tsunami-code 3.11.3 → 3.11.4

package/index.js

@@ -26,7 +26,7 @@ import {
 } from './lib/memory.js';
 import { listMemories, readMemory, saveMemory, deleteMemory, getMemdirPath } from './lib/memdir.js';
 
-const VERSION = '3.10.0';
+const VERSION = '3.11.4';
 const CONFIG_DIR = join(os.homedir(), '.tsunami-code');
 const CONFIG_FILE = join(CONFIG_DIR, 'config.json');
 const DEFAULT_SERVER = 'https://radiometric-reita-amuck.ngrok-free.dev';
@@ -470,7 +470,7 @@ async function run() {
   // Slash command list for tab completion — keep in sync with switch cases + skills
   const SLASH_COMMANDS = [
     '/help', '/compact', '/plan', '/undo', '/doctor', '/cost', '/memory', '/clear',
-    '/status', '/server', '/model', '/mcp', '/effort', '/copy', '/btw', '/rewind',
+    '/status', '/server', '/model', '/mcp', '/effort', '/mode', '/copy', '/btw', '/rewind',
     '/diff', '/stats', '/export', '/history', '/exit', '/quit', '/kairos', '/skills',
     '/skill-create', '/skill-list', '/init', '/memdir',
   ];
@@ -511,22 +511,35 @@ async function run() {
   ui.start(historyEntries);
   ui.setModelLabel(`Tsunami Code CLI v${VERSION}`);
 
+  // ── Permission mode ───────────────────────────────────────────────────────
+  const PERM_MODES = ['auto', 'accept-edits', 'confirm-writes', 'confirm-all', 'readonly', 'bypass'];
+  let permMode = 'auto';
+
   // ── Mode label helper ─────────────────────────────────────────────────────
-  // Builds the colored mode badges shown below the version line.
-  let _effortLevel = 'medium'; // default
+  let _effortLevel = 'medium';
+
   function updateModeLabel() {
     const badges = [];
-    if (planMode) badges.push(yellow('[plan]'));
-    const effortColors = {
-      low:    green,
-      medium: dim,       // medium is default — show dimmed so it's not noise
-      high:   red,
-      max:    magenta,
-    };
-    if (_effortLevel !== 'medium') {
-      const color = effortColors[_effortLevel] || dim;
-      badges.push(color(`[${_effortLevel} effort]`));
-    }
+
+    // Permission mode badge (only show if not default 'auto')
+    const permBadge = {
+      'auto':           null,
+      'accept-edits':   dim('[accept-edits]'),
+      'confirm-writes': cyan('[confirm-writes]'),
+      'confirm-all':    yellow('[confirm-all]'),
+      'readonly':       chalk.bgBlue.white(' readonly '),
+      'bypass':         chalk.bgRed.white.bold(' bypass '),
+    }[permMode];
+    if (permBadge) badges.push(permBadge);
+
+    // Effort badge (only show if not default 'medium')
+    const effortBadge = {
+      low:  green('[low effort]'),
+      high: red('[high effort]'),
+      max:  magenta('[max effort]'),
+    }[_effortLevel];
+    if (effortBadge) badges.push(effortBadge);
+
     ui.setModeLabel(badges.join('  '));
   }
 
@@ -701,7 +714,7 @@ async function run() {
             if (firstToken) { process.stdout.write('  '); firstToken = false; }
             process.stdout.write(token);
           }, (name, args) => { printToolCall(name, args); firstToken = true; },
-          { sessionDir, cwd, planMode }, makeConfirmCallback(ui));
+          { sessionDir, cwd, planMode, permMode }, makeConfirmCallback(ui));
           process.stdout.write('\n\n');
         } catch(e) { console.error(red(`  Error: ${e.message}\n`)); }
         isProcessing = false; ui.resume();
@@ -729,6 +742,7 @@ async function run() {
               ['/model [name]',    'Show or change active model (default: local)'],
               ['/mcp',             'Show MCP server status and tools'],
               ['/effort <level>',  'Set reasoning effort: low/medium/high/max'],
+              ['/mode [name]',     'Set permission mode: auto/accept-edits/confirm-writes/confirm-all/readonly/bypass'],
               ['/copy',            'Copy last response to clipboard'],
               ['/btw <note>',      'Inject a note into conversation without a response'],
               ['/rewind',          'Remove last user+assistant exchange'],
@@ -752,12 +766,35 @@ async function run() {
           await compactMessages(rest.join(' '));
           break;
         case 'plan':
-          planMode = !planMode;
-          if (planMode) console.log(yellow('  Plan mode ON — read-only, no writes or execution.\n'));
-          else console.log(green('  Plan mode OFF — full capabilities restored.\n'));
+          permMode = permMode === 'readonly' ? 'auto' : 'readonly';
+          planMode = permMode === 'readonly';
+          if (planMode) console.log(yellow('  Plan mode ON → readonly.\n'));
+          else console.log(green('  Plan mode OFF → auto.\n'));
+          ui.setPlanMode(planMode);
+          updateModeLabel();
+          break;
+        case 'mode': {
+          const m = rest[0]?.toLowerCase();
+          if (!m) {
+            console.log(blue('\n  Permission modes:\n'));
+            for (const pm of PERM_MODES) {
+              const active = pm === permMode ? green(' ← active') : '';
+              console.log(`  ${cyan(pm.padEnd(16))}${active}`);
+            }
+            console.log(dim('\n  Usage: /mode <name>\n'));
+            break;
+          }
+          if (!PERM_MODES.includes(m)) {
+            console.log(red(`  Unknown mode: ${m}\n  Options: ${PERM_MODES.join(', ')}\n`));
+            break;
+          }
+          permMode = m;
+          planMode = m === 'readonly';
           ui.setPlanMode(planMode);
           updateModeLabel();
+          console.log(green(`  Mode: ${m}\n`));
           break;
+        }
         case 'undo': {
           const restored = undo();
           if (restored) {
@@ -1242,7 +1279,7 @@ Output ONLY the TSUNAMI.md content, starting with "# Project: <name>"`;
           spinner.start();
           firstToken = true;
         },
-        { sessionDir, cwd, planMode },
+        { sessionDir, cwd, planMode, permMode },
         makeConfirmCallback(ui)
       );
       spinner.stop();

package/lib/loop.js

@@ -436,19 +436,21 @@ export async function agentLoop(serverUrl, messages, onToken, onToolCall, sessio
 
     const results = [];
     for (const tc of toolCalls) {
-      // Plan mode: block Write, Edit, Bash
-      if (sessionInfo?.planMode && ['Write', 'Edit', 'Bash'].includes(tc.name)) {
-        results.push(`[${tc.name} result]\n[PLAN MODE] ${tc.name} is disabled. Describe what you would do instead.`);
-        onToolCall(tc.name, typeof tc.arguments === 'string' ? tc.arguments : JSON.stringify(tc.arguments));
+      const permMode = sessionInfo?.permMode || 'auto';
+      const argsStr  = typeof tc.arguments === 'string' ? tc.arguments : JSON.stringify(tc.arguments);
+      const parsed   = (() => { try { return typeof tc.arguments === 'string' ? JSON.parse(tc.arguments) : tc.arguments; } catch { return {}; } })();
+      const normalized = normalizeArgs(parsed);
+
+      // ── readonly: block all mutating tools ──────────────────────────
+      if (permMode === 'readonly' && ['Write', 'Edit', 'Bash'].includes(tc.name)) {
+        onToolCall(tc.name, argsStr);
+        results.push(`[${tc.name} result]\n[READONLY MODE] ${tc.name} is disabled. Describe what you would do instead.`);
         continue;
       }
 
-      // AskUser: intercept and surface the question to the user
+      // ── AskUser: always intercept regardless of mode ─────────────────
       if (tc.name === 'AskUser' && confirmCallback) {
-        const parsed = typeof tc.arguments === 'string' ? JSON.parse(tc.arguments) : tc.arguments;
-        const normalized = normalizeArgs(parsed);
-        onToolCall(tc.name, typeof tc.arguments === 'string' ? tc.arguments : JSON.stringify(tc.arguments));
-        // Reuse confirmCallback channel but pass question back as answer
+        onToolCall(tc.name, argsStr);
         const answer = await new Promise(resolve => confirmCallback._askUser
           ? confirmCallback._askUser(normalized.question, resolve)
           : resolve('[No answer provided]')
@@ -457,15 +459,20 @@ export async function agentLoop(serverUrl, messages, onToken, onToolCall, sessio
         continue;
       }
 
-      // Dangerous command confirmation
-      if (tc.name === 'Bash' && confirmCallback) {
-        const parsed = typeof tc.arguments === 'string' ? JSON.parse(tc.arguments) : tc.arguments;
-        const normalized = normalizeArgs(parsed);
-        if (isDangerous(normalized.command)) {
-          const ok = await confirmCallback(normalized.command);
+      // ── Permission gate (skip entirely in bypass mode) ───────────────
+      if (permMode !== 'bypass' && confirmCallback) {
+        const needsConfirm =
+          (permMode === 'confirm-all'    && ['Write', 'Edit', 'Bash'].includes(tc.name)) ||
+          (permMode === 'confirm-writes' && ['Write', 'Edit'].includes(tc.name))         ||
+          (permMode === 'accept-edits'   && tc.name === 'Write')                         ||
+          (tc.name === 'Bash' && isDangerous(normalized.command));
+
+        if (needsConfirm) {
+          const prompt = tc.name === 'Bash' ? normalized.command : `${tc.name}: ${normalized.file_path || ''}`;
+          onToolCall(tc.name, argsStr);
+          const ok = await confirmCallback(prompt);
           if (!ok) {
-            onToolCall(tc.name, typeof tc.arguments === 'string' ? tc.arguments : JSON.stringify(tc.arguments));
-            results.push(`[${tc.name} result]\nCommand blocked by user. Find a safer approach to accomplish this.`);
+            results.push(`[${tc.name} result]\nBlocked by user (${permMode} mode). Find an alternative approach.`);
             continue;
           }
         }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "tsunami-code",
-  "version": "3.11.3",
+  "version": "3.11.4",
   "description": "Tsunami Code CLI — AI coding agent by Keystone World Management Navy Seal Unit XI3",
   "type": "module",
   "bin": {