Merge branch 'main' into roo-v3.36.6

Author: kevinvandijk

.changeset/all-things-cough.md

@@ -0,0 +1,5 @@
+---
+"kilo-code": patch
+---
+
+Add GLM-4.6V model support for z.ai provider

.changeset/every-knives-dig.md

@@ -0,0 +1,5 @@
+---
+"@kilocode/cli": patch
+---
+
+Default read permissions now require approval for read operations outside the workspace

.changeset/loud-lights-build.md

@@ -0,0 +1,5 @@
+---
+"kilo-code": minor
+---
+
+Added gemini-3-flash-preview model

.changeset/wacky-lions-kiss.md

@@ -0,0 +1,5 @@
+---
+"kilo-code": patch
+---
+
+Change the default value of auto-approval for reading outside workspace to false

apps/kilocode-docs/docs/cli.md

@@ -218,65 +218,19 @@ kilocode --parallel --auto "improve xyz"
 kilocode --parallel --auto "improve abc"
 ```
 
-## Autonomous mode (Non-Interactive)
-
-Autonomous mode allows Kilo Code to run in automated environments like CI/CD pipelines without requiring user interaction.
-
-```bash
-# Run in autonomous mode with a prompt
-kilocode --auto "Implement feature X"
-
-# Run in autonomous mode with piped input
-echo "Fix the bug in app.ts" | kilocode --auto
-
-# Run in autonomous mode with timeout (in seconds)
-kilocode --auto "Run tests" --timeout 300
-
-# Run in autonomous mode with JSON output for structured parsing
-kilocode --auto --json "Implement feature X"
-```
-
-### Autonomous Mode Behavior
-
-When running in Autonomous mode (`--auto` flag):
-
-1. **No User Interaction**: All approval requests are handled automatically based on configuration
-2. **Auto-Approval/Rejection**: Operations are approved or rejected based on your auto-approval settings
-3. **Follow-up Questions**: Automatically responded with a message instructing the AI to make autonomous decisions
-4. **Automatic Exit**: The CLI exits automatically when the task completes or times out
-
-### JSON Output Mode
+## Auto-approval settings
 
-Use the `--json` flag with `--auto` to get structured JSON output instead of the default terminal UI. This is useful for programmatic integration and parsing of Kilo Code responses.
+Auto-approval allows the Kilo Code CLI to perform operations without first requiring user confirmation. These settings can either be built up over time in interactive mode, or by editing your config file using `kilocode config` or editing the file directly at `~/.kilocode/config.json`.
 
-```bash
-# Standard autonomous mode with terminal UI
-kilocode --auto "Fix the bug"
-
-# Autonomous mode with JSON output
-kilocode --auto --json "Fix the bug"
-
-# With piped input
-echo "Implement feature X" | kilocode --auto --json
-```
-
-**Requirements:**
-
-- The `--json` flag requires `--auto` mode to be enabled
-- Output is sent to stdout as structured JSON for easy parsing
-- Ideal for CI/CD pipelines and automated workflows
-
-### Auto-Approval Configuration
-
-Autonomous mode respects your auto-approval configuration. Edit your config file with `kilocode config` to customize:
+### Default auto-approval settings
 
 ```json
 {
 	"autoApproval": {
 		"enabled": true,
 		"read": {
 			"enabled": true,
-			"outside": true
+			"outside": false
 		},
 		"write": {
 			"enabled": true,
@@ -359,6 +313,12 @@ The `execute.allowed` and `execute.denied` lists support hierarchical pattern ma
 }
 ```
 
+## Interactive Mode
+
+Interactive mode is the default mode when running Kilo Code without the `--auto` flag, designed to work interactively with a user through the console.
+
+In interactive mode Kilo Code will request approval for operations which have not been auto-approved, allowing the user to review and approve operations before they are executed, and optionally add them to the auto-approval list.
+
 ### Interactive Command Approval
 
 When running in interactive mode, command approval requests now show hierarchical options:
@@ -380,6 +340,58 @@ Selecting an "Always run" option will:
 
 This allows you to progressively build your auto-approval rules without manually editing the config file.
 
+## Autonomous mode (Non-Interactive)
+
+Autonomous mode allows Kilo Code to run in automated environments like CI/CD pipelines without requiring user interaction.
+
+```bash
+# Run in autonomous mode with a prompt
+kilocode --auto "Implement feature X"
+
+# Run in autonomous mode with piped input
+echo "Fix the bug in app.ts" | kilocode --auto
+
+# Run in autonomous mode with timeout (in seconds)
+kilocode --auto "Run tests" --timeout 300
+
+# Run in autonomous mode with JSON output for structured parsing
+kilocode --auto --json "Implement feature X"
+```
+
+### Autonomous Mode Behavior
+
+When running in Autonomous mode (`--auto` flag):
+
+1. **No User Interaction**: All approval requests are handled automatically based on configuration
+2. **Auto-Approval/Rejection**: Operations are approved or rejected based on your auto-approval settings
+3. **Follow-up Questions**: Automatically responded with a message instructing the AI to make autonomous decisions
+4. **Automatic Exit**: The CLI exits automatically when the task completes or times out
+
+### JSON Output Mode
+
+Use the `--json` flag with `--auto` to get structured JSON output instead of the default terminal UI. This is useful for programmatic integration and parsing of Kilo Code responses.
+
+```bash
+# Standard autonomous mode with terminal UI
+kilocode --auto "Fix the bug"
+
+# Autonomous mode with JSON output
+kilocode --auto --json "Fix the bug"
+
+# With piped input
+echo "Implement feature X" | kilocode --auto --json
+```
+
+**Requirements:**
+
+- The `--json` flag requires `--auto` mode to be enabled
+- Output is sent to stdout as structured JSON for easy parsing
+- Ideal for CI/CD pipelines and automated workflows
+
+### Auto-Approval in Autonomous Mode
+
+Autonomous mode respects your [auto-approval configuration](#auto-approval-settings). Operations which are not auto-approved will not be allowed.
+
 ### Autonomous Mode Follow-up Questions
 
 In Autonomous mode, when the AI asks a follow-up question, it receives this response:

apps/kilocode-docs/docs/features/auto-approving-actions.md

@@ -80,6 +80,22 @@ _Complete settings panel view_
 **Risk level:** Medium
 
 While this setting only allows reading files (not modifying them), it could potentially expose sensitive data. Still recommended as a starting point for most users, but be mindful of what files Kilo Code can access.
+
+#### Read Outside Workspace
+
+**Setting:** "Allow reading files outside the workspace"
+
+**Description:** "When enabled, Kilo Code can read files outside the current workspace directory without asking for approval."
+
+**Risk level:** Medium-High
+
+This setting extends read permissions beyond your project folder. Consider the security implications:
+
+- Kilo Code could access sensitive files in your home directory
+- Configuration files, SSH keys, or credentials could be read
+- Only enable if you trust the AI and need it to access external files
+
+**Recommendation:** Keep disabled unless you specifically need Kilo Code to read files outside your project.
 :::
 
 ### Write Operations
@@ -102,25 +118,52 @@ This setting allows Kilo Code to modify your files without confirmation. The del
 - Lower values: Use only when speed is critical and you're in a controlled environment
 - Zero: No delay for diagnostics (not recommended for critical code)
 
-#### Write Delay & Problems Pane Integration
+#### Write Outside Workspace
 
-<img src="/docs/img/auto-approving-actions/auto-approving-actions-5.png" alt="VSCode Problems pane showing diagnostic information" width="600" />
+**Setting:** "Allow writing files outside the workspace"
 
-_VSCode Problems pane that Kilo Code checks during the write delay_
+**Description:** "When enabled, Kilo Code can create or modify files outside the current workspace directory without asking for approval."
 
-When you enable auto-approval for writing files, the delay timer works with VSCode's Problems pane:
+**Risk level:** Very High
 
-1. Kilo Code makes a change to your file
-2. VSCode's diagnostic tools analyze the change
-3. The Problems pane updates with any errors or warnings
-4. Kilo Code notices these issues before continuing
+Use with caution and in controlled environments. It allows Kilo Code to:
 
-This works like a human developer pausing to check for errors after changing code. You can adjust the delay time based on:
+- Modify your shell configuration files
+- Change system configurations
+- Write to any location your user has access to
 
-- Project complexity
-- Language server speed
-- How important error detection is for your workflow
-  :::
+**Recommendation:** Keep disabled unless absolutely necessary. Even experienced users should avoid this setting.
+
+#### Write to Protected Files
+
+**Setting:** "Allow writing to protected files"
+
+**Description:** "When enabled, Kilo Code can overwrite or modify files that are normally protected by the `.kilocodeignore` file."
+
+**Risk level:** Very High
+
+Protected files are intentionally shielded from modification. Enable only if you understand the consequences.
+
+### Delete Operations
+
+:::danger Delete Operations
+
+**Setting:** "Always approve delete operations"
+
+**Description:** "Automatically delete files and directories without requiring approval"
+
+**Risk level:** Very High
+
+This setting allows Kilo Code to permanently remove files without confirmation.
+
+**Safeguards:**
+
+- Kilo Code still respects `.kilocodeignore` rules
+- Protected files cannot be deleted
+- The delete tool shows what will be removed before execution
+
+**Recommendation:** Enable only in isolated environments or when working with temporary/generated files. Always ensure you have backups, checkpoints, or version control.
+:::
 
 ### Browser Actions
 
@@ -153,11 +196,11 @@ Consider the security implications of allowing automated browser access.
 
 **Description:** "Automatically retry failed API requests when server returns an error response"
 
-**Delay slider:** "Delay before retrying the request" (Default: 5s)
-
 **Risk level:** Low
 
-This setting automatically retries API calls when they fail. The delay controls how long Kilo Code waits before trying again:
+This setting automatically retries API calls when they fail.
+
+The delay controls how long Kilo Code waits before trying again:
 
 - Longer delays are gentler on API rate limits
 - Shorter delays give faster recovery from transient errors
@@ -214,23 +257,34 @@ Enables Kilo Code to create and complete subtasks automatically. This relates to
 
 **Description:** "Automatically execute allowed terminal commands without requiring approval"
 
-**Command management:** "Command prefixes that can be auto-executed when 'Always approve execute operations' is enabled. Add \* to allow all commands (use with caution)."
-
 **Risk level:** High
 
-This setting allows terminal command execution with controls. While risky, the whitelist feature limits what commands can run. Important security features:
+This setting allows terminal command execution with controls. While risky, the allowlist and denylist features limit what commands can run.
 
-- Whitelist specific command prefixes (recommended)
+- Allowlist specific command prefixes (recommended)
 - Never use \* wildcard in production or with sensitive data
 - Consider security implications of each allowed command
+- Consider including potentially dangerous common commands in the deny list
 - Always verify commands that interact with external systems
 
+#### Allowed Commands
+
+**Setting:** "Command prefixes that can be auto-executed"
+
+Add command prefixes (e.g., `git`, `npm`, `ls`) that Kilo Code can run without asking. Use `*` to allow all commands (use with caution).
+
 **Interface elements:**
 
 - Text field to enter command prefixes (e.g., 'git')
 - "Add" button to add new prefixes
 - Clickable command buttons with X to remove them
-  :::
+
+#### Denied Commands
+
+**Setting:** "Command prefixes that are always blocked"
+
+Commands in this list will never run, even if `*` is in the allowed list. Use this to create exceptions for potentially dangerous commands.
+:::
 
 ### Follow-Up Questions
 
@@ -240,9 +294,9 @@ This setting allows terminal command execution with controls. While risky, the w
 
 **Description:** Automatically selects the first AI-suggested answer for a follow-up question after a configurable timeout. This speeds up your workflow by letting Kilo Code proceed without manual intervention.
 
-**Visual countdown:** When enabled, a countdown timer appears on the first suggestion button, showing the remaining time before auto-selection. The timer is displayed as a circular progress indicator that depletes as time passes.
+**Visual countdown:** When enabled, a countdown timer appears on the first suggestion button in the chat interface, showing the remaining time before auto-selection. The timer displays seconds remaining (e.g., "3s") and counts down in real-time.
 
-**Timeout slider:** Use the slider to set the wait time from 1 to 300 seconds (Default: 60s).
+**Timeout slider:** Use the slider to set the wait time (Range: 1-300 seconds, Default: 60s).
 
 **Override options:** You can cancel the auto-selection at any time by:
 
@@ -277,13 +331,6 @@ This setting allows Kilo Code to automatically update task progress and todo lis
 - Updating task status (pending, in progress, completed)
 - Reorganizing task priorities
 
-**Benefits:**
-
-- Maintains real-time task progress visibility
-- Reduces interruptions during multi-step workflows
-- Keeps project status accurately reflected
-- Helps track complex task dependencies
-
 **Use cases:**
 
 - Long-running development sessions
@@ -294,7 +341,7 @@ This setting allows Kilo Code to automatically update task progress and todo lis
 This is particularly useful when combined with the Subtasks permission, as it allows Kilo Code to maintain a complete picture of project progress without constant approval requests.
 :::
 
-## YOLO mode
+## YOLO Mode
 
 :::danger YOLO Mode (Risk: Maximum)