Skip to content

fix(framework): default the CLI to bypassPermissions so the headless loop can build/verify#226

Merged
suleimansh merged 1 commit into
mainfrom
suleimansh/fix/225-headless-permission-default
Jul 4, 2026
Merged

fix(framework): default the CLI to bypassPermissions so the headless loop can build/verify#226
suleimansh merged 1 commit into
mainfrom
suleimansh/fix/225-headless-permission-default

Conversation

@suleimansh

Copy link
Copy Markdown
Member

Every framework turn is a headless claude -p, which can't answer an interactive approval. The driver's library default (acceptEdits) auto-approves edits but not Bash, so installs/builds/tests get silently denied. The production-grade checklist tried npm run build / dev-boot, hit "Build needs interactive approval which isn't available", failed pass 1 as "could not be executed this session", and the loop ground on listing blockers it couldn't verify.

Fix: the framework CLI now defaults its Claude Code driver to bypassPermissions, so the full headless loop (install, build, test, dev-boot) runs unattended and the checklist verifies for real. --permission-mode still overrides (e.g. --permission-mode acceptEdits for the old conservative behavior), and --dangerously-skip-permissions still wins. The ClaudeCodeDriver library default is unchanged (still acceptEdits) — only the CLI opts up.

Verified:

  • acceptEdits denies npm run build headless; bypassPermissions runs it (isolated claude -p test).
  • New claudeDriverOptions() helper + unit test (default → bypassPermissions; --permission-mode wins; --dangerously-skip-permissions wins).
  • Real run against a Vike example with default flags: Bash runs in the build phase, zero approval blocks, exit 0. Framework 91 tests green.

Heads-up (security posture): this makes a default framework run an unattended agent that executes arbitrary Bash with no per-action approval gate — appropriate for a headless autonomous builder, but a permissive default. Flagging for your call; opt down with --permission-mode acceptEdits.

Closes #225.

…loop can build/verify

Every framework turn is a headless `claude -p`, which can't answer an interactive
approval. The driver's library default (acceptEdits) auto-approves edits but not
Bash, so installs/builds/tests were silently denied: the production-grade
checklist tried `npm run build` / dev-boot, hit 'Build needs interactive approval
which isn't available', failed pass 1, and the loop ground on unverifiable
blockers.

The framework CLI now defaults its Claude Code driver to bypassPermissions so the
full loop runs unattended and the checklist verifies for real. Overridable with
--permission-mode (e.g. acceptEdits for the old behavior); --dangerously-skip-permissions
still wins. The ClaudeCodeDriver library default is unchanged; only the CLI opts up.
Resolution extracted to claudeDriverOptions() with unit coverage.

Closes #225.
@suleimansh suleimansh added bug Something isn't working priority: high Should be addressed soon labels Jul 4, 2026
@suleimansh suleimansh self-assigned this Jul 4, 2026
@suleimansh suleimansh merged commit 45b13b2 into main Jul 4, 2026
2 checks passed
@suleimansh suleimansh deleted the suleimansh/fix/225-headless-permission-default branch July 4, 2026 22:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working priority: high Should be addressed soon

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Headless driver defaults to acceptEdits, so the checklist can't build/verify the app

1 participant