npm - @hasna/coders - Versions diffs - 0.0.3 → 0.0.4 - Mend

@hasna/coders 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/cli.mjs CHANGED Viewed

@@ -58429,7 +58429,7 @@ var init_client = __esm({
           "Content-Type": "application/json",
           "anthropic-version": "2023-06-01",
           "anthropic-beta": BETA_HEADERS.join(","),
-          "User-Agent": `coders/${"0.0.3"}`
+          "User-Agent": `coders/${"0.0.4"}`
         };
         if (key.isOAuth) {
           headers["Authorization"] = `Bearer ${key.apiKey}`;
@@ -59167,6 +59167,270 @@ var init_permissions = __esm({
   }
 });
+// src/db/index.ts
+import { join as join2 } from "path";
+import { existsSync as existsSync4, mkdirSync as mkdirSync3 } from "fs";
+function getDbPath() {
+  const dir = getConfigDir();
+  if (!existsSync4(dir)) mkdirSync3(dir, { recursive: true });
+  return join2(dir, "coders.db");
+}
+function getDb() {
+  if (_db) return _db;
+  const dbPath = getDbPath();
+  try {
+    const { Database } = __require("bun:sqlite");
+    _db = new Database(dbPath);
+  } catch {
+    try {
+      const BetterSqlite3 = __require("better-sqlite3");
+      _db = new BetterSqlite3(dbPath);
+    } catch {
+      console.warn("[db] No SQLite available \u2014 using in-memory fallback");
+      _db = createInMemoryDb();
+      initSchema(_db);
+      return _db;
+    }
+  }
+  try {
+    _db.exec("PRAGMA journal_mode=WAL");
+  } catch {
+  }
+  try {
+    _db.exec("PRAGMA foreign_keys=ON");
+  } catch {
+  }
+  initSchema(_db);
+  return _db;
+}
+function initSchema(db) {
+  db.exec(`
+    -- Sessions
+    CREATE TABLE IF NOT EXISTS sessions (
+      id TEXT PRIMARY KEY,
+      device_id TEXT NOT NULL,
+      project_dir TEXT,
+      original_cwd TEXT,
+      model TEXT,
+      app_version TEXT,
+      build_time TEXT,
+      fingerprint TEXT, -- JSON
+      metadata TEXT,    -- JSON
+      created_at TEXT DEFAULT (datetime('now')),
+      updated_at TEXT DEFAULT (datetime('now'))
+    );
+    -- Messages (conversation history)
+    CREATE TABLE IF NOT EXISTS messages (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      session_id TEXT NOT NULL REFERENCES sessions(id),
+      role TEXT NOT NULL CHECK(role IN ('user','assistant','system')),
+      content TEXT NOT NULL,
+      tool_uses TEXT,    -- JSON array of tool use displays
+      thinking TEXT,
+      duration_ms REAL,
+      tokens_in INTEGER DEFAULT 0,
+      tokens_out INTEGER DEFAULT 0,
+      cost_usd REAL DEFAULT 0,
+      created_at TEXT DEFAULT (datetime('now'))
+    );
+    CREATE INDEX IF NOT EXISTS idx_messages_session ON messages(session_id);
+    -- File history (tracks reads per session)
+    CREATE TABLE IF NOT EXISTS file_history (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      session_id TEXT NOT NULL,
+      file_path TEXT NOT NULL,
+      content_hash TEXT,
+      byte_size INTEGER,
+      line_count INTEGER,
+      read_at TEXT DEFAULT (datetime('now')),
+      UNIQUE(session_id, file_path)
+    );
+    -- File checkpoints (for /rewind)
+    CREATE TABLE IF NOT EXISTS checkpoints (
+      id TEXT PRIMARY KEY,
+      session_id TEXT NOT NULL,
+      file_path TEXT NOT NULL,
+      original_content TEXT NOT NULL,
+      edit_operation TEXT, -- JSON {old_string, new_string}
+      created_at TEXT DEFAULT (datetime('now'))
+    );
+    CREATE INDEX IF NOT EXISTS idx_checkpoints_session_file ON checkpoints(session_id, file_path);
+    -- Tasks (replaces in-memory fallback for @hasna/todos)
+    CREATE TABLE IF NOT EXISTS tasks (
+      id TEXT PRIMARY KEY,
+      subject TEXT NOT NULL,
+      description TEXT DEFAULT '',
+      status TEXT DEFAULT 'pending' CHECK(status IN ('pending','in_progress','completed','failed','cancelled')),
+      active_form TEXT,
+      owner TEXT,
+      blocks TEXT DEFAULT '[]',      -- JSON array of task IDs
+      blocked_by TEXT DEFAULT '[]',   -- JSON array of task IDs
+      metadata TEXT DEFAULT '{}',     -- JSON
+      created_at TEXT DEFAULT (datetime('now')),
+      updated_at TEXT DEFAULT (datetime('now'))
+    );
+    -- Config (replaces JSON files)
+    CREATE TABLE IF NOT EXISTS config (
+      key TEXT PRIMARY KEY,
+      value TEXT, -- JSON
+      scope TEXT DEFAULT 'user' CHECK(scope IN ('user','project','local','global')),
+      updated_at TEXT DEFAULT (datetime('now'))
+    );
+    -- Memories (replaces in-memory fallback for @hasna/mementos)
+    CREATE TABLE IF NOT EXISTS memories (
+      id TEXT PRIMARY KEY,
+      key TEXT UNIQUE NOT NULL,
+      value TEXT NOT NULL,
+      scope TEXT DEFAULT 'shared' CHECK(scope IN ('global','shared','private')),
+      category TEXT DEFAULT 'knowledge',
+      importance INTEGER DEFAULT 5 CHECK(importance BETWEEN 1 AND 10),
+      tags TEXT DEFAULT '[]', -- JSON array
+      version INTEGER DEFAULT 1,
+      created_at TEXT DEFAULT (datetime('now')),
+      updated_at TEXT DEFAULT (datetime('now'))
+    );
+    -- Teams
+    CREATE TABLE IF NOT EXISTS teams (
+      name TEXT PRIMARY KEY,
+      description TEXT,
+      task_list_id TEXT,
+      created_at TEXT DEFAULT (datetime('now'))
+    );
+    -- Team members
+    CREATE TABLE IF NOT EXISTS team_members (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      team_name TEXT NOT NULL REFERENCES teams(name),
+      agent_name TEXT NOT NULL,
+      role TEXT,
+      status TEXT DEFAULT 'idle',
+      current_task TEXT,
+      UNIQUE(team_name, agent_name)
+    );
+    -- Team messages
+    CREATE TABLE IF NOT EXISTS team_messages (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      from_agent TEXT NOT NULL,
+      to_agent TEXT NOT NULL,
+      team_name TEXT,
+      content TEXT NOT NULL,
+      is_read INTEGER DEFAULT 0,
+      is_blocking INTEGER DEFAULT 0,
+      created_at TEXT DEFAULT (datetime('now'))
+    );
+    CREATE INDEX IF NOT EXISTS idx_team_msgs_to ON team_messages(to_agent, is_read);
+    -- Permissions (persisted allow/deny rules)
+    CREATE TABLE IF NOT EXISTS permissions (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      tool_name TEXT,
+      command_pattern TEXT,
+      path_pattern TEXT,
+      behavior TEXT NOT NULL CHECK(behavior IN ('allow','deny')),
+      scope TEXT DEFAULT 'session',
+      created_at TEXT DEFAULT (datetime('now'))
+    );
+    -- MCP servers
+    CREATE TABLE IF NOT EXISTS mcp_servers (
+      name TEXT PRIMARY KEY,
+      command TEXT,
+      args TEXT,    -- JSON array
+      env TEXT,     -- JSON object
+      url TEXT,
+      transport TEXT DEFAULT 'stdio',
+      scope TEXT DEFAULT 'user',
+      enabled INTEGER DEFAULT 1,
+      created_at TEXT DEFAULT (datetime('now'))
+    );
+    -- Metrics (per-turn tracking)
+    CREATE TABLE IF NOT EXISTS metrics (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      session_id TEXT NOT NULL,
+      turn_index INTEGER,
+      tokens_in INTEGER DEFAULT 0,
+      tokens_out INTEGER DEFAULT 0,
+      cost_usd REAL DEFAULT 0,
+      api_duration_ms REAL DEFAULT 0,
+      tool_duration_ms REAL DEFAULT 0,
+      hook_duration_ms REAL DEFAULT 0,
+      tool_count INTEGER DEFAULT 0,
+      model TEXT,
+      created_at TEXT DEFAULT (datetime('now'))
+    );
+    -- Audit log (for security \u2014 tracks all tool executions)
+    CREATE TABLE IF NOT EXISTS audit_log (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      session_id TEXT,
+      tool_name TEXT NOT NULL,
+      input_summary TEXT,
+      result_summary TEXT,
+      exit_code INTEGER,
+      duration_ms REAL,
+      was_allowed INTEGER DEFAULT 1,
+      created_at TEXT DEFAULT (datetime('now'))
+    );
+  `);
+}
+function dbRun(sql, params = []) {
+  const db = getDb();
+  try {
+    const stmt = db.prepare(sql);
+    return stmt.run(...params);
+  } catch (e) {
+    try {
+      return db.run(sql, params);
+    } catch {
+      throw e;
+    }
+  }
+}
+function createInMemoryDb() {
+  const tables = /* @__PURE__ */ new Map();
+  return {
+    exec(sql) {
+      const matches = sql.matchAll(/CREATE TABLE IF NOT EXISTS (\w+)/g);
+      for (const m of matches) {
+        if (!tables.has(m[1])) tables.set(m[1], /* @__PURE__ */ new Map());
+      }
+    },
+    prepare(sql) {
+      return {
+        run(...params) {
+          return { changes: 0 };
+        },
+        get(...params) {
+          return void 0;
+        },
+        all(...params) {
+          return [];
+        }
+      };
+    },
+    close() {
+      tables.clear();
+    }
+  };
+}
+var _db;
+var init_db = __esm({
+  "src/db/index.ts"() {
+    "use strict";
+    init_paths();
+    _db = null;
+  }
+});
 // src/core/constants.ts
 var BASH_TOOL, READ_TOOL, EDIT_TOOL, WRITE_TOOL, GLOB_TOOL, GREP_TOOL, DEFAULT_BASH_TIMEOUT_MS, MAX_BASH_TIMEOUT_MS, DEFAULT_READ_LINE_LIMIT, DEFAULT_MAX_RESULT_SIZE_CHARS;
 var init_constants = __esm({
@@ -59187,6 +59451,23 @@ var init_constants = __esm({
 // src/tools/builtin/bash.ts
 import { spawn } from "child_process";
+function isDangerousCommand(command) {
+  for (const { pattern, reason } of DANGEROUS_PATTERNS) {
+    if (pattern.test(command)) {
+      return { dangerous: true, reason };
+    }
+  }
+  return { dangerous: false };
+}
+function auditLog(command, exitCode, durationMs, sessionId) {
+  try {
+    dbRun(
+      "INSERT INTO audit_log (session_id, tool_name, input_summary, result_summary, exit_code, duration_ms, was_allowed) VALUES (?, 'Bash', ?, ?, ?, ?, 1)",
+      [sessionId ?? null, command.slice(0, 500), exitCode === 0 ? "success" : `exit ${exitCode}`, exitCode, durationMs]
+    );
+  } catch {
+  }
+}
 function isReadOnlyCommand(command) {
   const trimmed = command.trim();
   if (!trimmed) return false;
@@ -59282,12 +59563,28 @@ function truncateOutput(output, maxChars = DEFAULT_MAX_RESULT_SIZE_CHARS) {
 ` + output.slice(-half);
 }
-var BashInputSchema, BashOutputSchema, READ_ONLY_COMMANDS, READ_ONLY_KEYWORDS, GIT_READ_ONLY_SUBCOMMANDS, NPM_READ_ONLY_SUBCOMMANDS, DOCKER_READ_ONLY_SUBCOMMANDS, backgroundTasks, nextBgId, bashTool, BASH_PROMPT;
+var DANGEROUS_PATTERNS, BashInputSchema, BashOutputSchema, READ_ONLY_COMMANDS, READ_ONLY_KEYWORDS, GIT_READ_ONLY_SUBCOMMANDS, NPM_READ_ONLY_SUBCOMMANDS, DOCKER_READ_ONLY_SUBCOMMANDS, backgroundTasks, nextBgId, bashTool, BASH_PROMPT;
 var init_bash = __esm({
   "src/tools/builtin/bash.ts"() {
     "use strict";
     init_zod();
     init_constants();
+    init_db();
+    DANGEROUS_PATTERNS = [
+      { pattern: /\brm\s+-rf\s+\/\s*$/, reason: "Recursive delete of root filesystem" },
+      { pattern: /\brm\s+-rf\s+~\//, reason: "Recursive delete of home directory" },
+      { pattern: /\brm\s+-rf\s+\*/, reason: "Recursive delete with wildcard" },
+      { pattern: /\bmkfs\b/, reason: "Format filesystem" },
+      { pattern: /\bdd\s+.*of=\/dev\//, reason: "Direct write to device" },
+      { pattern: />\s*\/dev\/sd[a-z]/, reason: "Redirect to disk device" },
+      { pattern: /\b:(){ :\|:& };:/, reason: "Fork bomb" },
+      { pattern: /\bchmod\s+-R\s+777\s+\//, reason: "Recursive chmod 777 on root" },
+      { pattern: /\bchown\s+-R\s+.*\s+\//, reason: "Recursive chown on root" },
+      { pattern: /\bcurl\s.*\|\s*sh\b/, reason: "Pipe remote script to shell" },
+      { pattern: /\bwget\s.*\|\s*sh\b/, reason: "Pipe remote script to shell" },
+      { pattern: /\b\/etc\/passwd\b/, reason: "Access to passwd file" },
+      { pattern: /\b\/etc\/shadow\b/, reason: "Access to shadow file" }
+    ];
     BashInputSchema = external_exports.strictObject({
       command: external_exports.string().describe("The command to execute"),
       description: external_exports.string().optional().describe("Description of what the command does"),
@@ -59507,6 +59804,14 @@ var init_bash = __esm({
         if (input.timeout !== void 0 && input.timeout > MAX_BASH_TIMEOUT_MS) {
           return { result: false, message: `Timeout exceeds maximum of ${MAX_BASH_TIMEOUT_MS}ms`, errorCode: 2 };
         }
+        const danger = isDangerousCommand(input.command);
+        if (danger.dangerous) {
+          try {
+            dbRun("INSERT INTO audit_log (tool_name, input_summary, was_allowed) VALUES ('Bash', ?, 0)", [input.command.slice(0, 200)]);
+          } catch {
+          }
+          return { result: false, message: `Blocked dangerous command: ${danger.reason}`, errorCode: 3 };
+        }
         return { result: true };
       },
       async checkPermissions(input, context) {
@@ -59587,6 +59892,7 @@ var init_bash = __esm({
             }
             stdout = truncateOutput(stdout);
             stderr = truncateOutput(stderr);
+            auditLog(command, code, durationMs);
             resolve7({
               data: {
                 stdout,
@@ -59654,7 +59960,7 @@ Instructions:
 });
 // src/tools/builtin/read.ts
-import { readFileSync as readFileSync3, statSync, existsSync as existsSync4 } from "fs";
+import { readFileSync as readFileSync3, statSync, existsSync as existsSync5 } from "fs";
 import { extname, isAbsolute, resolve as resolve2 } from "path";
 function hasFileBeenRead(filePath) {
   return readFiles.has(resolve2(filePath));
@@ -59835,7 +60141,7 @@ var init_read = __esm({
           return { result: false, message: "file_path is required", errorCode: 1 };
         }
         const resolved = resolvePath(input.file_path);
-        if (!existsSync4(resolved)) {
+        if (!existsSync5(resolved)) {
           return { result: false, message: `File does not exist: ${input.file_path}`, errorCode: 2 };
         }
         try {
@@ -59889,8 +60195,9 @@ Usage:
 });
 // src/tools/builtin/edit.ts
-import { readFileSync as readFileSync4, writeFileSync as writeFileSync2, existsSync as existsSync5 } from "fs";
+import { readFileSync as readFileSync4, writeFileSync as writeFileSync2, existsSync as existsSync6 } from "fs";
 import { resolve as resolve3, isAbsolute as isAbsolute2 } from "path";
+import { randomUUID } from "crypto";
 function resolvePath2(filePath) {
   if (isAbsolute2(filePath)) return filePath;
   return resolve3(process.cwd(), filePath);
@@ -59904,36 +60211,64 @@ function countOccurrences(text, search) {
   }
   return count;
 }
-function generateSimpleDiff(oldContent, newContent, filePath) {
+function generateUnifiedDiff(oldContent, newContent, filePath) {
   const oldLines = oldContent.split("\n");
   const newLines = newContent.split("\n");
-  const lines = [`--- a/${filePath}`, `+++ b/${filePath}`];
-  let i = 0;
-  let j = 0;
-  while (i < oldLines.length || j < newLines.length) {
-    if (i < oldLines.length && j < newLines.length && oldLines[i] === newLines[j]) {
-      i++;
-      j++;
-    } else {
-      const contextStart = Math.max(0, i - 2);
-      lines.push(`@@ -${contextStart + 1} @@`);
-      while (i < oldLines.length && (j >= newLines.length || oldLines[i] !== newLines[j])) {
-        lines.push(`-${oldLines[i]}`);
-        i++;
-        if (lines.length > 50) break;
-      }
-      while (j < newLines.length && (i >= oldLines.length || oldLines[i] !== newLines[j])) {
-        lines.push(`+${newLines[j]}`);
-        j++;
-        if (lines.length > 100) break;
-      }
-      if (lines.length > 100) {
-        lines.push("... (diff truncated)");
-        break;
+  const CONTEXT = 3;
+  const result = [`--- a/${filePath}`, `+++ b/${filePath}`];
+  const hunks = findDiffHunks(oldLines, newLines, CONTEXT);
+  for (const hunk of hunks) {
+    const { oldStart, oldCount, newStart, newCount, lines } = hunk;
+    result.push(`@@ -${oldStart + 1},${oldCount} +${newStart + 1},${newCount} @@`);
+    result.push(...lines);
+  }
+  return result.length > 2 ? result.join("\n") : "";
+}
+function findDiffHunks(oldLines, newLines, context) {
+  const hunks = [];
+  let oi = 0, ni = 0;
+  while (oi < oldLines.length || ni < newLines.length) {
+    if (oi < oldLines.length && ni < newLines.length && oldLines[oi] === newLines[ni]) {
+      oi++;
+      ni++;
+      continue;
+    }
+    const changeOldStart = Math.max(0, oi - context);
+    const changeNewStart = Math.max(0, ni - context);
+    const hunkLines = [];
+    for (let c = Math.max(0, oi - context); c < oi; c++) {
+      hunkLines.push(` ${oldLines[c]}`);
+    }
+    const removedStart = oi;
+    while (oi < oldLines.length && (ni >= newLines.length || oldLines[oi] !== newLines[ni])) {
+      hunkLines.push(`-${oldLines[oi]}`);
+      oi++;
+      if (hunkLines.length > 100) break;
+    }
+    const addedStart = ni;
+    while (ni < newLines.length && (oi >= oldLines.length || oldLines[oi] !== newLines[ni])) {
+      hunkLines.push(`+${newLines[ni]}`);
+      ni++;
+      if (hunkLines.length > 200) break;
+    }
+    const afterEnd = Math.min(oi + context, oldLines.length);
+    for (let c = oi; c < afterEnd && c < oldLines.length && ni + (c - oi) < newLines.length; c++) {
+      if (oldLines[c] === newLines[ni + (c - oi)]) {
+        hunkLines.push(` ${oldLines[c]}`);
       }
     }
+    const oldCount = oi - changeOldStart + Math.min(context, oldLines.length - oi);
+    const newCount = ni - changeNewStart + Math.min(context, newLines.length - ni);
+    hunks.push({
+      oldStart: changeOldStart,
+      oldCount: Math.max(oldCount, 1),
+      newStart: changeNewStart,
+      newCount: Math.max(newCount, 1),
+      lines: hunkLines
+    });
+    if (hunks.length > 20) break;
   }
-  return lines.length > 2 ? lines.join("\n") : "";
+  return hunks;
 }
 var EditInputSchema, EditOutputSchema, editTool, EDIT_PROMPT;
 var init_edit = __esm({
@@ -59942,6 +60277,7 @@ var init_edit = __esm({
     init_zod();
     init_constants();
     init_read();
+    init_db();
     EditInputSchema = external_exports.strictObject({
       file_path: external_exports.string().describe("The absolute path to the file to modify"),
       old_string: external_exports.string().describe("The text to replace"),
@@ -59999,7 +60335,7 @@ var init_edit = __esm({
           return { result: false, message: "old_string and new_string must be different", errorCode: 2 };
         }
         const resolved = resolvePath2(input.file_path);
-        if (!existsSync5(resolved)) {
+        if (!existsSync6(resolved)) {
           return { result: false, message: `File does not exist: ${input.file_path}`, errorCode: 3 };
         }
         if (!hasFileBeenRead(resolved)) {
@@ -60055,9 +60391,17 @@ var init_edit = __esm({
           newContent = originalContent.slice(0, idx) + input.new_string + originalContent.slice(idx + input.old_string.length);
           replacements = 1;
         }
+        try {
+          const cpId = randomUUID().slice(0, 8);
+          dbRun(
+            "INSERT INTO checkpoints (id, session_id, file_path, original_content, edit_operation) VALUES (?, ?, ?, ?, ?)",
+            [cpId, "current", resolved, originalContent, JSON.stringify({ old_string: input.old_string, new_string: input.new_string })]
+          );
+        } catch {
+        }
         writeFileSync2(resolved, newContent, "utf-8");
         markFileAsRead(resolved);
-        const gitDiff = generateSimpleDiff(originalContent, newContent, input.file_path);
+        const gitDiff = generateUnifiedDiff(originalContent, newContent, input.file_path);
         return {
           data: {
             filePath: resolved,
@@ -60093,7 +60437,7 @@ Usage:
 });
 // src/tools/builtin/write.ts
-import { writeFileSync as writeFileSync3, existsSync as existsSync6, mkdirSync as mkdirSync3 } from "fs";
+import { writeFileSync as writeFileSync3, existsSync as existsSync7, mkdirSync as mkdirSync4 } from "fs";
 import { dirname as dirname2, resolve as resolve4, isAbsolute as isAbsolute3 } from "path";
 function resolvePath3(filePath) {
   if (isAbsolute3(filePath)) return filePath;
@@ -60155,7 +60499,7 @@ var init_write = __esm({
           return { result: false, message: "file_path is required", errorCode: 1 };
         }
         const resolved = resolvePath3(input.file_path);
-        if (existsSync6(resolved) && !hasFileBeenRead(resolved)) {
+        if (existsSync7(resolved) && !hasFileBeenRead(resolved)) {
           return {
             result: false,
             message: "This file already exists. You must Read it first before overwriting. Use the Read tool, then retry.",
@@ -60169,10 +60513,10 @@ var init_write = __esm({
       },
       async call(input, context) {
         const resolved = resolvePath3(input.file_path);
-        const created = !existsSync6(resolved);
+        const created = !existsSync7(resolved);
         const dir = dirname2(resolved);
-        if (!existsSync6(dir)) {
-          mkdirSync3(dir, { recursive: true });
+        if (!existsSync7(dir)) {
+          mkdirSync4(dir, { recursive: true });
         }
         writeFileSync3(resolved, input.content, "utf-8");
         markFileAsRead(resolved);
@@ -67042,10 +67386,11 @@ function useSpinner(active) {
   }, [active]);
   return active ? FRAMES[i] : " ";
 }
-function createToolHandlers(onToolStart, onToolEnd) {
+function createToolHandlers(onToolStart, onToolEnd, requestPermission) {
   const tools = [bashTool, readTool, editTool, writeTool, globTool, grepTool];
   const permCtx = createDefaultPermissionContext();
   const appState = { toolPermissionContext: permCtx, verbose: false };
+  const alwaysAllowed = /* @__PURE__ */ new Set();
   return tools.map((tool) => ({
     name: tool.name,
     description: typeof tool.description === "function" ? `Tool: ${tool.name}` : String(tool.description),
@@ -67055,6 +67400,25 @@ function createToolHandlers(onToolStart, onToolEnd) {
     call: async (input, ctx) => {
       const summary = toolSummary(tool.name, input);
       const toolId = `tool-${Date.now()}-${Math.random().toString(36).slice(2, 6)}`;
+      if (!tool.isReadOnly() && !alwaysAllowed.has(tool.name)) {
+        const decision = await requestPermission(tool.name, summary);
+        if (decision === "deny") {
+          onToolStart(toolId, tool.name, summary);
+          onToolEnd(toolId, "Permission denied by user", "Permission denied", 0);
+          try {
+            dbRun("INSERT INTO audit_log (tool_name, input_summary, was_allowed) VALUES (?, ?, 0)", [tool.name, summary]);
+          } catch {
+          }
+          return { error: "Permission denied by user", isError: true };
+        }
+        if (decision === "always") {
+          alwaysAllowed.add(tool.name);
+          try {
+            dbRun("INSERT OR REPLACE INTO permissions (tool_name, behavior) VALUES (?, 'allow')", [tool.name]);
+          } catch {
+          }
+        }
+      }
       onToolStart(toolId, tool.name, summary);
       const t0 = performance.now();
       try {
@@ -67068,11 +67432,19 @@ function createToolHandlers(onToolStart, onToolEnd) {
         const block = tool.mapToolResultToToolResultBlockParam(result.data, toolId);
         const dur = performance.now() - t0;
         onToolEnd(toolId, block.content.slice(0, 500), block.is_error ? block.content : void 0, dur);
+        try {
+          dbRun("INSERT INTO audit_log (tool_name, input_summary, result_summary, duration_ms, was_allowed) VALUES (?, ?, ?, ?, 1)", [tool.name, summary, block.content.slice(0, 200), dur]);
+        } catch {
+        }
         return { data: block.content };
       } catch (err) {
         const dur = performance.now() - t0;
         const errMsg = err instanceof Error ? err.message : String(err);
         onToolEnd(toolId, "", errMsg, dur);
+        try {
+          dbRun("INSERT INTO audit_log (tool_name, input_summary, result_summary, duration_ms, was_allowed) VALUES (?, ?, ?, ?, 1)", [tool.name, summary, errMsg.slice(0, 200), dur]);
+        } catch {
+        }
         return { error: errMsg, isError: true };
       }
     }
@@ -67192,6 +67564,25 @@ function App2({ model, mode, initialPrompt }) {
   const [history, setHistory] = (0, import_react22.useState)([]);
   const [activeTools, setActiveTools] = (0, import_react22.useState)([]);
   const rows = stdout?.rows ?? 24;
+  const [permissionPending, setPermissionPending] = (0, import_react22.useState)(null);
+  const requestPermission = (0, import_react22.useCallback)((toolName, summary) => {
+    return new Promise((resolve7) => {
+      setPermissionPending({ toolName, summary, resolve: resolve7 });
+    });
+  }, []);
+  use_input_default((ch) => {
+    if (!permissionPending) return;
+    if (ch === "y" || ch === "Y") {
+      permissionPending.resolve("allow");
+      setPermissionPending(null);
+    } else if (ch === "n" || ch === "N") {
+      permissionPending.resolve("deny");
+      setPermissionPending(null);
+    } else if (ch === "a" || ch === "A") {
+      permissionPending.resolve("always");
+      setPermissionPending(null);
+    }
+  }, { isActive: !!permissionPending });
   const onToolStart = (0, import_react22.useCallback)((id, name, summary) => {
     setActiveTools((prev) => [...prev, { id, name, summary, status: "running" }]);
   }, []);
@@ -67222,7 +67613,7 @@ function App2({ model, mode, initialPrompt }) {
     setActiveTools([]);
     const t0 = performance.now();
     try {
-      const toolHandlers = createToolHandlers(onToolStart, onToolEnd);
+      const toolHandlers = createToolHandlers(onToolStart, onToolEnd, requestPermission);
       const permCtx = createDefaultPermissionContext();
       const result = await runAgentLoop(
         newHistory,
@@ -67284,7 +67675,7 @@ function App2({ model, mode, initialPrompt }) {
     } finally {
       setBusy(false);
     }
-  }, [busy, history, model, exit, onToolStart, onToolEnd, streaming, activeTools]);
+  }, [busy, history, model, exit, onToolStart, onToolEnd, requestPermission, streaming, activeTools]);
   (0, import_react22.useEffect)(() => {
     if (initialPrompt) submit(initialPrompt);
   }, []);
@@ -67316,12 +67707,34 @@ function App2({ model, mode, initialPrompt }) {
       visible.map((m) => /* @__PURE__ */ (0, import_jsx_runtime.jsx)(MessageView, { msg: m }, m.id)),
       busy && activeTools.filter((t) => t.status === "running").map((t) => /* @__PURE__ */ (0, import_jsx_runtime.jsx)(ToolItem, { tool: t }, t.id)),
       busy && streaming && /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { children: streaming }) }),
-      busy && !streaming && activeTools.length === 0 && /* @__PURE__ */ (0, import_jsx_runtime.jsxs)(Box_default, { marginTop: 1, children: [
+      busy && !streaming && activeTools.length === 0 && !permissionPending && /* @__PURE__ */ (0, import_jsx_runtime.jsxs)(Box_default, { marginTop: 1, children: [
         /* @__PURE__ */ (0, import_jsx_runtime.jsxs)(Text, { color: "cyan", children: [
           FRAMES[0],
           " "
         ] }),
         /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { dimColor: true, children: "Thinking..." })
+      ] }),
+      permissionPending && /* @__PURE__ */ (0, import_jsx_runtime.jsxs)(Box_default, { flexDirection: "column", marginTop: 1, children: [
+        /* @__PURE__ */ (0, import_jsx_runtime.jsxs)(Box_default, { children: [
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { color: "yellow", bold: true, children: "? " }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { children: "Allow " }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { bold: true, children: permissionPending.toolName }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsxs)(Text, { dimColor: true, children: [
+            ": ",
+            permissionPending.summary.slice(0, 80)
+          ] })
+        ] }),
+        /* @__PURE__ */ (0, import_jsx_runtime.jsxs)(Box_default, { children: [
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { dimColor: true, children: "  " }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { color: "green", bold: true, children: "(y)" }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { color: "green", children: "es" }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { children: " " }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { color: "red", bold: true, children: "(n)" }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { color: "red", children: "o" }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { children: " " }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { color: "blue", bold: true, children: "(a)" }),
+          /* @__PURE__ */ (0, import_jsx_runtime.jsx)(Text, { color: "blue", children: "lways allow" })
+        ] })
       ] })
     ] }),
     /* @__PURE__ */ (0, import_jsx_runtime.jsxs)(Box_default, { children: [
@@ -67392,6 +67805,7 @@ var init_app = __esm({
     init_streaming();
     init_agent_loop();
     init_permissions();
+    init_db();
     init_bash();
     init_read();
     init_edit();
@@ -67619,8 +68033,8 @@ async function bootstrap() {
 var VERSION, BUILD_TIME, PACKAGE_NAME2, ISSUES_URL2, startupTimestamps, originalCwd, RESET_TERMINAL, cleanupHandlers, earlyInput, earlyInputCapturing;
 var init_index = __esm({
   "src/cli/index.ts"() {
-    VERSION = "0.0.3";
-    BUILD_TIME = "2026-03-20T06:29:11.511Z";
+    VERSION = "0.0.4";
+    BUILD_TIME = "2026-03-20T07:32:07.258Z";
     PACKAGE_NAME2 = "@hasna/coders";
     ISSUES_URL2 = "https://github.com/hasnaxyz/open-coders/issues";
     startupTimestamps = {};