Non-sandboxed launch uses Claude auto-mode (and Codex equivalent)#349
Merged
Merged
Conversation
The unsandboxed (!wrap) arm of `spacedock claude`/`spacedock codex` started in the host's conservative default permission posture, paying a per-action prompting tax with no matching safety gain once the operator has accepted running without isolation. runClaude now injects `--permission-mode auto` and runCodex injects `--ask-for-approval on-request` (the captain-chosen codex analog, since codex has no single auto-mode flag) on the !wrap arm only. A new passthroughHasFlag helper suppresses injection when the operator already supplied the flag (`--flag value` / `--flag=value`, plus codex `-a`), and the injection rides the same non-resume gate as the bootstrap prompt so a resumed session is not forced into auto-mode. The sandboxed arms (--dangerously-skip-permissions / --dangerously-bypass-approvals-and-sandbox) are unchanged. `--ask-for-approval`/`-a` join codex's valueTakingHostFlags so an operator value is not misread as a stray positional. All co-edit exact-argv oracles across the package are folded into the same change; `go test ./internal/cli/` is green over the whole package. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
clkao
added a commit
that referenced
this pull request
Jun 13, 2026
clkao
added a commit
that referenced
this pull request
Jun 13, 2026
clkao
added a commit
that referenced
this pull request
Jun 13, 2026
clkao
added a commit
that referenced
this pull request
Jun 13, 2026
…w] (#355) * docs: slim README to front door + drop banned prose-grep test [yw] Wave 1 structural cleanup for the site-is-canonical doc architecture: - Remove internal/release/install_doc_test.go — a banned prose-grep that os.ReadFile'd docs/site/get-started/install.md and asserted author substrings. readInstallJourney was file-local; executableShellCommands stays (defined in workflow_exec_guard_test.go, 9 other call sites). - Slim README.md to the front-door skeleton: keep title + Why hook, What's different, Install, License, Contributing. Drop Quick start, How it works, Usage (now on the canonical site). - Install now links the published site https://spacedock.md/docs/ (site_url in mkdocs.yml), keeping the in-repo install.md as secondary. go test ./... green; install-journey grep-clean over live docs/code. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * docs: land the five 0.20.1 behaviors on canonical site pages [yw] Wave 2 behavior-doc pass — yw is the sole doc-owner; the five members shipped zero .md. Each behavior documented on its reverified anchor: - gj (#350): new `## --version` section in command-reference.md showing the version+contract line, the Sandbox: posture, and the per-runtime install/enablement block (wording exercised from `spacedock --version`). - te (#351): command-reference `## Setup` names the contract-compatible- but-behind opt-in upgrade hint (doctor + front-door print it; never blocks). - zrc (#349): command-reference `## Launch` names the unsandboxed posture — claude `--permission-mode auto`, codex `--ask-for-approval on-request`, vs the sandboxed skip/bypass. Scoped to claude/codex; pi injects none. - gp (#352): releasing.md made decouple-accurate — marketplace manifest moved to the standalone spacedock-dev/marketplace repo, no plugin-branch manifest, marketplace.json dropped from the release steps; build-from- source.md adds a spacedock-edge edge-channel user pointer. - 8p (#347): install.md Homebrew tab notes brew also installs agentsview; safehouse is installed separately. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * docs: rewrite --version section to match version-forward output (#354) [yw] #354 (da) replaced the enablement-jargon per-runtime block with a version-forward one. Rewrite the `## --version` section to match: - `<host>: spacedock <version>` when a plugin is installed - ` (disabled)` appended only when the host reports it disabled - `pi: spacedock ready` (pi launches from skills, no versioned plugin) - `<host>: spacedock not installed` when host present but no plugin - `<host>: not installed` when the host binary is absent Drops the obsolete "installed, spacedock enabled" / "enablement unknown" phrasing. Wording read from runtimeLine in internal/cli/host_runtime.go; example output built and exercised via `go build && ./spacedock --version`. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Unsandboxed
spacedock claude/codexlaunches now start in auto permission-mode, cutting approval friction the first officer doesn't need.What changed
--permission-mode autoon the unsandboxedspacedock claudelaunch arm.--ask-for-approval on-requeston the unsandboxedspacedock codexarm.--ask-for-approvalto codexvalueTakingHostFlags.Evidence
internal/cli292/292 (whole package); full repogo test ./...1263/1263.runClaude/runCodexover the fake-host seam per (wrap, operator-flag, resume).Review guidance
Change rewrites every unwrapped-launch exact-argv oracle; whole-package green is the proof none was left stale.
zrc