Skip to content

feat: add bypass permission feature #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Cedriccmh wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: add bypass permission feature #6

Cedriccmh wants to merge 1 commit into from

Conversation

@Cedriccmh
Copy link

@Cedriccmh Cedriccmh commented Nov 15, 2025
edited by sourcery-ai bot
Loading

Summary / 摘要

This PR wires a new "Bypass Permission" mode that allows Claude to execute tools and apply edits without requesting user confirmation.

此 PR 连接了"绕过权限"模式,允许 Claude 在不请求用户确认的情况下执行工具和应用编辑。

Changes / 变更内容

  • Configuration: Added claudix.initialPermissionMode setting to allow users to set their preferred default permission mode

  • Permission Modes: Extended permission mode options to include bypassPermissions

  • UI Updates: Added "Bypass" mode button with warning icon in the mode selector dropdown

  • Session Management: Implemented automatic application of initial permission mode for new sessions

  • Service Layer: Enabled allowDangerouslySkipPermissions flag in Claude SDK service

  • Git Ignore: Added .augment/ directory to .gitignore

  • 配置选项:添加 claudix.initialPermissionMode 设置,允许用户设置首选的默认权限模式

  • 权限模式:扩展权限模式选项,包含 bypassPermissions

  • UI 更新:在模式选择下拉菜单中添加带警告图标的"Bypass"模式按钮

  • 会话管理:为新会话实现初始权限模式的自动应用

  • 服务层:在 Claude SDK 服务中启用 allowDangerouslySkipPermissions 标志

  • Git 忽略:将 .augment/ 目录添加到 .gitignore

Modified Files / 修改的文件

Usage / 使用方法

  1. Open VSCode settings (Ctrl+, or Cmd+,)
  2. Search for "Claudix: Initial Permission Mode"
  3. Select your preferred initialization mode:
    • default: Ask for permission on each tool use
    • acceptEdits: Automatically accept edit operations
    • plan: Plan mode for task planning
    • bypassPermissions: ⚠️ WARNING - Skip all permission prompts

Toggle between modes using the mode selector in the chat interface.

  1. 打开 VSCode 设置 (Ctrl+,Cmd+,)
  2. 搜索 "Claudix: Initial Permission Mode"
  3. 选择你偏好的初始模式:
    • default: 每次工具使用时请求权限
    • acceptEdits: 自动接受编辑操作
    • plan: 任务规划的计划模式
    • bypassPermissions: ⚠️ 警告 - 跳过所有权限提示

在聊天界面中使用模式选择器在模式之间切换。

Summary by Sourcery

Enable a new bypass permission feature by adding a configurable initialPermissionMode setting, updating session initialization, service, and transport layers, and enhancing the UI to support a warning-enabled Bypass mode that skips all confirmation prompts

New Features:

  • Introduce bypassPermissions mode to skip all permission prompts and automatically execute tool calls and edits
  • Add claudix.initialPermissionMode setting to configure and persist the default permission mode for new Claude sessions

Enhancements:

  • Automatically apply the configured initial permission mode in new sessions and track manual changes
  • Extend init response handling and transport logic to include the initialPermissionMode state
  • Update chat UI mode selector and toggle cycle to include a Bypass option with a warning icon
  • Enable allowDangerouslySkipPermissions flag in the Claude SDK service

Chores:

  • Add .augment/ directory to .gitignore

@sourcery-ai
Copy link

sourcery-ai bot commented Nov 15, 2025
edited
Loading

Reviewer's Guide

This PR introduces a new “bypassPermissions” mode by adding a default configuration setting, propagating it through initialization and transport layers, extending the UI and session logic to support it, enabling the dangerous skip flag in the SDK service, and updating the ignore list.

Sequence diagram for session initialization with initialPermissionMode

sequenceDiagram
  participant User
  participant VSCode
  participant Webview
  participant Session
  participant ClaudeSdkService
  User->>VSCode: Open new session
  VSCode->>Webview: Pass initialPermissionMode config
  Webview->>Session: Initialize session
  Session->>ClaudeSdkService: Launch Claude with permissionMode
  ClaudeSdkService->>Session: Session ready (permissions mode applied)
  Session->>User: Session starts with selected permission mode
Loading

Entity relationship diagram for permission mode configuration

erDiagram
  PACKAGE_JSON ||--o| SESSION : "sets initialPermissionMode"
  SESSION ||--o| CLAUDE_SDK_SERVICE : "passes permissionMode"
  SESSION ||--o| INIT_RESPONSE : "receives initialPermissionMode"
  INIT_RESPONSE {
    string modelSetting
    string platform
    string thinkingLevel
    string initialPermissionMode
  }
Loading

Class diagram for updated Session and InitResponse types

classDiagram
  class Session {
    - hasExplicitlySetPermissionMode: boolean
    + setPermissionMode(mode: PermissionMode, applyToConnection: boolean): Promise<boolean>
  }
  class InitResponse {
    + modelSetting: string
    + platform: string
    + thinkingLevel: string
    + initialPermissionMode: PermissionMode
  }
  Session --> InitResponse : uses initialPermissionMode
Loading

Class diagram for updated ClaudeSdkService

classDiagram
  class ClaudeSdkService {
    + allowDangerouslySkipPermissions: boolean
  }
Loading

File-Level Changes

Change Details Files
Add initialPermissionMode configuration and propagate it through init and transport
  • Define claudix.initialPermissionMode in package.json
  • Fetch initialPermissionMode in handleInit
  • Extend InitResponse to include initialPermissionMode
  • Pass initialPermissionMode via BaseTransport
 package.json
src/services/claude/handlers/handlers.ts
src/shared/messages.ts
src/webview/src/transport/BaseTransport.ts
Extend permission mode enum and UI for bypassPermissions
  • Add bypassPermissions to permission mode enum and toggle order
  • Add Bypass mode button with warning icon in ModeSelect
  • Update computed label and icon for bypassPermissions
  • Include bypassPermissions in ChatPage toggle sequence
 src/webview/src/components/ModeSelect.vue
src/webview/src/pages/ChatPage.vue
Implement auto-application of initial permission mode in Session
  • Introduce hasExplicitlySetPermissionMode flag
  • Apply initialPermissionMode on session start if not explicitly set
  • Set flag when user manually changes mode
 src/webview/src/core/Session.ts
Enable unsafe skip permissions in Claude SDK service
  • Set allowDangerouslySkipPermissions flag to true
 src/services/claude/ClaudeSdkService.ts
Ignore augmentation artifacts
  • Add .augment/ directory to .gitignore
 .gitignore
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

sourcery-ai[bot]
sourcery-ai bot reviewed Nov 15, 2025
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey there - I've reviewed your changes and found some issues that need to be addressed.

  • In ClaudeSdkService, tie allowDangerouslySkipPermissions to the active permissionMode instead of unconditionally enabling it to avoid unintended bypassing.
  • Centralize permission mode constants into a shared enum and generate UI options/toggle order from it to reduce string duplication and improve maintainability.
Prompt for AI Agents 
Please address the comments from this code review:

## Overall Comments
- In ClaudeSdkService, tie allowDangerouslySkipPermissions to the active permissionMode instead of unconditionally enabling it to avoid unintended bypassing.
- Centralize permission mode constants into a shared enum and generate UI options/toggle order from it to reduce string duplication and improve maintainability.

## Individual Comments

### Comment 1
<location> `src/services/claude/ClaudeSdkService.ts:129` </location>
<code_context>
             model: modelParam,
             permissionMode: permissionModeParam,
             maxThinkingTokens: maxThinkingTokens,
+            allowDangerouslySkipPermissions: true,

             // CanUseTool 回调
</code_context>

<issue_to_address>
**🚨 issue (security):** Hardcoding 'allowDangerouslySkipPermissions: true' may introduce security risks.

Link this flag to the relevant permission mode or configuration to prevent unintended permission bypass.
</issue_to_address>

### Comment 2
<location> `src/webview/src/pages/ChatPage.vue:286` </location>
<code_context>
     const s = session.value;
     if (!s) return;
-    const order: PermissionMode[] = ['default', 'acceptEdits', 'plan'];
+    const order: PermissionMode[] = ['default', 'acceptEdits', 'plan', 'bypassPermissions'];
     const cur = (s.permissionMode.value as PermissionMode) ?? 'default';
     const idx = Math.max(0, order.indexOf(cur));
</code_context>

<issue_to_address>
**suggestion (bug_risk):** Including 'bypassPermissions' in the toggle order may lead to accidental selection.

Consider adding a confirmation prompt or removing 'bypassPermissions' from the toggle sequence to reduce the risk of accidental activation.
</issue_to_address>
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Cedriccmh