues related to permissions or sandboxingIssues related to permissions or sandboxing

Description

mkusaka<br>opened on Aug 28, 2025

Issue body actions

What feature would you like to see?

A mechanism to explicitly mark files/paths that the agent must not read or send to the model, at both repository and global levels (e.g., a repo-local .codexignore plus a global ignore file).

Example: keep node_modules/ searchable for implementation checks, but never read or send .env, .env.*, .pem, id_, .aws/, .ssh/ .

The configuration should be deterministic and shareable across the team/repo, and also support user defaults, rather than relying on project documentation or conventions.

Are you interested in implementing this feature?

Yes — I can contribute and tests.

Additional information

Related: #205. That issue surfaced two primary use cases: preventing sensitive data from being sent to the model and excluding large/irrelevant files. The issue was closed in favor of a Rust (codex-rs) implementation, but as of 2025-08-28 a comparable feature does not appear to exist in codex-rs. I’d like to restart the discussion and converge on a design.

Reactions are currently unavailable

Metadata<br>Metadata<br>Assignees

No one assigned

Labels

enhancementNew feature or requestNew feature or requestsandboxIssues related to permissions or sandboxingIssues related to permissions or sandboxing

Type

No type

Fields<br>Give feedback

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions

You can’t perform that action at this time.