aljaz/opencode
1
0
Fork 0
mirror of https://github.com/aljazceru/opencode.git synced 2025-12-19 00:34:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
21b7877bebcd96fab1c204ee4274e50189169366
opencode/packages/web/src/content/docs/permissions.mdx
Aiden Cline 21b7877beb docs: tweak wording
2025-11-17 21:26:46 +00:00

226 lines
4.7 KiB
Plaintext
Raw Blame History

---
title: Permissions
description: Control which actions require approval to run.
---
By default, OpenCode allows most operations without approval, except `doom_loop` and `external_directory` which default to `ask`. You can configure this using the `permission` option.
```json title="opencode.json"
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"edit": "allow",
"bash": "ask",
"webfetch": "deny",
"doom_loop": "ask",
"external_directory": "ask"
}
}
```
This lets you configure granular controls for the `edit`, `bash`, `webfetch`, `doom_loop`, and `external_directory` tools.
- `"ask"` — Prompt for approval before running the tool
- `"allow"` — Allow all operations without approval
- `"deny"` — Disable the tool
---
## Tools
Currently, the permissions for the `edit`, `bash`, `webfetch`, `doom_loop`, and `external_directory` tools can be configured through the `permission` option.
---
### edit
Use the `permission.edit` key to control whether file editing operations require user approval.
```json title="opencode.json" {4}
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"edit": "ask"
}
}
```
---
### bash
You can use the `permission.bash` key to control whether bash commands as a
whole need user approval.
```json title="opencode.json" {4}
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"bash": "ask"
}
}
```
Or, you can target specific commands and set it to `allow`, `ask`, or `deny`.
```json title="opencode.json"
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"bash": {
"git push": "ask",
"git status": "allow",
"git diff": "allow",
"npm run build": "allow",
"ls": "allow",
"pwd": "allow"
}
}
}
```
---
#### Wildcards
You can also use wildcards to manage permissions for specific bash commands.
:::tip
You can use wildcards to manage permissions for specific bash commands.
:::
For example, **disable all** Terraform commands.
```json title="opencode.json" {5}
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"bash": {
"terraform *": "deny"
}
}
}
```
You can also use the `*` wildcard to manage permissions for all commands. For
example, **deny all commands** except a couple of specific ones.
```json title="opencode.json" {5}
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"bash": {
"*": "deny",
"pwd": "allow",
"git status": "ask"
}
}
}
```
Here a specific rule can override the `*` wildcard.
---
##### Glob patterns
The wildcard uses simple regex globbing patterns.
- `*` matches zero or more of any character
- `?` matches exactly one character
- All other characters match literally
---
### webfetch
Use the `permission.webfetch` key to control whether the LLM can fetch web pages.
```json title="opencode.json" {4}
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"webfetch": "ask"
}
}
```
---
### doom_loop
Use the `permission.doom_loop` key to control whether approval is required when a doom loop is detected. A doom loop occurs when the same tool is called 3 times in a row with identical arguments.
This helps prevent infinite loops where the LLM repeatedly attempts the same action without making progress.
```json title="opencode.json" {4}
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"doom_loop": "ask"
}
}
```
---
### external_directory
Use the `permission.external_directory` key to control whether file operations require approval when accessing files outside the working directory.
This provides an additional safety layer to prevent unintended modifications to files outside your project.
```json title="opencode.json" {4}
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"external_directory": "ask"
}
}
```
---
## Agents
You can also configure permissions per agent. Where the agent specific config
overrides the global config. [Learn more](/docs/agents#permissions) about agent permissions.
```json title="opencode.json" {3-7,10-14}
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"bash": {
"git push": "ask"
}
},
"agent": {
"build": {
"permission": {
"bash": {
"git push": "allow"
}
}
}
}
}
```
For example, here the `build` agent overrides the global `bash` permission to
allow `git push` commands.
You can also configure permissions for agents in Markdown.
```markdown title="~/.config/opencode/agent/review.md"
---
description: Code review without edits
mode: subagent
permission:
edit: deny
bash: ask
webfetch: deny
---
Only analyze code and suggest changes.
```
Reference in New Issue View Git Blame Copy Permalink