- Add full CRUD dialog for viewing/editing/creating/deleting permissions
- Add 'View permissions' command to command palette
- Add backend CRUD operations: approved(), remove(), update(), add()
- Add API endpoints: GET/DELETE/PUT/POST /permission/approved
- Contextual help tips for file patterns and bash wildcards
- Keybindings: tab/shift-tab for tabs, up/down for actions, e/n/d for edit/new/delete
- Regenerate SDK with new permission endpoints

- Add unified permissions dialog showing all sources (default, global, project, session)
- Add full CRUD for project and global permissions with inline confirmation
- Add permission.all() API to fetch permissions from all sources with metadata
- Add project/global permission config file writers
- Add debug command to inspect permission hierarchy
- Enforce binary permissions (*-only pattern) at project/global level
- Hide internal permissions (todowrite, todoread, lsp) from UI
- Remove 'Other' tab, keeping only File, Execute, Network, External tabs

API endpoints:
- GET /permission/all - fetch all permissions with source metadata
- PUT/DELETE /permission/project - manage project config
- PUT/DELETE /permission/global - manage global config (~/.config/opencode/opencode.json)

UI features:
- Source badges: [default], [global], [project], (none for session)
- Inline confirmation preserves dialog state
- Ctrl+P to cycle source when creating: session → project → global
- Binary permissions auto-lock pattern to '*' at project/global level
- Clear warnings for global changes (affects ALL projects)