Respect terminal auto-approve setting in Agent Host default permissions#322633
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds agent-host root-config plumbing to ensure shell auto-approval respects VS Code’s chat.tools.terminal.enableAutoApprove setting while preserving session-level “Bypass Approvals” behavior.
Changes:
- Introduces a new agent-host root-config key (
terminalAutoApproveEnabled) and forwards the VS Code setting ID (chat.tools.terminal.enableAutoApprove) from local + remote agent-host clients. - Gates default-mode shell auto-approval in
SessionPermissionManager.getAutoApproval()on the forwarded root-config key, while keeping session bypass (SessionConfigKey.AutoApprove=autoApprove) authoritative. - Adds coverage for both the forwarding behavior (remote client connect) and default-vs-bypass shell permission behavior.
Show a summary per file
| File | Description |
|---|---|
| src/vs/platform/agentHost/common/agentHostSchema.ts | Adds the new root-config key + setting ID constant and registers it in platformRootSchema with default true. |
| src/vs/platform/agentHost/electron-browser/localAgentHostService.ts | Forwards terminal auto-approve enablement on connect and on configuration changes for the local agent-host client. |
| src/vs/platform/agentHost/browser/remoteAgentHostProtocolClient.ts | Forwards terminal auto-approve enablement on connect and on configuration changes for the remote agent-host client (connected-state gated). |
| src/vs/platform/agentHost/node/sessionPermissions.ts | Gates shell auto-approval on the forwarded root-config value in default permission mode, preserving session bypass precedence. |
| src/vs/platform/agentHost/test/node/sessionPermissions.test.ts | Adds tests covering default-mode shell behavior vs disabled root-config and confirms bypass mode still auto-approves. |
| src/vs/platform/agentHost/test/electron-browser/remoteAgentHostProtocolClient.test.ts | Extends handshake test to assert forwarding of the new root-config key. |
Copilot's findings
- Files reviewed: 6/6 changed files
- Comments generated: 1
rzhao271
approved these changes
Jun 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Part of: #322112
chat.tools.terminal.enableAutoApprove.SessionConfigKey.AutoApprovestill auto-approves shell requests even when terminal auto-approve is disabled.Inspirations from:
AgentHostSessionSyncEnabledConfigKey.RemoteAgentHostProtocolClient._updateSessionSyncEnabled.LocalAgentHostServiceClient._updateSessionSyncEnabled.SessionPermissionManager.getAutoApproval.SessionPermissionManager.isSessionAutoApproveEnabled.