Feat: Add MCP permission config #3258
Conversation
|
@Rienkim we are going to merge tools + permissions together so all of this will change soon. I will add a note here tho, don't feel pressured to update pr tho |
| edit: Config.Permission, | ||
| bash: z.record(z.string(), Config.Permission), | ||
| webfetch: Config.Permission.optional(), | ||
| mcp: z.record(z.string(), Config.Permission).optional(), |
There was a problem hiding this comment.
instead of "mcp" i think permissions need to handle wildcards exactly like tools, so instead of introducing an mcp object it would just be handle the "" or "context7" wildcards and enforce the permissions accordingly much like tools
Rienkim
force-pushed
the
mcp-permission
branch
from
1ba4c14 to
aad3d11
Compare
| edit: Permission.optional(), | ||
| bash: z.union([Permission, z.record(z.string(), Permission)]).optional(), | ||
| webfetch: Permission.optional(), | ||
| mcp: z.union([Permission, z.record(z.string(), Permission)]).optional(), |
There was a problem hiding this comment.
sorry if i wasnt being clear :)
What i was saying was that instead of adding "mcp" here, you could add a catchall(...) in here:
permission: z
.object({
edit: Permission.optional(),
bash: z.union([Permission, z.record(z.string(), Permission)]).optional(),
webfetch: Permission.optional(),
})
.optional(),
That way permissions function similar to tools:
tools: z.record(z.string(), z.boolean()).optional(),
There was a problem hiding this comment.
because mcp things are same as any other tool, there are also custom tools, etc
3 participants
Below issues mention MCP permission config.
#2748
#2899
If you are working on a fundamental design change that includes this feature, please close this issue.