releases/ClaudeDo
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 3 Wiki Activity

refactor(worker): use --permission-mode auto instead of --dangerously-skip-permissions

Browse Source 
Map legacy "bypassPermissions" config to "auto" at dispatch time; pass-through other modes (acceptEdits, plan, default).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
mika kuns
2026-04-25 09:34:48 +02:00
parent 8e9f09a8e6
commit b2eb5fcfa4
3 changed files with 15 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/ClaudeDo.Worker/CLAUDE.md
View File

@@ -24,7 +24,7 @@ ASP.NET Core hosted service that executes tasks via Claude CLI in isolated envir
## Key Components ## Key Components
- **ClaudeProcess** — spawns `claude -p --output-format stream-json --verbose --dangerously-skip-permissions`. Writes prompt to stdin, reads NDJSON from stdout. Supports CancellationToken (kills process tree). - **ClaudeProcess** — spawns `claude -p --output-format stream-json --verbose --permission-mode auto` (or whatever permission mode the app settings specify). Writes prompt to stdin, reads NDJSON from stdout. Supports CancellationToken (kills process tree).
- **ClaudeArgsBuilder** — dynamically constructs CLI args; supports `--model`, `--append-system-prompt`, `--agents`, `--json-schema`, `--resume` - **ClaudeArgsBuilder** — dynamically constructs CLI args; supports `--model`, `--append-system-prompt`, `--agents`, `--json-schema`, `--resume`
- **StreamAnalyzer** — parses rich NDJSON output; extracts session_id, token counts, turn counts, result text, structured output. Replaces MessageParser. - **StreamAnalyzer** — parses rich NDJSON output; extracts session_id, token counts, turn counts, result text, structured output. Replaces MessageParser.
- **TaskResetService** — discards a failed task's worktree and resets the task row to Manual; preserves run history. - **TaskResetService** — discards a failed task's worktree and resets the task row to Manual; preserves run history.
@@ -64,5 +64,5 @@ Per-list config (`list_config` in DB) provides defaults for `model`, `system_pro
- The worker runs standalone — start it separately from the UI - The worker runs standalone — start it separately from the UI
- Only listens on loopback (127.0.0.1) - Only listens on loopback (127.0.0.1)
- ClaudeProcess uses `--dangerously-skip-permissions` — tasks run with full filesystem access - ClaudeProcess uses `--permission-mode auto` by default; legacy "bypassPermissions" settings are mapped to `auto` at dispatch time. `acceptEdits`, `plan`, and `default` pass through unchanged.
- Worktree branches follow `claudedo/{id}` naming convention - Worktree branches follow `claudedo/{id}` naming convention

10
src/ClaudeDo.Worker/Runner/ClaudeArgsBuilder.cs
View File

@@ -34,11 +34,11 @@ public sealed class ClaudeArgsBuilder
"--verbose", "--verbose",
}; };
var permissionMode = string.IsNullOrWhiteSpace(config.PermissionMode) ? "bypassPermissions" : config.PermissionMode; var permissionMode = string.IsNullOrWhiteSpace(config.PermissionMode)
if (permissionMode.Equals("bypassPermissions", StringComparison.OrdinalIgnoreCase)) || config.PermissionMode.Equals("bypassPermissions", StringComparison.OrdinalIgnoreCase)
args.Add("--dangerously-skip-permissions"); ? "auto"
else : config.PermissionMode;
args.Add($"--permission-mode {permissionMode}"); args.Add($"--permission-mode {permissionMode}");
if (config.Model is not null) if (config.Model is not null)
args.Add($"--model {config.Model}"); args.Add($"--model {config.Model}");

14
tests/ClaudeDo.Worker.Tests/Runner/ClaudeArgsBuilderTests.cs
View File

@@ -13,7 +13,8 @@ public sealed class ClaudeArgsBuilderTests
Assert.Contains("-p", args); Assert.Contains("-p", args);
Assert.Contains("--output-format stream-json", args); Assert.Contains("--output-format stream-json", args);
Assert.Contains("--verbose", args); Assert.Contains("--verbose", args);
Assert.Contains("--dangerously-skip-permissions", args); Assert.Contains("--permission-mode auto", args);
Assert.DoesNotContain("--dangerously-skip-permissions", args);
Assert.Contains("--json-schema", args); Assert.Contains("--json-schema", args);
Assert.DoesNotContain("--model", args); Assert.DoesNotContain("--model", args);
Assert.DoesNotContain("--append-system-prompt", args); Assert.DoesNotContain("--append-system-prompt", args);
@@ -110,11 +111,11 @@ public sealed class ClaudeArgsBuilderTests
} }
[Fact] [Fact]
public void PermissionMode_bypass_Keeps_DangerousFlag() public void PermissionMode_bypass_Maps_To_Auto()
{ {
var args = _builder.Build(new ClaudeRunConfig(null, null, null, null, PermissionMode: "bypassPermissions")); var args = _builder.Build(new ClaudeRunConfig(null, null, null, null, PermissionMode: "bypassPermissions"));
Assert.Contains("--dangerously-skip-permissions", args); Assert.Contains("--permission-mode auto", args);
Assert.DoesNotContain("--permission-mode", args); Assert.DoesNotContain("--dangerously-skip-permissions", args);
} }
[Fact] [Fact]
@@ -126,10 +127,11 @@ public sealed class ClaudeArgsBuilderTests
} }
[Fact] [Fact]
public void PermissionMode_Null_Defaults_To_BypassPermissions() public void PermissionMode_Null_Defaults_To_Auto()
{ {
var args = _builder.Build(new ClaudeRunConfig(null, null, null, null)); var args = _builder.Build(new ClaudeRunConfig(null, null, null, null));
Assert.Contains("--dangerously-skip-permissions", args); Assert.Contains("--permission-mode auto", args);
Assert.DoesNotContain("--dangerously-skip-permissions", args);
} }
} }