Skip to content

refactor: consolidate permission boundaries into permission.ask hook#29

Merged
chriswritescode-dev merged 7 commits into
mainfrom
refactor/permission-boundaries
May 21, 2026
Merged

refactor: consolidate permission boundaries into permission.ask hook#29
chriswritescode-dev merged 7 commits into
mainfrom
refactor/permission-boundaries

Conversation

@chriswritescode-dev
Copy link
Copy Markdown
Owner

@chriswritescode-dev chriswritescode-dev commented May 21, 2026

Summary

Loops are autonomous and cannot answer permission prompts. The previous approach patched subagent session permissions after session.created fired, which had race conditions and mutated session state for observability only.

This PR replaces it with a synchronous decision at opencode's permission.ask plugin hook. The policy is consolidated into a pure evaluatePermissionRuleset helper so the loop's session-level ruleset and the new hook agree by construction.

It also unifies plan title and loop name extraction into a single metadata helper, allows editing the loop name from the execute plan dialog, and adds model variant storage migration.

Changes

  • Permission boundariesevaluatePermissionRuleset(rules, request) returning allow/deny/ask; createLoopPermissionAskHook factory; remove old session.update patcher path and PATCHED_SESSIONS cache.
  • Plan metadata — unified plan title/loop name extraction into single helper; loop name editing from execute plan dialog.
  • Model variants — DB migration 131_add_loop_model_variants.sql; tui-models.ts helpers; extended execute plan panel for variant state.
  • Housekeeping — bump version to 0.4.6; refresh README/docs.

Tests

  • Unit + integration tests for evaluatePermissionRuleset and createLoopPermissionAskHook.
  • Tests for tui-models helpers, tui-client variants, plan execution, sandbox tools.
  • Removed redundant patcher tests.

Verification

  • bun run typecheck — clean
  • bun run lint — pre-existing warnings only
  • Tree byte-identical to original 7-commit branch (verified via diff against backup ref)

@chriswritescode-dev
refactor: consolidate permission boundaries into permission.ask hook
cef444f 
Loops are autonomous and cannot answer permission prompts. The previous
approach patched subagent session permissions after session.created
fired, which had race conditions and mutated session state for
observability only. Replace it with a synchronous decision at opencode's
permission.ask plugin hook so the loop's session ruleset and the hook
agree by construction.

Permission boundaries
- Add evaluatePermissionRuleset(rules, request) returning allow/deny/ask
  by finding the last matching rule (mirrors opencode session-level
  semantics)
- Add createLoopPermissionAskHook factory that resolves the active loop
  via sessionLoopResolver and sets output.status based on
  buildLoopPermissionRuleset()
- Wire 'permission.ask' into the plugin hooks in src/index.ts
- Remove createLoopPermissionRejectHook patching path and PATCHED_SESSIONS
  cache; drop redundant patcher tests, add unit and integration tests for
  the new hook

Plan metadata + loop name editing
- Unify plan title and loop name extraction into a single metadata helper
- Allow editing the loop name from the execute plan dialog, persisting
  through tui-execution-preferences and loops-repo
- Add migration 131_add_loop_model_variants.sql for model variant storage

Housekeeping
- Bump version to 0.4.6
- Refresh README, docs/api, docs/architecture, docs/modules to match
- Add tui-models helpers and tui-client variants tests
@chriswritescode-dev
docs: update architecture and loop system documentation for permissio…
7893ce7 
…n boundaries refactor
@chriswritescode-dev
docs: update API documentation and media assets
f6a5de2
@chriswritescode-dev
refactor: remove unused showLoops config option from TuiConfig
5974b85
@chriswritescode-dev
refactor: remove dead code and shrink barrel exports
61ec388 
- Delete unused src/utils/plan-patch.ts and src/utils/session-stats.ts
- Remove unused zod and @opentui/keymap dependencies
- Drop unused exports: truncateMiddle, formatDuration (format.ts),
  resolveCurrentGitBranch, fetchLoopByName
- Shrink barrel re-exports in src/loop/index.ts, src/storage/index.ts,
  src/hooks/index.ts; consumers import from source modules directly
- Drop LOOP_BLOCKED_TOOLS and extractPlanTitle re-exports in plan-approval.ts
- Drop unused Phase type alias in src/loop/state.ts
- Drop ModelUsage and LoopSessionOutput re-exports in loop-format.ts
- Add test/utils/tui-client-variants.test.ts to vitest include
  so buildPromptModelSelection coverage actually runs
- Update docs/modules.md to drop references to deleted files

Reduces fallow dead-code findings from 127 to 67.
@chriswritescode-dev
refactor: remove dead test files and update bun test ignore patterns
c559080
@chriswritescode-dev
refactor: add bash tool module and refactor permission boundaries
484034b
@chriswritescode-dev chriswritescode-dev merged commit 4266931 into main May 21, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chriswritescode-dev