feat(run-events): symmetric auto-approve telemetry for skipPermissions (F8)#11
Closed
tesdal wants to merge 1 commit intophase-ab-basefrom
Closed
feat(run-events): symmetric auto-approve telemetry for skipPermissions (F8)#11tesdal wants to merge 1 commit intophase-ab-basefrom
tesdal wants to merge 1 commit intophase-ab-basefrom
Conversation
…ssions Previously skipPermissions=true silently replied 'once' to every permission.asked event with no counter and no JSON event. Operators running --dangerously-skip-permissions had no audit trail of what the agent was allowed to do. Adds symmetric autoApprovedPermissions stat and 'auto-approve' JSON event mirroring the existing 'auto-reject' telemetry shape. Addresses audit finding F8 (Opus diamond review, 2026-04-22).
|
Thanks for your contribution! This PR doesn't have a linked issue. All PRs must reference an existing issue. Please:
See CONTRIBUTING.md for details. |
There was a problem hiding this comment.
Pull request overview
Addresses audit finding F8 by adding symmetric telemetry for the skipPermissions=true auto-approve path, so operators using --dangerously-skip-permissions get an explicit audit trail of auto-approved permission requests.
Changes:
- Add
autoApprovedPermissionstoRunEventsstats tracking. - Emit a new
"auto-approve"JSON telemetry event when a permission is auto-approved viaskipPermissions=true. - Add a test asserting both the stats increment and JSON event emission for the auto-approve path.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| packages/opencode/src/cli/cmd/run-events.ts | Adds autoApprovedPermissions stat and emits "auto-approve" JSON events on the skipPermissions permission auto-approve branch. |
| packages/opencode/test/cli/run-events.test.ts | Adds coverage verifying the new stat and JSON telemetry event are produced when skipPermissions=true and jsonMode=true. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Owner
Author
|
F8 review complete. Copilot R1 clean (no comments). Diamond approved with nits applied. Merging into local/integration-v2. |
tesdal
added a commit
that referenced
this pull request
Apr 27, 2026
PR: #11 (closed, review-only) Diamond: codex-5.3 APPROVED_WITH_COMMENTS + Opus APPROVED_WITH_NITS (applied) Copilot: R1 clean (no comments)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Audit finding F8:
skipPermissions=truesilently replied"once"to everypermission.askedevent with no counter and no JSON event. Operators running--dangerously-skip-permissionshad no audit trail of what the agent was allowed to do.This adds symmetric
autoApprovedPermissionsstat and"auto-approve"JSON event mirroring the existing"auto-reject"telemetry shape.Design notes
bumpApproveis intentionally separate frombump: approve count does not feed the livelock-warn threshold (operators opted into skipPermissions; conflating would create false positives).Statsshape change: onlyrun-events.tsand tests reference these fields, no external consumers.Diamond review
Verification
Base branch
Targets
phase-ab-base(notdev) to keep diff scoped to this finding only. Base lags upstreamdevby design — refreshed at start of each task fromlocal/integration-v2.This PR is review-only — Copilot feedback is iterated; PR will be closed without merge and the branch merged via `--no-ff` into the local integration branch.