diff --git a/packages/opencode/src/cli/cmd/run.ts b/packages/opencode/src/cli/cmd/run.ts index f3781f1abd8..b4fb8158205 100644 --- a/packages/opencode/src/cli/cmd/run.ts +++ b/packages/opencode/src/cli/cmd/run.ts @@ -538,7 +538,6 @@ export const RunCommand = cmd({ if (event.type === "permission.asked") { const permission = event.properties - if (permission.sessionID !== sessionID) continue UI.println( UI.Style.TEXT_WARNING_BOLD + "!", UI.Style.TEXT_NORMAL + diff --git a/packages/opencode/src/session/prompt.ts b/packages/opencode/src/session/prompt.ts index 75bd3c9dfac..47880230030 100644 --- a/packages/opencode/src/session/prompt.ts +++ b/packages/opencode/src/session/prompt.ts @@ -173,8 +173,9 @@ export namespace SessionPrompt { }) } if (permissions.length > 0) { - session.permission = permissions - await Session.setPermission({ sessionID: session.id, permission: permissions }) + const merged = PermissionNext.merge(session.permission ?? [], permissions) + session.permission = merged + await Session.setPermission({ sessionID: session.id, permission: merged }) } if (input.noReply === true) { diff --git a/packages/opencode/src/tool/task.ts b/packages/opencode/src/tool/task.ts index 8c8cf827aba..c034be10793 100644 --- a/packages/opencode/src/tool/task.ts +++ b/packages/opencode/src/tool/task.ts @@ -63,6 +63,9 @@ export const TaskTool = Tool.define("task", async (ctx) => { const hasTaskPermission = agent.permission.some((rule) => rule.permission === "task") + const parent = await Session.get(ctx.sessionID).catch(() => undefined) + const inherited = (parent?.permission ?? []).filter((r) => r.action === "deny") + const session = await iife(async () => { if (params.task_id) { const found = await Session.get(params.task_id).catch(() => {}) @@ -73,6 +76,7 @@ export const TaskTool = Tool.define("task", async (ctx) => { parentID: ctx.sessionID, title: params.description + ` (@${agent.name} subagent)`, permission: [ + ...inherited, { permission: "todowrite", pattern: "*",