@gotgenes/pi-permission-system 7.3.0 → 7.3.1

package/CHANGELOG.md

@@ -5,6 +5,18 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [7.3.1](https://github.com/gotgenes/pi-packages/compare/pi-permission-system-v7.3.0...pi-permission-system-v7.3.1) (2026-05-26)
+
+
+### Bug Fixes
+
+* resolve pre-existing lint errors in pi-autoformat and pi-permission-system ([68fd516](https://github.com/gotgenes/pi-packages/commit/68fd516e33ddbb9a5e37ef19e949ee9ecdc37252))
+
+
+### Documentation
+
+* update subagent integration docs for native permission bridge ([#101](https://github.com/gotgenes/pi-packages/issues/101)) ([0bd456b](https://github.com/gotgenes/pi-packages/commit/0bd456befa8ea6918e74f4393d844868795edc77))
+
 ## [7.3.0](https://github.com/gotgenes/pi-packages/compare/pi-permission-system-v7.2.0...pi-permission-system-v7.3.0) (2026-05-25)
 
 

package/README.md

@@ -20,6 +20,7 @@ Permission enforcement extension for the [Pi](https://pi.mariozechner.at/) codin
 - **Protects sensitive file patterns** — cross-cutting `path` rules deny `.env`, `~/.ssh/*`, etc. across all tools and bash at once
 - **Guards external paths** — prompts before file tools or bash commands reach outside `cwd`
 - **Forwards prompts from subagents** — `ask` policies work even in non-UI execution contexts
+- **Native [`@gotgenes/pi-subagents`](https://github.com/gotgenes/pi-subagents) integration** — in-process child sessions register with the permission system automatically, enabling per-agent policy enforcement and `ask`-state forwarding to the parent UI without configuration
 
 ## Install
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gotgenes/pi-permission-system",
-  "version": "7.3.0",
+  "version": "7.3.1",
   "description": "Permission enforcement extension for the Pi coding agent.",
   "type": "module",
   "exports": {

package/src/extension-config.ts

@@ -1,4 +1,4 @@
-import { existsSync, mkdirSync } from "node:fs";
+import { mkdirSync } from "node:fs";
 import { dirname, join } from "node:path";
 import { fileURLToPath } from "node:url";
 

package/src/handlers/before-agent-start.ts

@@ -41,6 +41,7 @@ export function shouldExposeTool(
  */
 export class AgentPrepHandler {
   constructor(
+    // biome-ignore lint/correctness/noUnusedPrivateClassMembers: accessed via destructuring (const { session } = this)
     private readonly session: PermissionSession,
     private readonly toolRegistry: ToolRegistry,
   ) {}

package/src/handlers/gates/bash-path-extractor.ts

@@ -48,14 +48,6 @@ function getParser(): Promise<TSParser> {
   return parserPromise;
 }
 
-/**
- * Reset the cached parser promise.  Only used by tests to avoid
- * cross-test pollution or to inject a mock parser.
- */
-function resetParserForTesting(): void {
-  parserPromise = null;
-}
-
 // ── AST walker ─────────────────────────────────────────────────────────────
 
 /**

package/src/handlers/lifecycle.ts

@@ -22,6 +22,7 @@ interface ResourcesDiscoverPayload {
  */
 export class SessionLifecycleHandler {
   constructor(
+    // biome-ignore lint/correctness/noUnusedPrivateClassMembers: accessed via destructuring (const { session } = this)
     private readonly session: PermissionSession,
     private readonly cleanupRpc: () => void,
   ) {}

package/src/handlers/permission-gate-handler.ts

@@ -47,6 +47,7 @@ interface InputPayload {
  */
 export class PermissionGateHandler {
   constructor(
+    // biome-ignore lint/correctness/noUnusedPrivateClassMembers: accessed via destructuring (const { session } = this)
     private readonly session: PermissionSession,
     private readonly events: PermissionEventBus,
     private readonly toolRegistry: ToolRegistry,

package/src/permission-dialog.ts

@@ -25,12 +25,6 @@ const APPROVE_OPTION = "Yes";
 const APPROVE_FOR_SESSION_OPTION = "Yes, for this session";
 const DENY_OPTION = "No";
 const DENY_WITH_REASON_OPTION = "No, provide reason";
-const PERMISSION_DECISION_OPTIONS = [
-  APPROVE_OPTION,
-  APPROVE_FOR_SESSION_OPTION,
-  DENY_OPTION,
-  DENY_WITH_REASON_OPTION,
-] as const;
 
 export function normalizePermissionDenialReason(
   value: unknown,

package/src/permission-manager.ts

@@ -120,7 +120,7 @@ export class PermissionManager {
           // existing patterns from lower scopes keep their earlier origin.
           if (!origins.has(surface)) origins.set(surface, new Map());
           for (const pattern of Object.keys(value)) {
-            origins.get(surface)!.set(pattern, scopeName);
+            origins.get(surface)?.set(pattern, scopeName);
           }
         } else {
           // Full replacement: this scope takes over the entire surface entry.

package/src/permission-merge.ts

@@ -1,4 +1,4 @@
-import type { FlatPermissionConfig, PermissionState } from "./types";
+import type { FlatPermissionConfig } from "./types";
 
 /**
  * Deep-shallow merge two flat permission configs.

package/src/skill-prompt-sanitizer.ts

@@ -92,33 +92,6 @@ function parseSkillEntries(sectionBody: string): ParsedSkillPromptEntry[] {
   return entries;
 }
 
-function parseSkillPromptSection(prompt: string): SkillPromptSection | null {
-  const start = prompt.indexOf(AVAILABLE_SKILLS_OPEN_TAG);
-  if (start === -1) {
-    return null;
-  }
-
-  const closeStart = prompt.indexOf(
-    AVAILABLE_SKILLS_CLOSE_TAG,
-    start + AVAILABLE_SKILLS_OPEN_TAG.length,
-  );
-  if (closeStart === -1) {
-    return null;
-  }
-
-  const end = closeStart + AVAILABLE_SKILLS_CLOSE_TAG.length;
-  const sectionBody = prompt.slice(
-    start + AVAILABLE_SKILLS_OPEN_TAG.length,
-    closeStart,
-  );
-
-  return {
-    start,
-    end,
-    entries: parseSkillEntries(sectionBody),
-  };
-}
-
 export function parseAllSkillPromptSections(
   prompt: string,
 ): SkillPromptSection[] {

package/src/types.ts

@@ -14,17 +14,6 @@ export type FlatPermissionConfig = Record<
   PermissionState | Record<string, PermissionState>
 >;
 
-type BuiltInToolName =
-  | "bash"
-  | "read"
-  | "write"
-  | "edit"
-  | "grep"
-  | "find"
-  | "ls";
-
-type SpecialPermissionName = "external_directory";
-
 /**
  * Per-scope permission config shape after loading and validation.
  * Holds only the flat permission map — all policy is expressed there.

package/test/handlers/before-agent-start.test.ts

@@ -7,7 +7,6 @@ import {
 } from "#src/handlers/before-agent-start";
 import type { PermissionSession } from "#src/permission-session";
 import type { ToolRegistry } from "#src/tool-registry";
-import type { PermissionState } from "#src/types";
 
 // ── SDK stubs ──────────────────────────────────────────────────────────────
 vi.mock("@earendil-works/pi-coding-agent", async (importOriginal) => {

package/test/handlers/gates/bash-external-directory.test.ts

@@ -101,12 +101,15 @@ describe("describeBashExternalDirectoryGate", () => {
   it("uses config-level checkPermission for the policy state", async () => {
     const checkPermission = vi
       .fn()
-      .mockImplementation((surface: string, input: Record<string, unknown>) => {
-        // Path-specific check returns session for coverage filtering
-        if (input.path) return makeCheckResult("allow", { source: "special" });
-        // Config-level check (no path) returns deny
-        return makeCheckResult("deny");
-      });
+      .mockImplementation(
+        (_surface: string, input: Record<string, unknown>) => {
+          // Path-specific check returns session for coverage filtering
+          if (input.path)
+            return makeCheckResult("allow", { source: "special" });
+          // Config-level check (no path) returns deny
+          return makeCheckResult("deny");
+        },
+      );
     const result = await describeBashExternalDirectoryGate(
       makeTcc(),
       checkPermission,
@@ -172,12 +175,14 @@ describe("describeBashExternalDirectoryGate", () => {
   it("only includes uncovered paths when some are session-covered", async () => {
     const checkPermission = vi
       .fn()
-      .mockImplementation((surface: string, input: Record<string, unknown>) => {
-        if (input.path === "/outside/a.ts") {
-          return makeCheckResult("allow", { source: "session" });
-        }
-        return makeCheckResult("ask");
-      });
+      .mockImplementation(
+        (_surface: string, input: Record<string, unknown>) => {
+          if (input.path === "/outside/a.ts") {
+            return makeCheckResult("allow", { source: "session" });
+          }
+          return makeCheckResult("ask");
+        },
+      );
     const result = await describeBashExternalDirectoryGate(
       makeTcc({ input: { command: "diff /outside/a.ts /outside/b.ts" } }),
       checkPermission,

package/test/handlers/gates/skill-read.test.ts

@@ -1,6 +1,4 @@
 import { describe, expect, it, vi } from "vitest";
-
-import type { GateDescriptor } from "#src/handlers/gates/descriptor";
 import { describeSkillReadGate } from "#src/handlers/gates/skill-read";
 import type { ToolCallContext } from "#src/handlers/gates/types";
 import type { SkillPromptEntry } from "#src/skill-prompt-sanitizer";

package/test/handlers/input-events.test.ts

@@ -9,7 +9,6 @@ import type { PermissionDecisionEvent } from "#src/permission-events";
 import { PERMISSIONS_DECISION_CHANNEL } from "#src/permission-events";
 import type { PermissionSession } from "#src/permission-session";
 import type { ToolRegistry } from "#src/tool-registry";
-import type { PermissionState } from "#src/types";
 
 // ── helpers ────────────────────────────────────────────────────────────────
 

package/test/handlers/input.test.ts

@@ -7,7 +7,6 @@ import {
 } from "#src/handlers/permission-gate-handler";
 import type { PermissionSession } from "#src/permission-session";
 import type { ToolRegistry } from "#src/tool-registry";
-import type { PermissionState } from "#src/types";
 
 // ── helpers ────────────────────────────────────────────────────────────────
 

package/test/handlers/tool-call-events.test.ts

@@ -10,7 +10,7 @@ import type { PermissionDecisionEvent } from "#src/permission-events";
 import { PERMISSIONS_DECISION_CHANNEL } from "#src/permission-events";
 import type { PermissionSession } from "#src/permission-session";
 import type { ToolRegistry } from "#src/tool-registry";
-import type { PermissionCheckResult, PermissionState } from "#src/types";
+import type { PermissionCheckResult } from "#src/types";
 
 // ── helpers ────────────────────────────────────────────────────────────────
 

package/test/handlers/tool-call.test.ts

@@ -7,7 +7,7 @@ import {
 } from "#src/handlers/permission-gate-handler";
 import type { PermissionSession } from "#src/permission-session";
 import type { ToolRegistry } from "#src/tool-registry";
-import type { PermissionCheckResult, PermissionState } from "#src/types";
+import type { PermissionCheckResult } from "#src/types";
 
 // ── SDK stubs ──────────────────────────────────────────────────────────────
 vi.mock("@earendil-works/pi-coding-agent", async (importOriginal) => {

package/test/permission-events.test.ts

@@ -264,7 +264,7 @@ describe("piPermissionSystemExtension ready event wiring", () => {
     mkdirSync(join(baseDir, "agents"), { recursive: true });
     writeFileSync(
       globalConfigPath,
-      JSON.stringify({ permission: { "*": "ask" } }) + "\n",
+      `${JSON.stringify({ permission: { "*": "ask" } })}\n`,
       "utf8",
     );
     process.env.PI_CODING_AGENT_DIR = baseDir;

package/test/permission-session.test.ts

@@ -38,7 +38,6 @@ import {
 } from "#src/permission-session";
 import type { SessionLogger } from "#src/session-logger";
 import type { SkillPromptEntry } from "#src/skill-prompt-sanitizer";
-import type { PermissionCheckResult } from "#src/types";
 
 function makeSkillEntry(
   name: string,