clone/opencode
1
0
Fork 0
mirror of https://github.com/anomalyco/opencode.git synced 2026-05-16 09:33:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(tool/read): match permission patterns against worktree-relative path

Browse Source 
Read permission checks now use the same worktree-relative path basis as edit/write/apply_patch, so configured patterns apply consistently.
This commit is contained in:
Kit Langton
2026-05-09 18:46:29 -04:00
committed by GitHub
parent bd1029b19f
commit ba9e4b67ed
2 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
packages/opencode/src/tool/read.ts
View File

@@ -178,7 +178,7 @@ export const ReadTool = Tool.define(
yield* ctx.ask({
permission: "read",
patterns: [filepath],
patterns: [path.relative(instance.worktree, filepath)],
always: ["*"],
metadata: {},
})

15
packages/opencode/test/tool/read.test.ts
View File

@@ -155,11 +155,24 @@ describe("tool.read external_directory permission", () => {
yield* exec(dir, { filePath: alt }, next)
const read = items.find((item) => item.permission === "read")
expect(read).toBeDefined()
expect(read!.patterns).toEqual([full(target)])
expect(read!.patterns).toEqual([path.relative(dir, full(target))])
}),
)
}
it.live("uses worktree-relative path for read permission so user rules match like edit/write", () =>
Effect.gen(function* () {
const dir = yield* tmpdirScoped({ git: true })
yield* put(path.join(dir, "src", "secret.ts"), "shh")
const { items, next } = asks()
yield* exec(dir, { filePath: path.join(dir, "src", "secret.ts") }, next)
const read = items.find((item) => item.permission === "read")
expect(read).toBeDefined()
expect(read!.patterns).toEqual([path.join("src", "secret.ts")])
}),
)
it.live("asks for directory-scoped external_directory permission when reading external directory", () =>
Effect.gen(function* () {
const outer = yield* tmpdirScoped()