diff options
| author | Aiden Cline <[email protected]> | 2026-02-17 20:16:55 -0600 |
|---|---|---|
| committer | GitHub <[email protected]> | 2026-02-17 20:16:55 -0600 |
| commit | 25f3eef9570267d3368a74556a830ca62be0f231 (patch) | |
| tree | 4366f8bae5aff618d195272a7207e98e92fcac2b | |
| parent | 0ca75544abe6f9aee28c9bf5d626055a5a5c862f (diff) | |
| download | opencode-25f3eef9570267d3368a74556a830ca62be0f231.tar.gz opencode-25f3eef9570267d3368a74556a830ca62be0f231.zip | |
fix: ensure explore subagent has external_directory perm set to ask instead of auto denying (#14060)
| -rw-r--r-- | packages/opencode/src/agent/agent.ts | 7 | ||||
| -rw-r--r-- | packages/opencode/test/agent/agent.test.ts | 14 |
2 files changed, 18 insertions, 3 deletions
diff --git a/packages/opencode/src/agent/agent.ts b/packages/opencode/src/agent/agent.ts index e338559be..c53ca04e2 100644 --- a/packages/opencode/src/agent/agent.ts +++ b/packages/opencode/src/agent/agent.ts @@ -52,13 +52,13 @@ export namespace Agent { const cfg = await Config.get() const skillDirs = await Skill.dirs() + const whitelistedDirs = [Truncate.GLOB, ...skillDirs.map((dir) => path.join(dir, "*"))] const defaults = PermissionNext.fromConfig({ "*": "allow", doom_loop: "ask", external_directory: { "*": "ask", - [Truncate.GLOB]: "allow", - ...Object.fromEntries(skillDirs.map((dir) => [path.join(dir, "*"), "allow"])), + ...Object.fromEntries(whitelistedDirs.map((dir) => [dir, "allow"])), }, question: "deny", plan_enter: "deny", @@ -142,7 +142,8 @@ export namespace Agent { codesearch: "allow", read: "allow", external_directory: { - [Truncate.GLOB]: "allow", + "*": "ask", + ...Object.fromEntries(whitelistedDirs.map((dir) => [dir, "allow"])), }, }), user, diff --git a/packages/opencode/test/agent/agent.test.ts b/packages/opencode/test/agent/agent.test.ts index 5e91059ff..9f8de04f8 100644 --- a/packages/opencode/test/agent/agent.test.ts +++ b/packages/opencode/test/agent/agent.test.ts @@ -75,6 +75,20 @@ test("explore agent denies edit and write", async () => { }) }) +test("explore agent asks for external directories and allows Truncate.GLOB", async () => { + const { Truncate } = await import("../../src/tool/truncation") + await using tmp = await tmpdir() + await Instance.provide({ + directory: tmp.path, + fn: async () => { + const explore = await Agent.get("explore") + expect(explore).toBeDefined() + expect(PermissionNext.evaluate("external_directory", "/some/other/path", explore!.permission).action).toBe("ask") + expect(PermissionNext.evaluate("external_directory", Truncate.GLOB, explore!.permission).action).toBe("allow") + }, + }) +}) + test("general agent denies todo tools", async () => { await using tmp = await tmpdir() await Instance.provide({ |