Skip to content

Refactor package metadata and implement auto-approval for permissions #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
gitricko merged 4 commits into from
May 25, 2026
+85 −12
Merged

Refactor package metadata and implement auto-approval for permissions #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
70d2399
Refactor package metadata and implement auto-approval feature in perm…
May 25, 2026
dfda8c2
Cache readApprovalsDisabled result during activate()
Copilot May 25, 2026
eee0c93
Fix YAML parsing to strip inline comments in approvals.mode check
Copilot May 25, 2026
a549f80
Potential fix for pull request finding
gitricko May 25, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 5 additions & 5 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
{
"name": "hermes-ai-agent",
"displayName": "Hermes AI Agent",
"name": "hermes-code-agent",
"displayName": "Hermes Code Agent",
"description": "VS Code sidebar for the Hermes AI agent. Streams chat, runs tools, manages sessions. Multi-model (Claude, Codex). Communicates over ACP.",
"version": "3.0.1",
"version": "3.0.2",
"publisher": "gitricko",
"author": "gitricko",
"license": "MIT",
Expand All @@ -17,7 +17,7 @@
"llm",
"tool use",
"chat",
"hermes",
"hermes-agent",
"acp",
"agent client protocol",
"sidebar chat",
Expand Down Expand Up @@ -67,7 +67,7 @@
"activitybar": [
{
"id": "hermes",
"title": "Hermes Agent",
"title": "Hermes Code Agent",
"icon": "resources/hermes-icon.svg"
}
]
Expand Down
79 changes: 76 additions & 3 deletions src/extension.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,46 @@ function readHermesModel(): { model: string; source: 'env' | 'config' | 'fallbac
return { model: DEFAULT_SONNET_MODEL, source: 'fallback' };
}

function readApprovalsDisabled(): boolean {
// Returns true when ~/.hermes/config.yaml has `approvals.mode: false|off|no`.
try {
const configPath = path.join(os.homedir(), '.hermes', 'config.yaml');
const content = fs.readFileSync(configPath, 'utf8');
const lines = content.split(/\r?\n/);
Comment on lines +59 to +64

let inApprovals = false;
let approvalsIndent = 0;

for (const line of lines) {
if (!line.trim() || line.trimStart().startsWith('#')) continue;

const indent = line.search(/\S/);
const trimmed = line.trim();

if (trimmed === 'approvals:') {
inApprovals = true;
approvalsIndent = indent;
continue;
}
Comment on lines +75 to +79

if (inApprovals) {
if (indent <= approvalsIndent) break;

const modeMatch = trimmed.match(/^mode:\s*(.+)/);
if (modeMatch) {
const rawValue = modeMatch[1].trim();
// Strip trailing inline comment (e.g., "false # comment" → "false")
const value = rawValue.split('#')[0].trim().toLowerCase();
return value === 'false' || value === 'off' || value === 'no';
}
Comment on lines +84 to +90
}
}
} catch {
// Config not accessible — not disabled, show dialog.
}
return false;
}

function readHermesVersion(hermesPath: string): string {
const attempts: string[][] = [['--version'], ['version']];
for (const args of attempts) {
Expand Down Expand Up @@ -235,19 +275,52 @@ export async function activate(context: vscode.ExtensionContext): Promise<void>
setStatus('disconnected');
});

let dangerouslyApproved = false;
const approvalsDisabled = readApprovalsDisabled();

const permissionHandler: PermissionRequestHandler = async (_method, params) => {
Comment thread
gitricko marked this conversation as resolved.
const allowOptionId = optionIdByIntent(params, 'allow');
const denyOptionId = optionIdByIntent(params, 'deny');
const allow = 'Allow Once';

// Approvals disabled via config — auto-allow without dialog.
if (approvalsDisabled) {
outputChannel.appendLine('[security] approvals disabled in config, auto-allowing');
if (allowOptionId) {
return { outcome: 'selected', optionId: allowOptionId };
}
throw new Error('Permission denied: no allow option');
}
Comment on lines +285 to +292
Comment on lines +289 to +292

// Allow Always was clicked earlier — suppress future dialogs.
if (dangerouslyApproved) {
outputChannel.appendLine('[security] allow-always active, auto-allowing');
if (allowOptionId) {
return { outcome: 'selected', optionId: allowOptionId };
}
throw new Error('Permission denied: no allow option');
}

const deny = 'Deny';
const allowOnce = 'Allow Once';
const allowAlways = 'Allow Always';
const choice = await vscode.window.showWarningMessage(
summarizePermissionRequest(params),
{ modal: true },
allow,
deny,
allowOnce,
allowAlways,
);

if (choice === allow && allowOptionId) {
if (choice === allowAlways) {
if (!allowOptionId) {
throw new Error('Permission denied: no allow option');
}
dangerouslyApproved = true;
outputChannel.appendLine('[security] allow-always activated — future requests auto-allowed');
return { outcome: 'selected', optionId: allowOptionId };
}

if (choice === allowOnce && allowOptionId) {
outputChannel.appendLine('[security] permission granted once');
return { outcome: 'selected', optionId: allowOptionId };
}
Expand Down
Loading