@codemcp/ade 0.2.4 → 0.2.6

package/packages/harnesses/src/writers/roo-code.spec.ts

@@ -10,47 +10,7 @@ import type {
 import { rooCodeWriter } from "./roo-code.js";
 
 function autonomyPolicy(profile: AutonomyProfile): PermissionPolicy {
-  switch (profile) {
-    case "rigid":
-      return {
-        profile,
-        capabilities: {
-          read: "ask",
-          edit_write: "ask",
-          search_list: "ask",
-          bash_safe: "ask",
-          bash_unsafe: "ask",
-          web: "ask",
-          task_agent: "ask"
-        }
-      };
-    case "sensible-defaults":
-      return {
-        profile,
-        capabilities: {
-          read: "allow",
-          edit_write: "allow",
-          search_list: "allow",
-          bash_safe: "allow",
-          bash_unsafe: "ask",
-          web: "ask",
-          task_agent: "allow"
-        }
-      };
-    case "max-autonomy":
-      return {
-        profile,
-        capabilities: {
-          read: "allow",
-          edit_write: "allow",
-          search_list: "allow",
-          bash_safe: "allow",
-          bash_unsafe: "allow",
-          web: "ask",
-          task_agent: "allow"
-        }
-      };
-  }
+  return { profile };
 }
 
 describe("rooCodeWriter", () => {
@@ -174,7 +134,7 @@ describe("rooCodeWriter", () => {
       await readFile(join(rigidRoot, ".roo", "mcp.json"), "utf-8")
     );
 
-    expect(rigidModes.customModes.ade.groups).toEqual(["mcp"]);
+    expect(rigidModes.customModes.ade.groups).toEqual(["read", "mcp"]);
     expect(defaultsModes.customModes.ade.groups).toEqual([
       "read",
       "edit",

package/packages/harnesses/src/writers/roo-code.ts

@@ -1,5 +1,5 @@
 import { join } from "node:path";
-import type { LogicalConfig } from "@codemcp/ade-core";
+import type { AutonomyProfile, LogicalConfig } from "@codemcp/ade-core";
 import type { HarnessWriter } from "../types.js";
 import {
   readJsonOrEmpty,
@@ -9,7 +9,10 @@ import {
   writeGitHooks,
   writeJson
 } from "../util.js";
-import { allowsCapability, hasPermissionPolicy } from "../permission-policy.js";
+import {
+  getAutonomyProfile,
+  hasPermissionPolicy
+} from "../permission-policy.js";
 
 export const rooCodeWriter: HarnessWriter = {
   id: "roo-code",
@@ -48,7 +51,10 @@ async function writeRooModes(
         name: "ADE",
         roleDefinition:
           "ADE — Agentic Development Environment mode generated by ADE.",
-        groups: getRooModeGroups(config),
+        groups: getRooModeGroups(
+          getAutonomyProfile(config),
+          config.mcp_servers.length > 0
+        ),
         source: "project"
       }
     }
@@ -61,11 +67,20 @@ function asRecord(value: unknown): Record<string, unknown> {
     : {};
 }
 
-function getRooModeGroups(config: LogicalConfig): string[] {
-  return [
-    ...(allowsCapability(config, "read") ? ["read"] : []),
-    ...(allowsCapability(config, "edit_write") ? ["edit"] : []),
-    ...(allowsCapability(config, "bash_unsafe") ? ["command"] : []),
-    ...(config.mcp_servers.length > 0 ? ["mcp"] : [])
-  ];
+function getRooModeGroups(
+  profile: AutonomyProfile | undefined,
+  hasMcpServers: boolean
+): string[] {
+  const mcpGroup = hasMcpServers ? ["mcp"] : [];
+
+  switch (profile) {
+    case "rigid":
+      return ["read", ...mcpGroup];
+    case "sensible-defaults":
+      return ["read", "edit", ...mcpGroup];
+    case "max-autonomy":
+      return ["read", "edit", "command", ...mcpGroup];
+    default:
+      return ["read", "edit", "command", ...mcpGroup];
+  }
 }

package/packages/harnesses/src/writers/universal.spec.ts

@@ -10,47 +10,7 @@ import type {
 import { universalWriter } from "./universal.js";
 
 function autonomyPolicy(profile: AutonomyProfile): PermissionPolicy {
-  switch (profile) {
-    case "rigid":
-      return {
-        profile,
-        capabilities: {
-          read: "ask",
-          edit_write: "ask",
-          search_list: "ask",
-          bash_safe: "ask",
-          bash_unsafe: "ask",
-          web: "ask",
-          task_agent: "ask"
-        }
-      };
-    case "sensible-defaults":
-      return {
-        profile,
-        capabilities: {
-          read: "allow",
-          edit_write: "allow",
-          search_list: "allow",
-          bash_safe: "allow",
-          bash_unsafe: "ask",
-          web: "ask",
-          task_agent: "allow"
-        }
-      };
-    case "max-autonomy":
-      return {
-        profile,
-        capabilities: {
-          read: "allow",
-          edit_write: "allow",
-          search_list: "allow",
-          bash_safe: "allow",
-          bash_unsafe: "allow",
-          web: "ask",
-          task_agent: "allow"
-        }
-      };
-  }
+  return { profile };
 }
 
 describe("universalWriter", () => {

package/packages/harnesses/src/writers/universal.ts

@@ -1,40 +1,16 @@
 import { join } from "node:path";
 import { writeFile } from "node:fs/promises";
-import type {
-  AutonomyCapability,
-  LogicalConfig,
-  PermissionDecision
-} from "@codemcp/ade-core";
+import type { AutonomyProfile, LogicalConfig } from "@codemcp/ade-core";
 import type { HarnessWriter } from "../types.js";
 import { writeMcpServers, writeGitHooks } from "../util.js";
-
-const CAPABILITY_ORDER: AutonomyCapability[] = [
-  "read",
-  "edit_write",
-  "search_list",
-  "bash_safe",
-  "bash_unsafe",
-  "web",
-  "task_agent"
-];
-
-function formatCapabilityGuidance(
-  capability: AutonomyCapability,
-  decision: PermissionDecision
-): string {
-  return `- \`${capability}\`: ${decision}`;
-}
+import { getAutonomyProfile } from "../permission-policy.js";
 
 function renderAutonomyGuidance(config: LogicalConfig): string | undefined {
-  const policy = config.permission_policy;
-  if (!policy) {
+  const profile = getAutonomyProfile(config);
+  if (!profile) {
     return undefined;
   }
 
-  const capabilityLines = CAPABILITY_ORDER.map((capability) =>
-    formatCapabilityGuidance(capability, policy.capabilities[capability])
-  );
-
   return [
     "## Autonomy",
     "",
@@ -42,15 +18,53 @@ function renderAutonomyGuidance(config: LogicalConfig): string | undefined {
     "",
     "Treat this autonomy profile as documentation-only guidance for built-in/basic operations.",
     "",
-    `Profile: \`${policy.profile}\``,
+    `Profile: \`${profile}\``,
     "",
-    "Built-in/basic capability guidance:",
-    ...capabilityLines,
+    ...getUniversalProfileGuidance(profile),
     "",
     "MCP permissions are not re-modeled by autonomy here; any MCP approvals must come from provisioning-aware consuming harnesses rather than the Universal writer."
   ].join("\n");
 }
 
+function getUniversalProfileGuidance(profile: AutonomyProfile): string[] {
+  const header = "Built-in/basic capability guidance:";
+  switch (profile) {
+    case "rigid":
+      return [
+        header,
+        "- `read`: allow",
+        "- `edit_write`: ask",
+        "- `search_list`: ask",
+        "- `bash_safe`: ask",
+        "- `bash_unsafe`: ask",
+        "- `web`: ask",
+        "- `task_agent`: ask"
+      ];
+    case "sensible-defaults":
+      return [
+        header,
+        "- `read`: allow",
+        "- `edit_write`: allow",
+        "- `search_list`: allow",
+        "- `bash_safe`: allow",
+        "- `bash_unsafe`: ask",
+        "- `web`: ask",
+        "- `task_agent`: allow"
+      ];
+    case "max-autonomy":
+      return [
+        header,
+        "- `read`: allow",
+        "- `edit_write`: allow",
+        "- `search_list`: allow",
+        "- `bash_safe`: allow",
+        "- `bash_unsafe`: allow",
+        "- `web`: ask",
+        "- `task_agent`: allow"
+      ];
+  }
+}
+
 export const universalWriter: HarnessWriter = {
   id: "universal",
   label: "Universal (AGENTS.md + .mcp.json)",

package/packages/harnesses/src/writers/windsurf.spec.ts

@@ -95,7 +95,10 @@ describe("windsurfWriter", () => {
     expect(rigidRules).toContain("Windsurf limitation:");
     expect(rigidRules).toContain("advisory only");
     expect(rigidRules).toContain(
-      "Ask before: read files, edit and write files, search and list files, safe local shell commands, unsafe local shell commands, web and network access, task or agent delegation."
+      "May proceed without extra approval: read files."
+    );
+    expect(rigidRules).toContain(
+      "Ask before: edit and write files, search and list files, safe local shell commands, unsafe local shell commands, web and network access, task or agent delegation."
     );
 
     expect(sensibleRules).toContain("Windsurf limitation:");
@@ -134,45 +137,5 @@ describe("windsurfWriter", () => {
 function autonomyPolicy(
   profile: "rigid" | "sensible-defaults" | "max-autonomy"
 ): LogicalConfig["permission_policy"] {
-  switch (profile) {
-    case "rigid":
-      return {
-        profile,
-        capabilities: {
-          read: "ask",
-          edit_write: "ask",
-          search_list: "ask",
-          bash_safe: "ask",
-          bash_unsafe: "ask",
-          web: "ask",
-          task_agent: "ask"
-        }
-      };
-    case "sensible-defaults":
-      return {
-        profile,
-        capabilities: {
-          read: "allow",
-          edit_write: "allow",
-          search_list: "allow",
-          bash_safe: "allow",
-          bash_unsafe: "ask",
-          web: "ask",
-          task_agent: "allow"
-        }
-      };
-    case "max-autonomy":
-      return {
-        profile,
-        capabilities: {
-          read: "allow",
-          edit_write: "allow",
-          search_list: "allow",
-          bash_safe: "allow",
-          bash_unsafe: "allow",
-          web: "ask",
-          task_agent: "allow"
-        }
-      };
-  }
+  return { profile };
 }

package/packages/harnesses/src/writers/windsurf.ts

@@ -1,5 +1,5 @@
 import { join } from "node:path";
-import type { AutonomyCapability, LogicalConfig } from "@codemcp/ade-core";
+import type { AutonomyProfile, LogicalConfig } from "@codemcp/ade-core";
 import type { HarnessWriter } from "../types.js";
 import {
   writeMcpServers,
@@ -7,7 +7,10 @@ import {
   writeRulesFile,
   writeGitHooks
 } from "../util.js";
-import { hasPermissionPolicy } from "../permission-policy.js";
+import {
+  getAutonomyProfile,
+  hasPermissionPolicy
+} from "../permission-policy.js";
 
 export const windsurfWriter: HarnessWriter = {
   id: "windsurf",
@@ -32,58 +35,38 @@ function getWindsurfRules(config: LogicalConfig): string[] {
     return config.instructions;
   }
 
-  const { capabilities } = config.permission_policy!;
-  const allow = listCapabilities(capabilities, "allow");
-  const ask = listCapabilities(capabilities, "ask");
-  const deny = listCapabilities(capabilities, "deny");
-
   const autonomyGuidance = [
     "Windsurf limitation: ADE could not verify a stable committed project-local permission schema for Windsurf built-in tools, so this autonomy policy is advisory only and should be applied conservatively.",
-    formatGuidance(allow, ask, deny)
+    getWindsurfProfileGuidance(getAutonomyProfile(config))
   ];
 
   return [...autonomyGuidance, ...config.instructions];
 }
 
-function listCapabilities(
-  capabilities: NonNullable<LogicalConfig["permission_policy"]>["capabilities"],
-  decision: "ask" | "allow" | "deny"
-): string[] {
-  return (Object.entries(capabilities) as Array<[AutonomyCapability, string]>)
-    .filter(([, value]) => value === decision)
-    .map(([capability]) => CAPABILITY_LABELS[capability]);
-}
-
-function formatGuidance(
-  allow: string[],
-  ask: string[],
-  deny: string[]
+function getWindsurfProfileGuidance(
+  profile: AutonomyProfile | undefined
 ): string {
-  const lines = ["Autonomy guidance for Windsurf built-in capabilities:"];
-
-  if (allow.length > 0) {
-    lines.push(`- May proceed without extra approval: ${allow.join(", ")}.`);
-  }
-
-  if (ask.length > 0) {
-    lines.push(`- Ask before: ${ask.join(", ")}.`);
+  const header = "Autonomy guidance for Windsurf built-in capabilities:";
+  switch (profile) {
+    case "rigid":
+      return [
+        header,
+        "- May proceed without extra approval: read files.",
+        "- Ask before: edit and write files, search and list files, safe local shell commands, unsafe local shell commands, web and network access, task or agent delegation."
+      ].join("\n");
+    case "sensible-defaults":
+      return [
+        header,
+        "- May proceed without extra approval: read files, edit and write files, search and list files, safe local shell commands, task or agent delegation.",
+        "- Ask before: unsafe local shell commands, web and network access."
+      ].join("\n");
+    case "max-autonomy":
+      return [
+        header,
+        "- May proceed without extra approval: read files, edit and write files, search and list files, safe local shell commands, unsafe local shell commands, task or agent delegation.",
+        "- Ask before: web and network access."
+      ].join("\n");
+    default:
+      return `${header} follow project conventions.`;
   }
-
-  if (deny.length > 0) {
-    lines.push(
-      `- Do not use unless the user explicitly overrides: ${deny.join(", ")}.`
-    );
-  }
-
-  return lines.join("\n");
 }
-
-const CAPABILITY_LABELS: Record<AutonomyCapability, string> = {
-  read: "read files",
-  edit_write: "edit and write files",
-  search_list: "search and list files",
-  bash_safe: "safe local shell commands",
-  bash_unsafe: "unsafe local shell commands",
-  web: "web and network access",
-  task_agent: "task or agent delegation"
-};