@gotgenes/pi-permission-system 3.4.0 → 3.5.0

package/CHANGELOG.md

@@ -5,6 +5,23 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.5.0](https://github.com/gotgenes/pi-permission-system/compare/v3.4.0...v3.5.0) (2026-05-03)
+
+
+### Features
+
+* deprecate doom_loop special permission key ([68e70e7](https://github.com/gotgenes/pi-permission-system/commit/68e70e71b68e5a76a071ef4613da356a91080158))
+* remove doom_loop from type union and config-loader ([bf2f288](https://github.com/gotgenes/pi-permission-system/commit/bf2f2886a800187337e82954e812e6d05e9bd451))
+
+
+### Documentation
+
+* add architecture documents for current and target permission model ([aab1ac5](https://github.com/gotgenes/pi-permission-system/commit/aab1ac50c4478d2e393c2a796bf6fcc4ec606f79))
+* plan doom_loop deprecation ([#54](https://github.com/gotgenes/pi-permission-system/issues/54)) ([2e730f5](https://github.com/gotgenes/pi-permission-system/commit/2e730f52189dd2996ebbe90dd5d2b3206a45d1f6))
+* plan handler extraction from piPermissionSystemExtension ([#42](https://github.com/gotgenes/pi-permission-system/issues/42)) ([6ecd419](https://github.com/gotgenes/pi-permission-system/commit/6ecd4190fb9a60009eb695b4998ab8a1d1419139))
+* remove doom_loop from schema, example, and README ([7f422e0](https://github.com/gotgenes/pi-permission-system/commit/7f422e086f0052e0d9449dbd0122c57b923b053d))
+* **retro:** add retro notes for issue [#45](https://github.com/gotgenes/pi-permission-system/issues/45) ([14c5559](https://github.com/gotgenes/pi-permission-system/commit/14c55595c5abfaa51f8ec83369452db5f457836c))
+
 ## [3.4.0](https://github.com/gotgenes/pi-permission-system/compare/v3.3.0...v3.4.0) (2026-05-03)
 
 

package/README.md

@@ -137,7 +137,7 @@ The config file combines runtime knobs and permission policy in one object:
   "bash": { "git status": "allow", "git *": "ask" },
   "mcp": { "mcp_status": "allow" },
   "skills": { "*": "ask" },
-  "special": { "doom_loop": "deny", "external_directory": "ask" }
+  "special": { "external_directory": "ask" }
 }
 ```
 
@@ -353,13 +353,11 @@ Reserved permission checks:
 
 | Key                  | Description                                                                                                                                                                   |
 | -------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `doom_loop`          | Controls doom loop detection behavior                                                                                                                                         |
 | `external_directory` | Enforces ask/allow/deny decisions for path-bearing tools and bash commands that reference paths outside the active working directory                                          |
 
 ```jsonc
 {
   "special": {
-    "doom_loop": "deny",
     "external_directory": "ask",
   },
 }

package/config/config.example.json

@@ -27,7 +27,6 @@
     "*": "ask"
   },
   "special": {
-    "doom_loop": "deny",
     "external_directory": "ask"
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gotgenes/pi-permission-system",
-  "version": "3.4.0",
+  "version": "3.5.0",
   "description": "Permission enforcement extension for the Pi coding agent.",
   "type": "module",
   "files": [

package/schemas/permissions.schema.json

@@ -60,8 +60,8 @@
           "default": "ask"
         },
         "special": {
-          "description": "Default permission for special checks (doom_loop, external_directory) when no explicit rule matches.",
-          "markdownDescription": "Default permission for special checks (`doom_loop`, `external_directory`) when no explicit rule matches.",
+          "description": "Default permission for special checks (external_directory) when no explicit rule matches.",
+          "markdownDescription": "Default permission for special checks (`external_directory`) when no explicit rule matches.",
           "$ref": "#/$defs/permissionState",
           "default": "ask"
         }
@@ -122,10 +122,6 @@
       "type": "object",
       "additionalProperties": false,
       "properties": {
-        "doom_loop": {
-          "description": "Controls doom loop detection behavior.",
-          "$ref": "#/$defs/permissionState"
-        },
         "external_directory": {
           "description": "Enforces permission checks for path-bearing file tools (read, write, edit, find, grep, ls) when they target paths outside the active working directory.",
           "markdownDescription": "Enforces permission checks for path-bearing file tools (`read`, `write`, `edit`, `find`, `grep`, `ls`) when they target paths outside the active working directory.\n\nEvaluated **before** the normal tool permission check — so `tools.read: \"allow\"` can permit ordinary reads while `external_directory: \"ask\"` still requires confirmation for paths outside `cwd`.",

package/src/config-loader.ts

@@ -36,6 +36,7 @@ export interface UnifiedConfigLoadResult {
 }
 
 const DEPRECATED_SPECIAL_KEYS: ReadonlySet<string> = new Set([
+  "doom_loop",
   "tool_call_limit",
 ]);
 
@@ -49,7 +50,7 @@ const BUILT_IN_TOOL_PERMISSION_NAMES = new Set([
   "ls",
 ]);
 
-const SPECIAL_PERMISSION_KEYS = new Set(["doom_loop", "external_directory"]);
+const SPECIAL_PERMISSION_KEYS = new Set(["external_directory"]);
 
 export function stripJsonComments(input: string): string {
   let output = "";

package/src/extension-config.ts

@@ -69,7 +69,6 @@ const PERMISSION_POLICY_KEYS: ReadonlySet<string> = new Set([
   "skills",
   "special",
   "external_directory",
-  "doom_loop",
 ]);
 
 export function detectMisplacedPermissionKeys(

package/src/permission-manager.ts

@@ -46,7 +46,7 @@ const BUILT_IN_TOOL_PERMISSION_NAMES = new Set([
   "find",
   "ls",
 ]);
-const SPECIAL_PERMISSION_KEYS = new Set(["doom_loop", "external_directory"]);
+const SPECIAL_PERMISSION_KEYS = new Set(["external_directory"]);
 const MCP_BASELINE_TARGETS = new Set([
   "mcp_status",
   "mcp_list",
@@ -156,6 +156,7 @@ function getConfiguredMcpServerNamesFromPaths(
 }
 
 const DEPRECATED_SPECIAL_KEYS: ReadonlySet<string> = new Set([
+  "doom_loop",
   "tool_call_limit",
 ]);
 

package/src/types.ts

@@ -15,7 +15,7 @@ export type BashPermissions = Record<string, PermissionState>;
 
 export type SkillPermissions = Record<string, PermissionState>;
 
-export type SpecialPermissionName = "doom_loop" | "external_directory";
+export type SpecialPermissionName = "external_directory";
 
 export type SpecialPermissions = Record<string, PermissionState>;
 

package/tests/config-loader.test.ts

@@ -133,7 +133,7 @@ describe("loadUnifiedConfig", () => {
     expect(result.config.bash).toEqual({ "git *": "ask" });
   });
 
-  it("collects deprecated special key issues", () => {
+  it("collects deprecated special key issues (doom_loop and tool_call_limit)", () => {
     const configPath = join(tempDir, "config.json");
     writeFileSync(
       configPath,
@@ -143,9 +143,10 @@ describe("loadUnifiedConfig", () => {
     );
 
     const result = loadUnifiedConfig(configPath);
-    expect(result.issues).toHaveLength(1);
-    expect(result.issues[0]).toContain("tool_call_limit");
-    expect(result.config.special).toEqual({ doom_loop: "deny" });
+    expect(result.issues).toHaveLength(2);
+    expect(result.issues.some((i) => i.includes("doom_loop"))).toBe(true);
+    expect(result.issues.some((i) => i.includes("tool_call_limit"))).toBe(true);
+    expect(result.config.special).toBeUndefined();
   });
 });
 

package/tests/extension-config.test.ts

@@ -42,7 +42,6 @@ describe("detectMisplacedPermissionKeys", () => {
       skills: {},
       special: {},
       external_directory: {},
-      doom_loop: {},
     });
     expect(result).toEqual([
       "defaultPolicy",
@@ -52,10 +51,16 @@ describe("detectMisplacedPermissionKeys", () => {
       "skills",
       "special",
       "external_directory",
-      "doom_loop",
     ]);
   });
 
+  it("does not detect doom_loop as a misplaced permission key (deprecated)", () => {
+    const result = detectMisplacedPermissionKeys({
+      doom_loop: {},
+    });
+    expect(result).toEqual([]);
+  });
+
   it("ignores unknown keys that are not permission-rule keys", () => {
     const result = detectMisplacedPermissionKeys({
       debugLog: true,

package/tests/permission-system.test.ts

@@ -2115,7 +2115,7 @@ permission:
   }
 });
 
-test("external_directory permission is independent of doom_loop in the same special config", () => {
+test("external_directory permission is unaffected when doom_loop key is present in config (deprecated and ignored)", () => {
   const { manager, cleanup } = createManager({
     defaultPolicy: {
       tools: "allow",
@@ -2131,10 +2131,12 @@ test("external_directory permission is independent of doom_loop in the same spec
   });
 
   try {
+    // doom_loop is deprecated and stripped — falls through to defaultPolicy.tools
     const doomResult = manager.checkPermission("doom_loop", {});
-    assert.equal(doomResult.state, "deny");
-    assert.equal(doomResult.matchedPattern, "doom_loop");
+    assert.equal(doomResult.state, "allow"); // defaultPolicy.tools, not the stripped doom_loop: "deny"
+    assert.equal(doomResult.matchedPattern, undefined);
 
+    // external_directory still resolves from its own entry
     const extResult = manager.checkPermission("external_directory", {});
     assert.equal(extResult.state, "allow");
     assert.equal(extResult.matchedPattern, "external_directory");
@@ -2583,12 +2585,22 @@ test("normalizeRawPermission emits deprecation issue for special.tool_call_limit
   assert.equal(result.permissions.special?.tool_call_limit, undefined);
 });
 
-test("normalizeRawPermission emits no issues for valid special keys", () => {
+test("normalizeRawPermission emits deprecation issue for special.doom_loop (string)", () => {
+  const result = normalizeRawPermission({
+    special: { doom_loop: "ask" },
+  });
+  assert.equal(result.configIssues.length, 1);
+  assert.ok(result.configIssues[0].includes("doom_loop"));
+  assert.equal(result.permissions.special?.doom_loop, undefined);
+});
+
+test("normalizeRawPermission emits deprecation issue for special.doom_loop (deny)", () => {
   const result = normalizeRawPermission({
     special: { doom_loop: "deny" },
   });
-  assert.equal(result.configIssues.length, 0);
-  assert.equal(result.permissions.special?.doom_loop, "deny");
+  assert.equal(result.configIssues.length, 1);
+  assert.ok(result.configIssues[0].includes("doom_loop"));
+  assert.equal(result.permissions.special?.doom_loop, undefined);
 });
 
 test("normalizeRawPermission emits no issues when special is absent", () => {
@@ -2609,7 +2621,7 @@ test("PermissionManager.getConfigIssues returns deprecation for tool_call_limit
     bash: {},
     mcp: {},
     skills: {},
-    special: { tool_call_limit: "allow" as PermissionState, doom_loop: "deny" },
+    special: { tool_call_limit: "allow" as PermissionState },
   };
   const { manager, cleanup } = createManager(config);
   try {
@@ -2634,7 +2646,7 @@ test("PermissionManager.getConfigIssues returns empty array for clean config", (
     bash: {},
     mcp: {},
     skills: {},
-    special: { doom_loop: "deny" },
+    special: { external_directory: "ask" },
   };
   const { manager, cleanup } = createManager(config);
   try {
@@ -2645,6 +2657,58 @@ test("PermissionManager.getConfigIssues returns empty array for clean config", (
   }
 });
 
+// --- doom_loop config-loader deprecation tests (#54) ---
+
+test("PermissionManager.getConfigIssues returns deprecation for doom_loop in global config", () => {
+  const config: GlobalPermissionConfig = {
+    defaultPolicy: {
+      tools: "ask",
+      bash: "ask",
+      mcp: "ask",
+      skills: "ask",
+      special: "ask",
+    },
+    tools: {},
+    bash: {},
+    mcp: {},
+    skills: {},
+    special: { doom_loop: "deny" },
+  };
+  const { manager, cleanup } = createManager(config);
+  try {
+    const issues = manager.getConfigIssues();
+    assert.equal(issues.length, 1);
+    assert.ok(issues[0].includes("doom_loop"));
+  } finally {
+    cleanup();
+  }
+});
+
+test("checkPermission doom_loop falls through to defaultPolicy.tools when stripped by config-loader", () => {
+  const { manager, cleanup } = createManager({
+    defaultPolicy: {
+      tools: "allow",
+      bash: "ask",
+      mcp: "ask",
+      skills: "ask",
+      special: "deny",
+    },
+    tools: {},
+    bash: {},
+    mcp: {},
+    skills: {},
+    special: { doom_loop: "ask" },
+  });
+  try {
+    const result = manager.checkPermission("doom_loop", {});
+    // doom_loop stripped by config-loader — falls through to defaultPolicy.tools
+    assert.equal(result.state, "allow");
+    assert.equal(result.matchedPattern, undefined);
+  } finally {
+    cleanup();
+  }
+});
+
 // --- session-scoped approval tests (#45) ---
 
 test("session approval: first prompt with 'Yes, for this session' skips subsequent prompts under same prefix", async () => {