chore(amazonq): revert for emergency reverts for auto-approve feature (aws#1973)

* Revert "revert: revert for all commits for emergency deployment (aws#1966)"

This reverts commit 519f75d.

* Revert "fix(amazonq): revert commit f17b631 (aws#1965)"

This reverts commit 8c2cab6.

* fix: fix for CI test failure

Author: ashishrp-aws

chat-client/src/client/tabs/tabFactory.ts

@@ -187,7 +187,7 @@ export class TabFactory {
             tabBarButtons.push({
                 id: McpServerTabButtonId,
                 icon: MynahIcons.TOOLS,
-                description: 'Configure MCP servers',
+                description: 'Configure MCP servers and Built-in tools',
             })
         }
 

server/aws-lsp-codewhisperer/src/language-server/agenticChat/agenticChatController.ts

@@ -185,6 +185,9 @@ import {
     DEFAULT_WINDOW_REJECT_SHORTCUT,
     DEFAULT_MACOS_STOP_SHORTCUT,
     DEFAULT_WINDOW_STOP_SHORTCUT,
+    OUT_OF_WORKSPACE_WARNING_MSG,
+    CREDENTIAL_FILE_WARNING_MSG,
+    BINARY_FILE_WARNING_MSG,
 } from './constants/constants'
 import {
     AgenticChatError,
@@ -1692,9 +1695,9 @@ export class AgenticChatController implements ChatHandlers {
                         const tool = new Tool(this.#features)
 
                         // For MCP tools, get the permission from McpManager
-                        // const permission = McpManager.instance.getToolPerm('Built-in', toolUse.name)
+                        const permission = McpManager.instance.getToolPerm('Built-in', toolUse.name)
                         // If permission is 'alwaysAllow', we don't need to ask for acceptance
-                        // const builtInPermission = permission !== 'alwaysAllow'
+                        const builtInPermission = permission !== 'alwaysAllow'
 
                         // Get the approved paths from the session
                         const approvedPaths = session.approvedPaths
@@ -1705,19 +1708,40 @@ export class AgenticChatController implements ChatHandlers {
                             approvedPaths
                         )
 
+                        const isExecuteBash = toolUse.name === EXECUTE_BASH
+
+                        // check if tool execution's path is out of workspace
+                        const isOutOfWorkSpace = warning === OUT_OF_WORKSPACE_WARNING_MSG
+                        // check if tool involved secured files
+                        const isSecuredFilesInvoled =
+                            warning === BINARY_FILE_WARNING_MSG || warning === CREDENTIAL_FILE_WARNING_MSG
+
                         // Honor built-in permission if available, otherwise use tool's requiresAcceptance
-                        // const requiresAcceptance = builtInPermission || toolRequiresAcceptance
+                        let toolRequiresAcceptance =
+                            (builtInPermission || isOutOfWorkSpace || isSecuredFilesInvoled) ?? requiresAcceptance
+
+                        // if the command is read-only and in-workspace --> flip back to no approval needed
+                        if (
+                            isExecuteBash &&
+                            commandCategory === CommandCategory.ReadOnly &&
+                            !isOutOfWorkSpace &&
+                            !requiresAcceptance
+                        ) {
+                            toolRequiresAcceptance = false
+                        }
 
-                        if (requiresAcceptance || toolUse.name === EXECUTE_BASH) {
+                        if (toolRequiresAcceptance || isExecuteBash) {
                             // for executeBash, we till send the confirmation message without action buttons
                             const confirmationResult = this.#processToolConfirmation(
                                 toolUse,
-                                requiresAcceptance,
+                                toolRequiresAcceptance,
                                 warning,
-                                commandCategory
+                                commandCategory,
+                                toolUse.name,
+                                builtInPermission
                             )
                             cachedButtonBlockId = await chatResultStream.writeResultBlock(confirmationResult)
-                            const isExecuteBash = toolUse.name === EXECUTE_BASH
+
                             if (isExecuteBash) {
                                 this.#telemetryController.emitInteractWithAgenticChat(
                                     'GeneratedCommand',
@@ -1728,7 +1752,7 @@ export class AgenticChatController implements ChatHandlers {
                                     this.#abTestingAllocation?.userVariation
                                 )
                             }
-                            if (requiresAcceptance) {
+                            if (toolRequiresAcceptance) {
                                 await this.waitForToolApproval(
                                     toolUse,
                                     chatResultStream,
@@ -2699,7 +2723,7 @@ export class AgenticChatController implements ChatHandlers {
                     body = builtInPermission
                         ? `I need permission to read files.\n${formattedPaths.join('\n')}`
                         : `I need permission to read files outside the workspace.\n${formattedPaths.join('\n')}`
-                } else {
+                } else if (toolName === 'listDirectory') {
                     const readFilePath = (toolUse.input as unknown as ListDirectoryParams).path
 
                     // Validate the path using our synchronous utility
@@ -2709,6 +2733,11 @@ export class AgenticChatController implements ChatHandlers {
                     body = builtInPermission
                         ? `I need permission to list directories.\n\`${readFilePath}\``
                         : `I need permission to list directories outside the workspace.\n\`${readFilePath}\``
+                } else {
+                    const readFilePath = (toolUse.input as unknown as ListDirectoryParams).path
+                    body = builtInPermission
+                        ? `I need permission to search files.\n\`${readFilePath}\``
+                        : `I need permission to search files outside the workspace.\n\`${readFilePath}\``
                 }
                 break
             }

server/aws-lsp-codewhisperer/src/language-server/agenticChat/constants/constants.ts

@@ -88,3 +88,11 @@ export const DEFAULT_LINUX_STOP_SHORTCUT = 'Meta + ⇧ + ⌫'
 export const DEFAULT_MACOS_REJECT_SHORTCUT = '⇧ ⌘ R'
 export const DEFAULT_WINDOW_REJECT_SHORTCUT = 'Ctrl + ⇧ + R'
 export const DEFAULT_LINUX_REJECT_SHORTCUT = 'Meta + ⇧ + R'
+
+// Warning Message Constants
+export const DESTRUCTIVE_COMMAND_WARNING_MSG = 'WARNING: Potentially destructive command detected:\n\n'
+export const MUTATE_COMMAND_WARNING_MSG = 'Mutation command:\n\n'
+export const OUT_OF_WORKSPACE_WARNING_MSG = 'Execution out of workspace scope:\n\n'
+export const CREDENTIAL_FILE_WARNING_MSG =
+    'WARNING: Command involves credential files that require secure permissions:\n\n'
+export const BINARY_FILE_WARNING_MSG = 'WARNING: Command involves binary files that require secure permissions:\n\n'

server/aws-lsp-codewhisperer/src/language-server/agenticChat/tools/executeBash.ts

@@ -13,6 +13,15 @@ import { getWorkspaceFolderPaths } from '@aws/lsp-core/out/util/workspaceUtils'
 // eslint-disable-next-line import/no-nodejs-modules
 import { existsSync, statSync } from 'fs'
 
+// Warning message
+import {
+    BINARY_FILE_WARNING_MSG,
+    CREDENTIAL_FILE_WARNING_MSG,
+    DESTRUCTIVE_COMMAND_WARNING_MSG,
+    MUTATE_COMMAND_WARNING_MSG,
+    OUT_OF_WORKSPACE_WARNING_MSG,
+} from '../constants/constants'
+
 export enum CommandCategory {
     ReadOnly,
     Mutate,
@@ -108,12 +117,6 @@ export const commandCategories = new Map<string, CommandCategory>([
 ])
 export const maxToolResponseSize: number = 1024 * 1024 // 1MB
 export const lineCount: number = 1024
-export const destructiveCommandWarningMessage = 'WARNING: Potentially destructive command detected:\n\n'
-export const mutateCommandWarningMessage = 'Mutation command:\n\n'
-export const outOfWorkspaceWarningmessage = 'Execution out of workspace scope:\n\n'
-export const credentialFileWarningMessage =
-    'WARNING: Command involves credential files that require secure permissions:\n\n'
-export const binaryFileWarningMessage = 'WARNING: Command involves binary files that require secure permissions:\n\n'
 
 /**
  * Parameters for executing a command on the system shell.
@@ -232,7 +235,7 @@ export class ExecuteBash {
                             // Treat tilde paths as absolute paths (they will be expanded by the shell)
                             return {
                                 requiresAcceptance: true,
-                                warning: destructiveCommandWarningMessage,
+                                warning: DESTRUCTIVE_COMMAND_WARNING_MSG,
                                 commandCategory: CommandCategory.Destructive,
                             }
                         } else if (!isAbsolute(arg) && params.cwd) {
@@ -255,7 +258,7 @@ export class ExecuteBash {
                                     this.logging.info(`Detected credential file in command: ${fullPath}`)
                                     return {
                                         requiresAcceptance: true,
-                                        warning: credentialFileWarningMessage,
+                                        warning: CREDENTIAL_FILE_WARNING_MSG,
                                         commandCategory: CommandCategory.Mutate,
                                     }
                                 }
@@ -265,7 +268,7 @@ export class ExecuteBash {
                                     this.logging.info(`Detected binary file in command: ${fullPath}`)
                                     return {
                                         requiresAcceptance: true,
-                                        warning: binaryFileWarningMessage,
+                                        warning: BINARY_FILE_WARNING_MSG,
                                         commandCategory: CommandCategory.Mutate,
                                     }
                                 }
@@ -282,7 +285,7 @@ export class ExecuteBash {
                         if (!isInWorkspace) {
                             return {
                                 requiresAcceptance: true,
-                                warning: outOfWorkspaceWarningmessage,
+                                warning: OUT_OF_WORKSPACE_WARNING_MSG,
                                 commandCategory: highestCommandCategory,
                             }
                         }
@@ -306,13 +309,13 @@ export class ExecuteBash {
                     case CommandCategory.Destructive:
                         return {
                             requiresAcceptance: true,
-                            warning: destructiveCommandWarningMessage,
+                            warning: DESTRUCTIVE_COMMAND_WARNING_MSG,
                             commandCategory: CommandCategory.Destructive,
                         }
                     case CommandCategory.Mutate:
                         return {
                             requiresAcceptance: true,
-                            warning: mutateCommandWarningMessage,
+                            warning: MUTATE_COMMAND_WARNING_MSG,
                             commandCategory: CommandCategory.Mutate,
                         }
                     case CommandCategory.ReadOnly:
@@ -334,7 +337,7 @@ export class ExecuteBash {
                     if (!workspaceFolders || workspaceFolders.length === 0) {
                         return {
                             requiresAcceptance: true,
-                            warning: outOfWorkspaceWarningmessage,
+                            warning: OUT_OF_WORKSPACE_WARNING_MSG,
                             commandCategory: highestCommandCategory,
                         }
                     }
@@ -351,7 +354,7 @@ export class ExecuteBash {
                     if (!isInWorkspace) {
                         return {
                             requiresAcceptance: true,
-                            warning: outOfWorkspaceWarningmessage,
+                            warning: OUT_OF_WORKSPACE_WARNING_MSG,
                             commandCategory: highestCommandCategory,
                         }
                     }

server/aws-lsp-codewhisperer/src/language-server/agenticChat/tools/grepSearch.ts

@@ -7,6 +7,7 @@ import { ChildProcess, ChildProcessOptions } from '@aws/lsp-core/out/util/proces
 import path = require('path')
 import { dirname } from 'path'
 import { pathToFileURL } from 'url'
+import { OUT_OF_WORKSPACE_WARNING_MSG } from '../constants/constants'
 
 export interface GrepSearchParams {
     path?: string
@@ -81,7 +82,8 @@ export class GrepSearch {
 
     public async requiresAcceptance(params: GrepSearchParams): Promise<CommandValidation> {
         const path = this.getSearchDirectory(params.path)
-        return { requiresAcceptance: !workspaceUtils.isInWorkspace(getWorkspaceFolderPaths(this.workspace), path) }
+        const isInWorkspace = workspaceUtils.isInWorkspace(getWorkspaceFolderPaths(this.workspace), path)
+        return { requiresAcceptance: !isInWorkspace, warning: !isInWorkspace ? OUT_OF_WORKSPACE_WARNING_MSG : '' }
     }
 
     public async invoke(params: GrepSearchParams, token?: CancellationToken): Promise<InvokeOutput> {

server/aws-lsp-codewhisperer/src/language-server/agenticChat/tools/mcp/mcpEventHandler.test.ts

@@ -49,6 +49,7 @@ describe('McpEventHandler error handling', () => {
             },
             agent: {
                 getTools: sinon.stub().returns([]),
+                getBuiltInToolNames: sinon.stub().returns([]),
             },
             lsp: {},
             telemetry: {