@loicngr/kobo 1.2.0 → 1.3.0

package/dist/server/db/migrations.js

@@ -1,20 +1,71 @@
 import { initSchema } from './schema.js';
-export const SCHEMA_VERSION = 1;
+export const migrations = [
+    {
+        version: 2,
+        name: 'add-permission-mode',
+        migrate: (db) => {
+            db.exec("ALTER TABLE workspaces ADD COLUMN permission_mode TEXT NOT NULL DEFAULT 'auto-accept'");
+        },
+    },
+];
+/** Current schema version — always equals the highest migration version. */
+export const SCHEMA_VERSION = migrations.length > 0 ? migrations[migrations.length - 1].version : 1;
 export function runMigrations(db) {
+    // Create the history table (replaces the old single-row schema_version table).
     db.exec(`
-    CREATE TABLE IF NOT EXISTS schema_version (
-      version INTEGER NOT NULL
+    CREATE TABLE IF NOT EXISTS schema_migrations (
+      version  INTEGER PRIMARY KEY,
+      name     TEXT NOT NULL,
+      applied_at TEXT NOT NULL
     )
   `);
-    const row = db.prepare('SELECT version FROM schema_version LIMIT 1').get();
-    const currentVersion = row?.version ?? 0;
-    if (currentVersion < 1) {
+    // ── Backward compat: migrate from legacy schema_version table ──────────────
+    const hasLegacy = db.prepare("SELECT count(*) as c FROM sqlite_master WHERE type='table' AND name='schema_version'").get().c > 0;
+    if (hasLegacy) {
+        const legacyRow = db.prepare('SELECT version FROM schema_version LIMIT 1').get();
+        const legacyVersion = legacyRow?.version ?? 0;
+        // Back-fill history for all migrations that were already applied under the old system.
+        if (legacyVersion >= 1) {
+            const now = new Date().toISOString();
+            // Version 1 = initSchema (always applied if legacyVersion >= 1)
+            db.prepare('INSERT OR IGNORE INTO schema_migrations (version, name, applied_at) VALUES (?, ?, ?)').run(1, 'init-schema', now);
+            for (const m of migrations) {
+                if (m.version <= legacyVersion) {
+                    db.prepare('INSERT OR IGNORE INTO schema_migrations (version, name, applied_at) VALUES (?, ?, ?)').run(m.version, m.name, now);
+                }
+            }
+        }
+        db.exec('DROP TABLE schema_version');
+    }
+    // ── Determine current state ────────────────────────────────────────────────
+    const applied = new Set(db.prepare('SELECT version FROM schema_migrations').all().map((r) => r.version));
+    // Fresh install — no migrations applied yet.
+    if (!applied.has(1)) {
         initSchema(db);
-        if (currentVersion === 0) {
-            db.prepare('INSERT INTO schema_version (version) VALUES (?)').run(1);
+        const now = new Date().toISOString();
+        db.prepare('INSERT INTO schema_migrations (version, name, applied_at) VALUES (?, ?, ?)').run(1, 'init-schema', now);
+        // Mark all incremental migrations as applied (initSchema creates the latest shape).
+        for (const m of migrations) {
+            db.prepare('INSERT INTO schema_migrations (version, name, applied_at) VALUES (?, ?, ?)').run(m.version, m.name, now);
         }
-        else {
-            db.prepare('UPDATE schema_version SET version = ?').run(1);
+        return;
+    }
+    // Apply pending migrations sequentially.
+    for (const m of migrations) {
+        if (!applied.has(m.version)) {
+            m.migrate(db);
+            db.prepare('INSERT INTO schema_migrations (version, name, applied_at) VALUES (?, ?, ?)').run(m.version, m.name, new Date().toISOString());
         }
     }
 }
+/** Return the full migration history (for diagnostics / admin UI). */
+export function getMigrationHistory(db) {
+    try {
+        return db
+            .prepare('SELECT version, name, applied_at FROM schema_migrations ORDER BY version')
+            .all();
+    }
+    catch {
+        return [];
+    }
+}

package/dist/server/db/schema.js

@@ -10,6 +10,7 @@ export function initSchema(db) {
       notion_url TEXT,
       notion_page_id TEXT,
       model TEXT NOT NULL DEFAULT 'claude-opus-4-6',
+      permission_mode TEXT NOT NULL DEFAULT 'auto-accept',
       dev_server_status TEXT NOT NULL DEFAULT 'stopped',
       archived_at TEXT,
       created_at TEXT NOT NULL,

package/dist/server/index.js

@@ -13,7 +13,7 @@ import imagesRouter from './routes/images.js';
 import notionRouter from './routes/notion.js';
 import settingsRouter from './routes/settings.js';
 import workspacesRouter from './routes/workspaces.js';
-import { getAvailableSkills, sendMessage, setBackendPort, startAgent, stopAgent } from './services/agent-manager.js';
+import { getAvailableSkills, sendMessage, setBackendPort, startAgent, startWatchdog, stopAgent, } from './services/agent-manager.js';
 import { startDevServer, stopDevServer } from './services/dev-server-service.js';
 import { emit, handleConnection, setMessageHandler } from './services/websocket-service.js';
 import { getLatestSession, getWorkspace, updateWorkspaceStatus } from './services/workspace-service.js';
@@ -32,8 +32,11 @@ console.log(`[kobo] Kōbō home: ${getKoboHome()}`);
 // 1. Initialize DB + run migrations
 const db = getDb();
 runMigrations(db);
-// 2. Initialize process cleanup
+// 2. Initialize process cleanup, agent watchdog, and PR watcher
 initProcessCleanup();
+startWatchdog();
+import { startPrWatcher } from './services/pr-watcher-service.js';
+startPrWatcher();
 // 3. Create Hono app
 const app = new Hono();
 // Health check (root / is handled by the SPA catch-all below)
@@ -118,7 +121,7 @@ setMessageHandler((type, payload) => {
                 const workspace = getWorkspace(p.workspaceId);
                 if (workspace) {
                     const worktreePath = `${workspace.projectPath}/.worktrees/${workspace.workingBranch}`;
-                    startAgent(p.workspaceId, worktreePath, p.content, workspace.model, true);
+                    startAgent(p.workspaceId, worktreePath, p.content, workspace.model, true, workspace.permissionMode);
                     updateWorkspaceStatus(p.workspaceId, 'executing');
                 }
             }
@@ -136,7 +139,7 @@ setMessageHandler((type, payload) => {
             }
             const worktreePath = `${workspace.projectPath}/.worktrees/${workspace.workingBranch}`;
             const prompt = p.prompt ?? 'Continue the previous task where you left off.';
-            startAgent(p.workspaceId, worktreePath, prompt, workspace.model);
+            startAgent(p.workspaceId, worktreePath, prompt, workspace.model, false, workspace.permissionMode);
         }
         catch (err) {
             console.error('[ws] Failed to start agent:', err);

package/dist/server/routes/workspaces.js

@@ -107,7 +107,30 @@ app.post('/', async (c) => {
             workspaceService.updateWorkspaceStatus(workspace.id, 'error');
             return c.json({ error: `Failed to create worktree: ${message}` }, 500);
         }
-        // 4b. Write git conventions to the worktree if configured
+        // 4b. Ensure Kobo-generated files inside .ai/ are gitignored (the .ai/ dir
+        //     itself may contain project files that SHOULD be committed).
+        try {
+            const fs = await import('node:fs');
+            const pathMod = await import('node:path');
+            const gitignorePath = pathMod.default.join(worktreePath, '.gitignore');
+            const existing = fs.existsSync(gitignorePath) ? fs.readFileSync(gitignorePath, 'utf-8') : '';
+            const lines = existing.split('\n').map((l) => l.trim());
+            const toAdd = [];
+            if (!lines.includes('.ai/git-conventions.md'))
+                toAdd.push('.ai/git-conventions.md');
+            if (!lines.includes('.ai/thoughts/'))
+                toAdd.push('.ai/thoughts/');
+            if (!lines.includes('.ai/images/'))
+                toAdd.push('.ai/images/');
+            if (toAdd.length > 0) {
+                const separator = existing.length > 0 && !existing.endsWith('\n') ? '\n' : '';
+                fs.appendFileSync(gitignorePath, `${separator}${toAdd.join('\n')}\n`, 'utf-8');
+            }
+        }
+        catch (err) {
+            console.error('[workspaces] Failed to update .gitignore:', err);
+        }
+        // 4c. Write git conventions to the worktree if configured
         const effectiveSettings = settingsService.getEffectiveSettings(body.projectPath);
         if (effectiveSettings.gitConventions) {
             try {
@@ -404,7 +427,7 @@ app.get('/:id', (c) => {
         return c.json({ error: message }, 500);
     }
 });
-// PATCH /api/workspaces/:id — update workspace fields (status, model)
+// PATCH /api/workspaces/:id — update workspace fields (status, model, permissionMode)
 app.patch('/:id', async (c) => {
     try {
         const id = c.req.param('id');
@@ -417,11 +440,18 @@ app.patch('/:id', async (c) => {
         if (body.model !== undefined) {
             updated = workspaceService.updateWorkspaceModel(id, body.model);
         }
+        if (body.permissionMode !== undefined) {
+            const validModes = ['auto-accept', 'plan'];
+            if (!validModes.includes(body.permissionMode)) {
+                return c.json({ error: `Invalid permission mode. Must be one of: ${validModes.join(', ')}` }, 400);
+            }
+            updated = workspaceService.updateWorkspacePermissionMode(id, body.permissionMode);
+        }
         if (body.status) {
             updated = workspaceService.updateWorkspaceStatus(id, body.status);
         }
-        if (!body.status && body.model === undefined) {
-            return c.json({ error: 'Missing field: status or model' }, 400);
+        if (!body.status && body.model === undefined && body.permissionMode === undefined) {
+            return c.json({ error: 'Missing field: status, model, or permissionMode' }, 400);
         }
         return c.json(updated);
     }
@@ -565,7 +595,7 @@ app.post('/:id/start', async (c) => {
             // Agent may not be running — ignore
         }
         const worktreePath = `${workspace.projectPath}/.worktrees/${workspace.workingBranch}`;
-        agentManager.startAgent(id, worktreePath, prompt, workspace.model);
+        agentManager.startAgent(id, worktreePath, prompt, workspace.model, false, workspace.permissionMode);
         workspaceService.updateWorkspaceStatus(id, 'executing');
         return c.json({ status: 'started' });
     }
@@ -586,13 +616,16 @@ app.get('/:id/git-stats', async (c) => {
         const worktreePath = path.default.join(workspace.projectPath, '.worktrees', workspace.workingBranch);
         const commitCount = gitOps.getCommitCount(worktreePath, workspace.sourceBranch, workspace.workingBranch);
         const diffStats = gitOps.getStructuredDiffStatsBetween(worktreePath, workspace.sourceBranch, workspace.workingBranch);
-        const prUrl = gitOps.getPrUrl(workspace.projectPath, workspace.workingBranch);
+        const pr = gitOps.getPrStatus(workspace.projectPath, workspace.workingBranch);
+        const unpushedCount = gitOps.getUnpushedCount(worktreePath);
         return c.json({
             commitCount,
             filesChanged: diffStats.filesChanged,
             insertions: diffStats.insertions,
             deletions: diffStats.deletions,
-            prUrl,
+            prUrl: pr?.url ?? null,
+            prState: pr?.state ?? null,
+            unpushedCount,
         });
     }
     catch (err) {
@@ -725,22 +758,26 @@ app.post('/:id/open-pr', async (c) => {
         const session = workspaceService.getLatestSession(workspace.id);
         const sessionId = session?.claudeSessionId ?? undefined;
         emit(workspace.id, 'user:message', { content: rendered, sender: 'user' }, sessionId);
-        // 8. Send to the running agent (degrade on failure)
+        // 8. Send to the running agent, or resume the agent with the PR prompt
+        let messageSent = false;
         try {
             agentManager.sendMessage(workspace.id, rendered);
-            return c.json({ ok: true, prNumber, prUrl, messageSent: true });
+            messageSent = true;
         }
-        catch (err) {
-            const message = err instanceof Error ? err.message : String(err);
-            console.warn(`[workspaces] open-pr: PR created but sendMessage failed: ${message}`);
-            return c.json({
-                ok: true,
-                prNumber,
-                prUrl,
-                messageSent: false,
-                warning: `Agent is not active — message was not sent (${message})`,
-            });
+        catch {
+            // Agent not running — resume it with the PR prompt
+            try {
+                const worktreePathForResume = `${workspace.projectPath}/.worktrees/${workspace.workingBranch}`;
+                agentManager.startAgent(workspace.id, worktreePathForResume, rendered, workspace.model, true, workspace.permissionMode);
+                workspaceService.updateWorkspaceStatus(workspace.id, 'executing');
+                messageSent = true;
+            }
+            catch (resumeErr) {
+                const resumeMsg = resumeErr instanceof Error ? resumeErr.message : String(resumeErr);
+                console.warn(`[workspaces] open-pr: PR created but agent resume failed: ${resumeMsg}`);
+            }
         }
+        return c.json({ ok: true, prNumber, prUrl, messageSent });
     }
     catch (err) {
         const message = err instanceof Error ? err.message : String(err);

package/dist/server/services/agent-manager.js

@@ -6,6 +6,7 @@ import { nanoid } from 'nanoid';
 import { getDb } from '../db/index.js';
 import { ensureKoboHome, getCompiledMcpServerPath, getDbPath, getMcpServerSourcePath, getSettingsPath, getSkillsPath, } from '../utils/paths.js';
 import { registerProcess, unregisterProcess } from '../utils/process-tracker.js';
+import { getEffectiveSettings } from './settings-service.js';
 import { emit } from './websocket-service.js';
 import { getWorkspace as getWs, listTasks, updateWorkspaceStatus } from './workspace-service.js';
 // ── State ──────────────────────────────────────────────────────────────────────
@@ -35,8 +36,71 @@ const retryCounts = new Map();
 const backoffTimers = new Map();
 /** workspaceId -> pending SIGKILL timer */
 const killTimers = new Map();
+// ── Watchdog ──────────────────────────────────────────────────────────────────
+// Periodically checks that tracked agent processes are still alive.
+// If a process died without triggering the 'exit' handler (crash, OOM kill,
+// etc.), the watchdog cleans up and updates the workspace status.
+const WATCHDOG_INTERVAL_MS = 30_000;
+let watchdogTimer = null;
+function isProcessAlive(pid) {
+    try {
+        process.kill(pid, 0); // signal 0 = existence check, doesn't actually kill
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function runWatchdog() {
+    for (const [workspaceId, agent] of agents) {
+        const pid = agent.process.pid;
+        if (pid === undefined || isProcessAlive(pid))
+            continue;
+        console.error(`[watchdog] Agent process for workspace '${workspaceId}' (PID ${pid}) is dead — cleaning up`);
+        // Close readline to release the stream
+        try {
+            agent.rl.close();
+        }
+        catch {
+            // Ignore
+        }
+        unregisterProcess(workspaceId);
+        agents.delete(workspaceId);
+        retryCounts.delete(workspaceId);
+        // Update DB session
+        try {
+            const db = getDb();
+            db.prepare('UPDATE agent_sessions SET status = ?, ended_at = ? WHERE id = ?').run('error', new Date().toISOString(), agent.agentSessionId);
+        }
+        catch (err) {
+            console.error('[watchdog] Failed to update agent_sessions:', err);
+        }
+        // Update workspace status
+        try {
+            updateWorkspaceStatus(workspaceId, 'error');
+        }
+        catch {
+            // Transition may not be valid — ignore
+        }
+        emit(workspaceId, 'agent:status', { status: 'error', message: 'Agent process died unexpectedly' }, agent.claudeSessionId);
+    }
+}
+/** Start the watchdog (called once from server bootstrap). */
+export function startWatchdog() {
+    if (watchdogTimer)
+        return;
+    watchdogTimer = setInterval(runWatchdog, WATCHDOG_INTERVAL_MS);
+    watchdogTimer.unref?.();
+}
+/** Stop the watchdog (for clean shutdown / tests). */
+export function stopWatchdog() {
+    if (watchdogTimer) {
+        clearInterval(watchdogTimer);
+        watchdogTimer = null;
+    }
+}
 // ── Start agent ────────────────────────────────────────────────────────────────
-export function startAgent(workspaceId, workingDir, prompt, model, resume = false) {
+export function startAgent(workspaceId, workingDir, prompt, model, resume = false, permissionMode = 'auto-accept') {
     // Check if agent already running for this workspace
     if (agents.has(workspaceId)) {
         throw new Error(`Agent already running for workspace '${workspaceId}'`);
@@ -44,8 +108,18 @@ export function startAgent(workspaceId, workingDir, prompt, model, resume = fals
     const db = getDb();
     let agentSessionId;
     let resumedClaudeSessionId;
-    // Build CLI args
-    const args = ['--dangerously-skip-permissions', '--output-format', 'stream-json', '--verbose'];
+    // Build CLI args — read dangerouslySkipPermissions from effective settings
+    const ws = getWs(workspaceId);
+    const effectiveSettings = ws ? getEffectiveSettings(ws.projectPath) : null;
+    const skipPermissions = effectiveSettings?.dangerouslySkipPermissions ?? true;
+    const args = ['--output-format', 'stream-json', '--verbose'];
+    if (skipPermissions) {
+        args.push('--dangerously-skip-permissions');
+    }
+    if (permissionMode === 'plan') {
+        // In plan mode, prepend read-only instructions to the prompt
+        prompt = `[PLAN MODE] You are in PLAN/READ-ONLY mode. You MUST NOT create, edit, write, or delete any files. Only use read-only tools (Read, Grep, Glob, LS, Bash for read-only commands). Analyze the codebase, plan your approach, and present your findings — but do NOT execute any changes.\n\n${prompt}`;
+    }
     if (model && model !== 'auto') {
         args.push('--model', model);
     }

package/dist/server/services/pr-watcher-service.js

@@ -0,0 +1,61 @@
+import { getPrStatus } from '../utils/git-ops.js';
+import { emitEphemeral } from './websocket-service.js';
+import { archiveWorkspace, listWorkspaces } from './workspace-service.js';
+// ── PR Watcher ────────────────────────────────────────────────────────────────
+// Polls GitHub every POLL_INTERVAL_MS to detect merged/closed PRs and
+// automatically archive the corresponding workspace.
+//
+// Only archives on a STATE TRANSITION from OPEN → CLOSED/MERGED.
+// If a PR is already closed/merged when first seen (e.g. after unarchive),
+// it is recorded but NOT acted upon — prevents re-archiving manually
+// unarchived workspaces.
+const POLL_INTERVAL_MS = 30 * 1000; // 30 seconds
+let timer = null;
+/** Tracks the last known PR state per workspace to detect transitions. */
+const lastKnownState = new Map();
+function checkPrStatuses() {
+    const workspaces = listWorkspaces(false); // non-archived only
+    // Clean up entries for workspaces that no longer exist
+    for (const id of lastKnownState.keys()) {
+        if (!workspaces.some((ws) => ws.id === id)) {
+            lastKnownState.delete(id);
+        }
+    }
+    for (const ws of workspaces) {
+        // Only check workspaces that are not actively running an agent
+        if (['extracting', 'brainstorming', 'executing'].includes(ws.status))
+            continue;
+        try {
+            const pr = getPrStatus(ws.projectPath, ws.workingBranch);
+            if (!pr)
+                continue;
+            const prev = lastKnownState.get(ws.id);
+            lastKnownState.set(ws.id, pr.state);
+            // Only archive on a transition FROM OPEN — not on first sight of CLOSED/MERGED
+            if (prev === 'OPEN' && (pr.state === 'MERGED' || pr.state === 'CLOSED')) {
+                console.log(`[pr-watcher] PR ${pr.state.toLowerCase()} for workspace '${ws.name}' — archiving`);
+                archiveWorkspace(ws.id);
+                lastKnownState.delete(ws.id);
+                emitEphemeral(ws.id, 'workspace:archived', {
+                    reason: `PR ${pr.state.toLowerCase()}`,
+                    prUrl: pr.url,
+                });
+            }
+        }
+        catch (err) {
+            console.error(`[pr-watcher] Failed to check PR for workspace '${ws.name}':`, err instanceof Error ? err.message : err);
+        }
+    }
+}
+export function startPrWatcher() {
+    if (timer)
+        return;
+    timer = setInterval(checkPrStatuses, POLL_INTERVAL_MS);
+    timer.unref?.();
+}
+export function stopPrWatcher() {
+    if (timer) {
+        clearInterval(timer);
+        timer = null;
+    }
+}

package/dist/server/services/settings-service.js

@@ -50,13 +50,36 @@ Please:
 1. Review the PR description on GitHub and improve it if needed (add a proper summary, screenshots if relevant, a test plan)
 2. Verify that all acceptance criteria are checked
 3. Post a comment on the PR summarizing what was done and any follow-up items
+4. Do NOT add a "Generated with Claude Code" footer or any AI attribution to the PR description
 `;
-/**
- * Bump when adding/removing/renaming fields in Settings that require a migration.
- * Each bump must come with a corresponding entry in `runSettingsMigrations()`.
- * Append-only — never renumber shipped versions.
- */
-export const SETTINGS_SCHEMA_VERSION = 1;
+const settingsMigrations = [
+    {
+        version: 1,
+        name: 'add-git-conventions',
+        migrate: ({ global, projects }) => {
+            if (typeof global.gitConventions !== 'string')
+                global.gitConventions = '';
+            for (const p of projects) {
+                if (typeof p.gitConventions !== 'string')
+                    p.gitConventions = '';
+            }
+        },
+    },
+    {
+        version: 2,
+        name: 'add-dangerously-skip-permissions',
+        migrate: ({ global, projects }) => {
+            if (typeof global.dangerouslySkipPermissions !== 'boolean')
+                global.dangerouslySkipPermissions = true;
+            for (const p of projects) {
+                if (typeof p.dangerouslySkipPermissions !== 'boolean')
+                    p.dangerouslySkipPermissions = true;
+            }
+        },
+    },
+];
+/** Current settings schema version — always equals the highest migration version. */
+export const SETTINGS_SCHEMA_VERSION = settingsMigrations.length > 0 ? settingsMigrations[settingsMigrations.length - 1].version : 0;
 let settingsFilePath = getSettingsPath();
 /** Override the settings file path (used by tests). */
 export function _setSettingsPath(p) {
@@ -67,6 +90,7 @@ function defaultSettings() {
         schemaVersion: SETTINGS_SCHEMA_VERSION,
         global: {
             defaultModel: 'auto',
+            dangerouslySkipPermissions: true,
             prPromptTemplate: DEFAULT_PR_PROMPT_TEMPLATE,
             gitConventions: DEFAULT_GIT_CONVENTIONS,
         },
@@ -79,6 +103,7 @@ function defaultProjectSettings(projectPath) {
         displayName: '',
         defaultSourceBranch: '',
         defaultModel: '',
+        dangerouslySkipPermissions: true,
         prPromptTemplate: '',
         gitConventions: '',
         devServer: {
@@ -92,12 +117,10 @@ function pickKnownKeys(data, allowedKeys) {
 }
 /**
  * Apply migrations sequentially to bring an older settings object up to
- * SETTINGS_SCHEMA_VERSION. Each migration is append-only — never edit or
- * reorder shipped migrations. The returned object carries the bumped
- * schemaVersion; callers should persist it back to disk.
+ * SETTINGS_SCHEMA_VERSION. Append-only — never edit or reorder shipped entries.
+ * The returned object carries the bumped schemaVersion; callers persist it.
  */
 export function runSettingsMigrations(raw) {
-    // Ensure a baseline shape so we can safely read .global and .projects
     const current = raw;
     if (!current.global || typeof current.global !== 'object') {
         current.global = {};
@@ -105,20 +128,13 @@ export function runSettingsMigrations(raw) {
     if (!Array.isArray(current.projects)) {
         current.projects = [];
     }
-    // Detect legacy (pre-versioned) settings as v0
     let version = typeof current.schemaVersion === 'number' ? current.schemaVersion : 0;
-    // ── v0 → v1: ensure gitConventions field exists on global and every project
-    if (version < 1) {
-        if (typeof current.global.gitConventions !== 'string') {
-            current.global.gitConventions = '';
-        }
-        for (const p of current.projects) {
-            if (typeof p.gitConventions !== 'string')
-                p.gitConventions = '';
+    for (const m of settingsMigrations) {
+        if (version < m.version) {
+            m.migrate({ global: current.global, projects: current.projects });
+            version = m.version;
         }
-        version = 1;
     }
-    // Future migrations go here — increment SETTINGS_SCHEMA_VERSION in lockstep.
     current.schemaVersion = version;
     return current;
 }
@@ -177,6 +193,7 @@ export function getEffectiveSettings(projectPath) {
     if (!project) {
         return {
             model: settings.global.defaultModel,
+            dangerouslySkipPermissions: settings.global.dangerouslySkipPermissions,
             prPromptTemplate: settings.global.prPromptTemplate,
             gitConventions: settings.global.gitConventions,
             sourceBranch: '',
@@ -185,6 +202,7 @@ export function getEffectiveSettings(projectPath) {
     }
     return {
         model: project.defaultModel || settings.global.defaultModel,
+        dangerouslySkipPermissions: project.dangerouslySkipPermissions ?? settings.global.dangerouslySkipPermissions,
         prPromptTemplate: project.prPromptTemplate || settings.global.prPromptTemplate,
         gitConventions: project.gitConventions || settings.global.gitConventions,
         sourceBranch: project.defaultSourceBranch,
@@ -193,7 +211,7 @@ export function getEffectiveSettings(projectPath) {
 }
 export function updateGlobalSettings(data) {
     const settings = readSettings();
-    const allowedGlobalKeys = ['defaultModel', 'prPromptTemplate', 'gitConventions'];
+    const allowedGlobalKeys = ['defaultModel', 'dangerouslySkipPermissions', 'prPromptTemplate', 'gitConventions'];
     const filtered = pickKnownKeys(data, allowedGlobalKeys);
     settings.global = { ...settings.global, ...filtered };
     writeSettings(settings);
@@ -204,6 +222,7 @@ export function upsertProject(projectPath, data) {
         'displayName',
         'defaultSourceBranch',
         'defaultModel',
+        'dangerouslySkipPermissions',
         'prPromptTemplate',
         'gitConventions',
         'devServer',

package/dist/server/services/workspace-service.js

@@ -22,6 +22,7 @@ function mapWorkspace(row) {
         notionUrl: row.notion_url,
         notionPageId: row.notion_page_id,
         model: row.model,
+        permissionMode: (row.permission_mode ?? 'auto-accept'),
         devServerStatus: row.dev_server_status,
         archivedAt: row.archived_at,
         createdAt: row.created_at,
@@ -96,6 +97,12 @@ export function updateWorkspaceModel(id, model) {
     db.prepare('UPDATE workspaces SET model = ?, updated_at = ? WHERE id = ?').run(model, now, id);
     return getWorkspace(id);
 }
+export function updateWorkspacePermissionMode(id, permissionMode) {
+    const db = getDb();
+    const now = new Date().toISOString();
+    db.prepare('UPDATE workspaces SET permission_mode = ?, updated_at = ? WHERE id = ?').run(permissionMode, now, id);
+    return getWorkspace(id);
+}
 export function updateDevServerStatus(id, status) {
     const db = getDb();
     db.prepare('UPDATE workspaces SET dev_server_status = ? WHERE id = ?').run(status, id);

package/dist/server/utils/git-ops.js

@@ -136,6 +136,34 @@ export function getPrUrl(repoPath, branchName) {
         return null;
     }
 }
+export function getPrStatus(repoPath, branchName) {
+    try {
+        const raw = execFileSync('gh', ['pr', 'view', branchName, '--json', 'state,url'], {
+            cwd: repoPath,
+            encoding: 'utf-8',
+        }).trim();
+        if (!raw)
+            return null;
+        const parsed = JSON.parse(raw);
+        return { state: parsed.state, url: parsed.url };
+    }
+    catch {
+        return null;
+    }
+}
+/** Count commits ahead of upstream. Returns -1 if no upstream is set. */
+export function getUnpushedCount(repoPath) {
+    try {
+        const output = execFileSync('git', ['rev-list', '@{u}..HEAD', '--count'], {
+            cwd: repoPath,
+            encoding: 'utf-8',
+        }).trim();
+        return parseInt(output, 10) || 0;
+    }
+    catch {
+        return -1; // no upstream
+    }
+}
 export function getDiffStatsBetween(repoPath, base, head) {
     try {
         return git(repoPath, ['diff', '--shortstat', `${base}...${head}`]);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@loicngr/kobo",
-  "version": "1.2.0",
+  "version": "1.3.0",
   "description": "Kōbō — multi-workspace agent manager for Claude Code. Orchestrates isolated git worktrees with dev servers, Notion integration, and MCP tools.",
   "type": "module",
   "license": "GPL-3.0-or-later",