feat(tui): add --dangerously-skip-permissions flag#1542
Open
wqymi wants to merge 3 commits into
Open
Conversation
Mirror `mimo run --dangerously-skip-permissions` in TUI mode. The flag sets MIMOCODE_DANGEROUSLY_SKIP_PERMISSIONS, which injects an allow-all base ruleset UNDER the user's permission config so every tool auto-approves unless the user explicitly denied it. Denies still win, matching the run flag's semantics.
…ssions Add a startup gate mirroring Claude Code's bypass-permissions warning: when the TUI is launched with --dangerously-skip-permissions, show a red warning and require an explicit accept before auto-approving all permission checks. The gate is skipped when there is no TTY so automation still works, and adds an extra root warning when running as uid 0. Adds en/zh i18n strings.
Add ja/fr/ru translations for the bypass-permissions warning (en/zh already present), document the flag in the builtin mimocode skill (permissions.md and commands.md), and add a README section (en + zh) explaining the flag, its allow-all-under-deny semantics, the startup confirmation, and its risks.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
--dangerously-skip-permissionsto TUI mode (the defaultmimo [project]command), mirroring the existingmimo run --dangerously-skip-permissionsflag.MIMOCODE_DANGEROUSLY_SKIP_PERMISSIONS, whichconfig.tsuses to inject an allow-all base ruleset under the user'spermissionconfig — so every tool auto-approves unless the user explicitly denied it. Explicitdenyrules still win, matching the run flag's "auto-approve permissions that are not explicitly denied" semantics.Changes
flag.ts: newMIMOCODE_DANGEROUSLY_SKIP_PERMISSIONStruthy env flag.config.ts: when set,mergeDeep({ "*": "allow" }, userPermission)so user rules (incl. denies) win.tui/thread.ts: new--dangerously-skip-permissionsyargs option; interactive startup gate viapromptDangerousPermissions(); sets the env var (post-accept) before the worker spawns so it propagates viasanitizedProcessEnv.i18n/en.ts+i18n/zh.ts:skip_permissions.*warning strings.thread.test.ts: extend the args fixture with the new option.cli.mdx: document the flag (also backfilled the previously-undocumented--never-askand--trust).Verification
bun run typecheck— clean (also enforced by the pre-push hook, 12/12 tasks).bun test test/cli/tui/thread.test.ts— 2 pass.{ bash: "deny" }user config →bashevaluates todeny,edittoallow.Notes
mimo run(which auto-replies to each permission prompt), the TUI version works by config injection, reusing the server-side permission evaluator. Consequence: a user's explicitdenyrules are still honored (the safer reading of "not explicitly denied").mimo runflag behavior is intentionally left unchanged.