Enable terminal commands to run freely in Autopilot and Bypass Approvals modes#304236
Merged
meganrogge merged 11 commits intomainfrom Mar 23, 2026
Merged
Enable terminal commands to run freely in Autopilot and Bypass Approvals modes#304236meganrogge merged 11 commits intomainfrom
Autopilot and Bypass Approvals modes#304236meganrogge merged 11 commits intomainfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the runInTerminal chat tool so that when a user is in Autopilot or Bypass Approvals mode, terminal commands are not gated by the terminal tool’s auto-approve rules/denials (they should run freely based on the elevated chat permission level). It also adjusts copy in the permission picker dialogs to clarify that terminal commands will run without confirmation.
Changes:
- Skip the terminal auto-approve analyzer when chat permission level is Autopilot/Bypass Approvals.
- Remove the previous “deny early / circuit-break” behavior for auto-approve-denied commands.
- Update permission picker strings and add/update unit tests.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| src/vs/workbench/contrib/terminalContrib/chatAgentTools/browser/tools/runInTerminalTool.ts | Bypasses terminal auto-approve analyzer in Autopilot/Bypass Approvals modes; removes early-deny/circuit-break flow. |
| src/vs/workbench/contrib/terminalContrib/chatAgentTools/browser/tools/commandLineAnalyzer/commandLineAutoApproveAnalyzer.ts | Adjusts session-wide auto-approval handling and removes denial-details plumbing. |
| src/vs/workbench/contrib/terminalContrib/chatAgentTools/browser/tools/commandLineAnalyzer/commandLineAnalyzer.ts | Removes denialDetails from the analyzer result shape. |
| src/vs/workbench/contrib/terminalContrib/chatAgentTools/browser/runInTerminalToolTelemetry.ts | Updates telemetry typing to drop the session reason. |
| src/vs/workbench/contrib/chat/browser/widget/input/permissionPickerActionItem.ts | Updates mode descriptions/warnings to explicitly mention terminal commands running without confirmation. |
| src/vs/workbench/contrib/terminalContrib/chatAgentTools/test/electron-browser/runInTerminalTool.test.ts | Updates session auto-approval tests and adds coverage for Autopilot/Bypass Approvals behavior. |
| src/vs/workbench/contrib/terminalContrib/chatAgentTools/test/browser/commandLineAutoApproveAnalyzer.test.ts | Adds a new unit test for analyzer behavior when sub-command parsing yields an empty list. |
DonJayamanne
previously approved these changes
Mar 23, 2026
…r/tools/commandLineAnalyzer/commandLineAutoApproveAnalyzer.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
justschen
approved these changes
Mar 23, 2026
Tyriar
reviewed
Mar 23, 2026
Comment on lines
+653
to
+657
| const isSessionAutoApproved = chatSessionResource && this._isSessionAutoApproveLevel(chatSessionResource); | ||
| const commandLineAnalyzers = isSessionAutoApproved | ||
| ? this._commandLineAnalyzers.filter(e => !(e instanceof CommandLineAutoApproveAnalyzer)) | ||
| : this._commandLineAnalyzers; | ||
| const commandLineAnalyzerResults = await Promise.all(commandLineAnalyzers.map(e => e.analyze(commandLineAnalyzerOptions))); |
Contributor
There was a problem hiding this comment.
An alternative way to handle this is to make a new analyzer that forces auto approval depending on the settings like with the sandbox one:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Reverts #300824 which fixed eval issues by returning early from the tool if a denied command was attempted. This caused issues like #303174, where commands were disallowed vs prompted for.
Now, we will skip the
auto approvalfeature/system when a user is inAutopilotorBypass Approvalsmode so terminal commands run freely.Also specifies "terminal commands" in
Autopilotdialog (Bypass Approvalsalready had this).Address #303174 in main. This will be a candidate.