Make terminal permission pattern suggestions subcommand-specific#49148
Merged
eholk merged 2 commits intozed-industries:mainfrom Feb 18, 2026
Merged
Make terminal permission pattern suggestions subcommand-specific#49148eholk merged 2 commits intozed-industries:mainfrom
eholk merged 2 commits intozed-industries:mainfrom
Conversation
b957771 to
ef11322
Compare
Previously, clicking "Always allow for `cargo` commands" after running
`cargo build --release` would also silently permit `cargo run` (arbitrary
code execution), `cargo publish`, and any other cargo subcommand. This was
overly broad and did not match user intent.
Now the extracted pattern includes the subcommand when present, so the
button reads "Always allow for `cargo build` commands" and the pattern
`^cargo\s+build\b` only matches `cargo build` invocations — not
`cargo test`, `cargo run`, etc.
How it works:
- The second token is included in the pattern when it looks like a
subcommand (alphanumeric, hyphens, underscores, no leading `-`).
- When the second token is a flag (e.g. `ls -la`), only the command name
is used — the user sees "Always allow for `ls` commands".
- Single-word commands and path-like commands behave the same as before.
Examples:
cargo build --release -> ^cargo\s+build\b ("cargo build" commands)
cargo test -p search -> ^cargo\s+test\b ("cargo test" commands)
npm install -> ^npm\s+install\b ("npm install" commands)
ls -la -> ^ls\b ("ls" commands)
./script.sh -> (rejected)
Release Notes:
- Agent: "Always allow" suggestions for terminal commands are now
subcommand-specific (e.g. "Always allow for `cargo build` commands"
instead of "Always allow for `cargo` commands").
ef11322 to
af5a560
Compare
github-actions bot
pushed a commit
that referenced
this pull request
Feb 18, 2026
� I can now see the relevant commits. Let me generate the documentation update summary based on the Phase 6 format: ## Documentation Update Summary ### Changes Made | File | Change | Related Code | | --- | --- | --- | | docs/src/ai/external-agents.md | Removed "resuming threads from history" from unavailable features list for Gemini CLI, Claude Agent, and Codex | PR #49449 (b4baea8) - Enable history for external agents | | docs/src/ai/tool-permissions.md | Added documentation for subcommand-specific permission patterns in terminal commands | PR #49148 (d60b291) - Make terminal permission pattern suggestions subcommand-specific | | docs/src/configuring-languages.md | Formatting fix - removed extra blank line in Storage Location list | PR #49177 (6daa541) - Apply documentation standards | | docs/src/development.md | Formatting fix - removed extra blank lines in numbered list items | PR #49177 (6daa541) - Apply documentation standards | | docs/src/extensions/themes.md | Formatting fix - removed extra blank lines between numbered list items and their content | PR #49177 (6daa541) - Apply documentation standards | | docs/src/languages/r.md | Formatting fix - removed extra blank line in extension list | PR #49177 (6daa541) - Apply documentation standards | | docs/src/reference/all-settings.md | Formatting fix - removed extra blank line in preview tabs description list | PR #49177 (6daa541) - Apply documentation standards | | docs/src/vim.md | Formatting fix - removed extra blank line in text objects section | PR #49177 (6daa541) - Apply documentation standards | ### Rationale These documentation updates were triggered by two code changes: 1. **External agent history feature** (PR #49449): External agents (Gemini CLI, Claude Agent, Codex) now support resuming threads from history, so this was removed from the "not yet available" features list in the external-agents documentation. 2. **Subcommand-specific terminal permissions** (PR #49148): Terminal tool permission patterns now include subcommands (e.g., `cargo build` instead of just `cargo`), providing more granular permission control. Documentation was updated to explain this behavior to users. 3. **Documentation formatting standards** (PR #49177): Several files had inconsistent formatting with extra blank lines in numbered/bulleted lists that were cleaned up to match Prettier/mdBook standards. ### Review Notes - The external-agents.md changes are content updates reflecting new feature availability - reviewers should verify the history feature is indeed working for all three external agent types - The tool-permissions.md change adds clarification for existing behavior - the example uses `cargo build` as a concrete illustration - The remaining files (configuring-languages.md, development.md, extensions/themes.md, languages/r.md, reference/all-settings.md, vim.md) contain only formatting fixes with no semantic changes - All changes follow the documentation conventions in `docs/AGENTS.md` Triggered by: pr 48957 Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
github-actions bot
pushed a commit
that referenced
this pull request
Feb 18, 2026
� Now I have a clear picture. Let me generate the documentation update summary: ## Documentation Update Summary ### Changes Made | File | Change | Related Code | | --- | --- | --- | | `docs/src/ai/external-agents.md` | Updated thread history availability notes for Gemini CLI, Claude Agent, and Codex—clarifying that thread history is now available for Claude Agent and Codex, while Gemini CLI depends on ACP capabilities | PR #49449 (`acp: Enable history for external agents for all users`) | | `docs/src/ai/tool-permissions.md` | Added new "Subcommand-Specific Patterns" section explaining how terminal permission patterns extract subcommands (e.g., `cargo build` vs `cargo test`) | PR #49148 (`Make terminal permission pattern suggestions subcommand-specific`) | | `docs/src/configuring-languages.md` | Removed unnecessary blank line before Storage Location list | PR #49177 (`docs: Apply documentation standards`) | | `docs/src/development.md` | Removed unnecessary blank lines in workflow steps | PR #49177 (`docs: Apply documentation standards`) | | `docs/src/extensions/themes.md` | Removed unnecessary blank lines after numbered list items | PR #49177 (`docs: Apply documentation standards`) | | `docs/src/languages/r.md` | Removed unnecessary blank line in extension list | PR #49177 (`docs: Apply documentation standards`) | | `docs/src/reference/all-settings.md` | Removed unnecessary blank line before list in preview tabs description | PR #49177 (`docs: Apply documentation standards`) | | `docs/src/vim.md` | Removed unnecessary blank line before list in text objects section | PR #49177 (`docs: Apply documentation standards`) | ### Rationale These documentation updates fall into two categories: 1. **Feature documentation updates**: The external agents and tool permissions changes reflect actual code changes that modified user-facing behavior: - Thread history was enabled for external agents (Claude Agent, Codex) in PR #49449 - Terminal permission patterns now extract subcommands for more granular control in PR #49148 2. **Formatting standardization**: Several files had inconsistent blank line usage around numbered lists with sub-items. These were normalized to follow consistent markdown formatting without unnecessary blank lines. ### Review Notes - **Thread history wording**: The external-agents.md changes distinguish between agents that fully support thread history (Claude Agent, Codex) and Gemini CLI which depends on its ACP implementation. Reviewers should verify this distinction is accurate. - **Subcommand patterns table**: The new section in tool-permissions.md includes a table showing example patterns. Verify the regex patterns (`^cargo\s+build\b`, etc.) match the actual implementation in the codebase. - **Formatting changes**: The blank line removals are purely cosmetic and shouldn't affect rendered output—they simply align with the project's markdown standards. Triggered by: pr 48999 Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Previously, clicking "Always allow for
cargocommands" after runningcargo build --releasewould also silently permitcargo run(arbitrary code execution),cargo publish, and any other cargo subcommand. This was overly broad and did not match user intent.Now the extracted pattern includes the subcommand when present, so the button reads "Always allow for
cargo buildcommands" and the pattern^cargo\s+build\bonly matchescargo buildinvocations — notcargo test,cargo run, etc.How it works
-).ls -la), only the command name is used — the user sees "Always allow forlscommands".Examples
cargo build --release^cargo\s+build\bcargo buildcommandscargo test -p search^cargo\s+test\bcargo testcommandsnpm install^npm\s+install\bnpm installcommandsls -la^ls\blscommandsls^ls\blscommands./script.shRelease Notes:
cargo buildcommands" instead of "Always allow forcargocommands").