summaryrefslogtreecommitdiffhomepage
path: root/packages/web/src/content/docs/permissions.mdx
blob: a0ba5d5d94945b03a4deae5768c65dae87c7f1d9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
---
title: Permissions
description: Control which actions require approval to run.
---

By default, OpenCode **allows all operations** without requiring explicit approval. You can configure this using the `permission` option.

```json title="opencode.json"
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "edit": "allow",
    "bash": "ask",
    "webfetch": "deny"
  }
}
```

This lets you configure granular controls for the `edit`, `bash`, and `webfetch` tools.

- `"ask"` — Prompt for approval before running the tool
- `"allow"` — Allow all operations without approval
- `"deny"` — Disable the tool

---

## Tools

Currently, the permissions for the `edit`, `bash`, and `webfetch` tools can be configured through the `permission` option.

---

### edit

Use the `permission.edit` key to control whether file editing operations require user approval.

```json title="opencode.json" {4}
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "edit": "ask"
  }
}
```

---

### bash

You can use the `permission.bash` key to control whether bash commands as a
whole need user approval.

```json title="opencode.json" {4}
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": "ask"
  }
}
```

Or, you can target specific commands and set it to `allow`, `ask`, or `deny`.

```json title="opencode.json"
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": {
      "git push": "ask",
      "git status": "allow",
      "git diff": "allow",
      "npm run build": "allow",
      "ls": "allow",
      "pwd": "allow"
    }
  }
}
```

---

#### Wildcards

You can also use wildcards to manage permissions for specific bash commands.

:::tip
You can use wildcards to manage permissions for specific bash commands.
:::

For example, **disable all** Terraform commands.

```json title="opencode.json" {5}
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": {
      "terraform *": "deny"
    }
  }
}
```

You can also use the `*` wildcard to manage permissions for all commands. For
example, **deny all commands** except a couple of specific ones.

```json title="opencode.json" {5}
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": {
      "*": "deny",
      "pwd": "allow",
      "git status": "ask"
    }
  }
}
```

Here a specific rule can override the `*` wildcard.

---

##### Glob patterns

The wildcard uses simple regex globbing patterns.

- `*` matches zero or more of any character
- `?` matches exactly one character
- All other characters match literally

---

### webfetch

Use the `permission.webfetch` key to control whether the LLM can fetch web pages.

```json title="opencode.json" {4}
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "webfetch": "ask"
  }
}
```

---

## Agents

You can also configure permissions per agent. Where the agent specific config
overrides the global config. [Learn more](/docs/agents#permissions) about agent permissions.

```json title="opencode.json" {3-7,10-14}
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": {
      "git push": "ask"
    }
  },
  "agent": {
    "build": {
      "permission": {
        "bash": {
          "git push": "allow"
        }
      }
    }
  }
}
```

For example, here the `build` agent overrides the global `bash` permission to
allow `git push` commands.

You can also configure permissions for agents in Markdown.

```markdown title="~/.config/opencode/agent/review.md"
---
description: Code review without edits
mode: subagent
permission:
  edit: deny
  bash: ask
  webfetch: deny
---

Only analyze code and suggest changes.
```