Skip to content

feat: expose a session-scoped permission bridge for external providers#24179

Open
khalilgharbaoui wants to merge 2 commits intoanomalyco:devfrom
khalilgharbaoui:khalil/external-provider-permission-bridge
Open

feat: expose a session-scoped permission bridge for external providers#24179
khalilgharbaoui wants to merge 2 commits intoanomalyco:devfrom
khalilgharbaoui:khalil/external-provider-permission-bridge

Conversation

@khalilgharbaoui
Copy link
Copy Markdown

@khalilgharbaoui khalilgharbaoui commented Apr 24, 2026
edited
Loading

Issue for this PR

Closes N/A

Type of change

  • Bug fix
  • New feature
  • Refactor / code improvement
  • Documentation

What does this PR do?

This PR adds a tiny, generic bridge that lets external providers reuse OpenCode's existing Permission.ask(...) flow.

Concretely:

  • it adds a session-scoped registry on globalThis in packages/opencode/src/provider/external-permission-bridge.ts
  • it registers an entry for the active session in packages/opencode/src/session/llm.ts
  • that entry calls the existing permission service with the current session and ruleset
  • it unregisters the bridge automatically when the stream lifecycle ends

Why this works:

  • built-in providers already run through OpenCode's permission system
  • external providers do not currently have a generic way to hand a provider-initiated permission request back into that same system
  • this bridge exposes the smallest reusable hook possible without changing existing built-in provider behavior

This is intentionally provider-agnostic. A provider still needs to translate its own control/tool protocol into this bridge.

How did you verify your code works?

  • ran local typecheck with Bun on the patched branch
  • verified the branch compiles cleanly after the bridge registration/cleanup changes
  • verified locally with an external-provider prototype that the provider can see the session-scoped bridge and call back into OpenCode's permission flow using the active session context

Screenshots / recordings

N/A — no UI changes in this PR.

Checklist

  • I have tested my changes locally
  • I have not included unrelated changes in this PR

@github-actions github-actions Bot added needs:compliance This means the issue will auto-close after 2 hours. and removed needs:compliance This means the issue will auto-close after 2 hours. labels Apr 24, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 24, 2026

Thanks for updating your PR! It now meets our contributing guidelines. 👍

@khalilgharbaoui khalilgharbaoui force-pushed the khalil/external-provider-permission-bridge branch from 02305bb to 4893a9a Compare April 24, 2026 15:10
@khalilgharbaoui khalilgharbaoui force-pushed the khalil/external-provider-permission-bridge branch from 4893a9a to 5fcf4cc Compare April 24, 2026 15:12
Bojun-Vvibe added a commit to Bojun-Vvibe/oss-contributions that referenced this pull request Apr 24, 2026
@Bojun-Vvibe
reviews(W17 drip-16): opencode bridge + health-check, codex npm-readi…
38315c3 
…ness + thread-store harness

- anomalyco/opencode#24179: session-scoped permission bridge for external providers (merge-after-nits)
- anomalyco/opencode#24162: desktop health-check exponential backoff (request-changes; loopback gate dropped, no_proxy widened)
- openai/codex#19389: npm update prompt readiness gate (merge-after-nits)
- openai/codex#19266: non-local thread-store regression harness (merge-after-nits)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@khalilgharbaoui