aljaz/opencode
1
0
Fork 0
mirror of https://github.com/aljazceru/opencode.git synced 2026-01-07 01:44:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

refactor: whitelist some safe bash tools in Plan agent (#3288)

Browse Source 
Co-authored-by: Aiden Cline <aidenpcline@gmail.com>
This commit is contained in:
Bernat Pericàs
2025-10-24 00:11:08 +02:00
committed by GitHub
parent 4216c1c2a9
commit 4c90bf3e07
1 changed files with 44 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
packages/opencode/src/agent/agent.ts
View File

@@ -51,7 +51,50 @@ export namespace Agent {
const planPermission = mergeAgentPermissions( const planPermission = mergeAgentPermissions(
{ {
edit: "deny", edit: "deny",
bash: "ask", bash: {
"awk -i inplace*": "ask",
"awk --inplace*": "ask",
"awk*": "allow",
"cut*": "allow",
"diff*": "allow",
"du*": "allow",
"file *": "allow",
"find * -delete*": "ask",
"find * -exec*": "ask",
"find * -fprint*": "ask",
"find * -fls*": "ask",
"find * -fprintf*": "ask",
"find * -ok*": "ask",
"find *": "allow",
"git diff*": "allow",
"git log*": "allow",
"git show*": "allow",
"git status*": "allow",
"git branch": "allow",
"git branch -v": "allow",
"grep*": "allow",
"head*": "allow",
"less*": "allow",
"ls*": "allow",
"more*": "allow",
"pwd*": "allow",
"rg*": "allow",
"sed --in-place*": "ask",
"sed -i*": "ask",
"sed -n *": "allow",
"sort --output=*": "ask",
"sort -o *": "ask",
"sort*": "allow",
"stat*": "allow",
"tail*": "allow",
"tree -o *": "ask",
"tree*": "allow",
"uniq*": "allow",
"wc*": "allow",
"whereis*": "allow",
"which*": "allow",
"*": "ask",
},
webfetch: "allow", webfetch: "allow",
}, },
cfg.permission ?? {}, cfg.permission ?? {},