Skip to content

Add logic to prevent auto-approving edits of configuration files #4667

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jun 13, 2025
Merged

Add logic to prevent auto-approving edits of configuration files #4667

merged 4 commits into from
Jun 13, 2025

Conversation

@mrubens
Copy link
Collaborator

@mrubens mrubens commented Jun 13, 2025
edited by ellipsis-dev bot
Loading

By default, Roo shouldn't be able to write to configuration files like .roo/mcp.json even if auto-approve writes is enabled. This PR adds a configuration option to toggle this within the auto-approved writes, similar to how we handle writes outside of the workspace.

Screenshot 2025-06-13 at 4 21 38 PM Screenshot 2025-06-13 at 4 21 28 PM

Important

Adds logic to prevent auto-approving edits to protected configuration files by introducing a new configuration option and updating related components.

  • Behavior:
    • Adds alwaysAllowWriteProtected option to prevent auto-approving edits to protected files like .roo/mcp.json.
    • Updates presentAssistantMessage() in presentAssistantMessage.ts to handle isProtected flag.
    • Modifies insertContentTool(), listFilesTool(), multiApplyDiffTool(), searchAndReplaceTool(), and writeToFileTool() to check for write protection.
  • Models:
    • Introduces RooProtectedController in RooProtectedController.ts to manage protected file patterns.
    • Adds tests for RooProtectedController in RooProtectedController.spec.ts.
  • UI:
    • Updates AutoApproveSettings.tsx to include alwaysAllowWriteProtected checkbox.
    • Modifies ChatRow.tsx to display lock icon for protected files.
    • Updates i18n files to include translations for new settings and messages related to protected files.

This description was created by Ellipsis for cd4d8a3. You can customize this summary. It will automatically update as commits are pushed.

@mrubens mrubens requested review from cte and jr as code owners June 13, 2025 20:23
@dosubot dosubot bot added size:L This PR changes 100-499 lines, ignoring generated files. enhancement New feature or request labels Jun 13, 2025
@hannesrudolph hannesrudolph added the Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. label Jun 13, 2025
@daniel-lxs
Copy link
Member

daniel-lxs commented Jun 13, 2025
edited
Loading

It might be interesting to extend this to a file like it's proposed here: #4632

Edit: I see that you already started working on it.

daniel-lxs
daniel-lxs reviewed Jun 13, 2025
View reviewed changes
@daniel-lxs daniel-lxs moved this from Triage to PR [Draft / In Progress] in Roo Code Roadmap Jun 13, 2025
@hannesrudolph hannesrudolph added PR - Draft / In Progress and removed Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. labels Jun 13, 2025
cte
cte approved these changes Jun 13, 2025
View reviewed changes
Copy link
Collaborator

@cte cte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Jun 13, 2025
@mrubens mrubens merged commit 7d0b22f into main Jun 13, 2025
13 checks passed
@mrubens mrubens deleted the protected_files branch June 13, 2025 23:58
@github-project-automation github-project-automation bot moved this from New to Done in Roo Code Roadmap Jun 13, 2025
@github-project-automation github-project-automation bot moved this from PR [Draft / In Progress] to Done in Roo Code Roadmap Jun 13, 2025
cte pushed a commit that referenced this pull request Jun 24, 2025
@mrubens @cte
Add logic to prevent auto-approving edits of configuration files (#4667)
e247085 
* Add logic to prevent auto-approving edits of configuration files

* Fix tests

* Update patterns
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@daniel-lxs daniel-lxs daniel-lxs left review comments

@jr jr jr approved these changes

@cte cte cte approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request lgtm This PR has been approved by a maintainer PR - Draft / In Progress size:L This PR changes 100-499 lines, ignoring generated files.

Projects

Roo Code Roadmap
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@mrubens @daniel-lxs @jr @cte @hannesrudolph