Skip to content

docs: update permissions documentation with wildcard and rule evaluation #8392

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
orangeswim wants to merge 3 commits into
base: dev
Choose a base branch
from
+62 −8
Open

docs: update permissions documentation with wildcard and rule evaluation #8392

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
791f7ca
docs: update permissions documentation with wildcard and rule evaluation
orangeswim Jan 14, 2026
1a4b5e3
Update permissions documentation for clarity
orangeswim Jan 14, 2026
43107b9
Fix JSON formatting and update default permission notes
orangeswim Jan 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
70 changes: 62 additions & 8 deletions packages/web/src/content/docs/permissions.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,12 +71,56 @@ Rules are evaluated by pattern match, with the **last matching rule winning**. A

### Wildcards

Permission patterns use simple wildcard matching:
Wildcards work on **both permission names and patterns**. They use simple wildcard matching:

- `*` matches zero or more of any character
- `?` matches exactly one character
- All other characters match literally

**Examples:**

```json title="opencode.json"
{
"permission": {
"*": "allow", // allow all tools by default (includes custom tools)
"web*": "deny", // deny all web tools
"websearch": "ask", // but ask for websearch
"math_add": "ask", // ask for custom tool
"bash": {
"git *": "allow", // allow git commands
"rm *": "deny" // deny rm commands
}
}
}
```

:::note
[Learn more](/docs/custom-tools) about creating and configuring custom tools.
:::

---

## Rule Evaluation

Within each permission object, **the last matching pattern wins**. Put catch-all `"*"` rules first, then specific overrides:

```json title="opencode.json"
{
"permission": {
"bash": {
"*": "allow", // catch-all first
"rm *": "deny" // specific override after
}
}
}
```

:::warning
**Never place `"*": "allow"` at the end** — it would match everything and override all previous rules!
:::

Agent permissions override global permissions. [Learn more](/docs/config#precedence-order) about how multiple config files are merged together.

---

## Available Permissions
Expand All @@ -102,25 +146,35 @@ OpenCode permissions are keyed by tool name, plus a couple of safety guards:

## Defaults

If you don’t specify anything, OpenCode starts from permissive defaults:

- Most permissions default to `"allow"`.
- `doom_loop` and `external_directory` default to `"ask"`.
- `read` is `"allow"`, but `.env` files are denied by default:
If you don't specify anything, OpenCode starts from these defaults:

```json title="opencode.json"
{
"permission": {
"*": "allow",
"doom_loop": "ask",
"external_directory": {
"*": "ask",
/* tool output allow, see implementation */
},
"question": "deny",
"plan_enter": "deny",
"plan_exit": "deny",
"read": {
"*": "allow",
"*.env": "deny",
"*.env.*": "deny",
"*.env": "ask",
"*.env.*": "ask",
"*.env.example": "allow"
}
}
}
```

- Most tools default to `"allow"`.
- `read` defaults to `"allow"`, but `.env` default to `"ask"`.
- `doom_loop` and `external_directory` default to `"ask"`.
- `question`, `plan_enter`, and `plan_exit` default to `"deny"`.

---

## What “Ask” Does
Expand Down