Conversation
This was referenced Mar 3, 2026
PR Checks Summary
|
There was a problem hiding this comment.
Pull request overview
Implements a stricter, explainable safety policy model by adding scoped persisted approvals and enforcing canonical path allowlists (especially for automation writes), while keeping legacy decision compatibility for existing consumers.
Changes:
- Extend the policy decision contract with structured explanation fields (
decision,matchedRules,scopeContext,reasonCodes) and add a legacy adapter. - Add scoped approval persistence (in-memory) with TTL + revocation, and integrate reuse logic into the policy engine.
- Enforce canonicalized path allowlists for guarded operations, plus new unit/integration test coverage and operator-facing documentation.
Reviewed changes
Copilot reviewed 18 out of 24 changed files in this pull request and generated 11 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/tool-registry.test.ts | Updates AGENTS automation write tests to include cwd + path allowlist enforcement and legacy outcome assertions. |
| tests/policy-engine.test.ts | Adds focused unit tests for scoped approvals, determinism, and path allowlist enforcement (incl. canonicalization failures). |
| tests/integration/policy-approval.integration.test.ts | Expands integration coverage for scoped approval reuse and allowlist boundary enforcement. |
| src/tools/schemas.ts | Exposes a ToolSideEffect type inferred from the zod enum. |
| src/tools/registry.ts | Plumbs cwd and approvalGranted into policy evaluation; adds policyOutcomeLegacy compatibility output. |
| src/policy/scoped-approvals.ts | Introduces an in-memory scoped approval store with exact-match lookup + revocation. |
| src/policy/schemas.ts | Expands policy schema (per-operation path allowlists, TTL) and decision schema (explanations + reason codes) with legacy conversion helper. |
| src/policy/reason-codes.ts | Adds a standardized reason-code taxonomy for policy outcomes. |
| src/policy/path-guard.ts | Adds command path extraction + canonicalization utilities and allowlist boundary checks. |
| src/policy/engine.ts | Reworks policy evaluation to enforce allowlists, reuse/expire/revoke scoped approvals, and emit deterministic explanation envelopes. |
| src/policy/defaults.ts | Adds defaults for new policy knobs (per-operation allowlists, allowlist enforcement ops, TTL). |
| src/cli/app.tsx | Adds fallback to legacy policy outcome payloads for CLI display/telemetry. |
| openspec/specs/scoped-persisted-approvals/spec.md | New spec describing scoped persisted approval requirements. |
| openspec/specs/path-allowlist-enforcement/spec.md | New spec describing canonical path allowlist enforcement requirements. |
| openspec/specs/explainable-policy-decisions/spec.md | New spec describing deterministic, explainable policy decision requirements. |
| openspec/changes/stronger-safety-model/tasks.md | Removes the active tasks document (archived). |
| openspec/changes/archive/2026-03-03-stronger-safety-model/tasks.md | Adds archived, completed task list for the stronger safety model change. |
| openspec/changes/archive/2026-03-03-stronger-safety-model/specs/scoped-persisted-approvals/spec.md | Archives the scoped approvals spec delta. |
| openspec/changes/archive/2026-03-03-stronger-safety-model/specs/path-allowlist-enforcement/spec.md | Archives the path allowlist enforcement spec delta. |
| openspec/changes/archive/2026-03-03-stronger-safety-model/specs/explainable-policy-decisions/spec.md | Archives the explainable decisions spec delta. |
| openspec/changes/archive/2026-03-03-stronger-safety-model/proposal.md | Archives proposal context and impact for the change. |
| openspec/changes/archive/2026-03-03-stronger-safety-model/design.md | Archives design/risks/migration plan for the change. |
| openspec/changes/archive/2026-03-03-stronger-safety-model/.openspec.yaml | Adds openspec archive metadata for the change. |
| docs/policy-safety-model.md | Adds operator-facing guidance for interpreting denials and configuring allowlists/scoped approvals. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
dubscode
changed the base branch from
test/broader-integration-coverage-and-pr-checks
to
main
…nd path allowlists Add explainable decision envelopes with reason codes, scoped persisted approval reuse/expiry/revocation, canonical path allowlist enforcement, legacy policy adapter compatibility, expanded policy integration tests, operator guidance docs, and archive/sync for stronger-safety-model OpenSpec change.
- always emit policyOutcomeLegacy from effective decision payloads - add explicit approval-scope-granted and missing-target-path reason codes - de-flake symlink tests, harden temp cleanup, and complete spec/doc purpose text
dubscode
force-pushed
the
feat/stronger-safety-model
branch
from
dd64c0b to
8df752f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
decision,matchedRules,scopeContext,reasonCodesstronger-safety-modelinto main specsKey Files
src/policy/engine.tssrc/policy/schemas.tssrc/policy/path-guard.tssrc/policy/scoped-approvals.tssrc/tools/registry.tstests/policy-engine.test.tstests/integration/policy-approval.integration.test.tsdocs/policy-safety-model.mdValidation
pnpm checks🥞 DubStack