fix: implement proper version-aware permission format for OpenCode v1.1.1

- Rewrite permission-compat.ts with runtime version detection
- createAgentToolRestrictions() returns correct format per version
- v1.1.1+ uses permission format, older uses tools format
- Add migrateToolsToPermission/migratePermissionToTools helpers
- Update test suite for new API

🤖 Generated with assistance of OhMyOpenCode
https://github.com/code-yeongyu/oh-my-opencode

src/shared/permission-compat.test.ts

@@ -1,161 +1,158 @@
-import { describe, test, expect } from "bun:test"
+import { describe, test, expect, beforeEach, afterEach } from "bun:test"
 import {
-  createToolDenyList,
+  createAgentToolRestrictions,
-  permissionValueToBoolean,
+  migrateToolsToPermission,
-  booleanToPermissionValue,
+  migratePermissionToTools,
-  convertToolsToPermission,
+  migrateAgentConfig,
-  convertPermissionToTools,
-  createAgentRestrictions,
 } from "./permission-compat"
+import { setVersionCache, resetVersionCache } from "./opencode-version"
 
 describe("permission-compat", () => {
-  describe("createToolDenyList", () => {
+  beforeEach(() => {
-    test("creates tools config with all values false", () => {
+    resetVersionCache()
-      // #given a list of tool names
-      const tools = ["write", "edit", "task"]
-
-      // #when creating deny list
-      const result = createToolDenyList(tools)
-
-      // #then all values are false
-      expect(result).toEqual({ write: false, edit: false, task: false })
   })
 
-    test("returns empty object for empty array", () => {
+  afterEach(() => {
-      // #given empty array
+    resetVersionCache()
-      // #when creating deny list
+  })
-      const result = createToolDenyList([])
 
-      // #then returns empty object
+  describe("createAgentToolRestrictions", () => {
-      expect(result).toEqual({})
+    test("returns permission format for v1.1.1+", () => {
+      // #given version is 1.1.1
+      setVersionCache("1.1.1")
+
+      // #when creating restrictions
+      const result = createAgentToolRestrictions(["write", "edit"])
+
+      // #then returns permission format
+      expect(result).toEqual({
+        permission: { write: "deny", edit: "deny" },
       })
     })
 
-  describe("permissionValueToBoolean", () => {
+    test("returns tools format for versions below 1.1.1", () => {
-    test("converts allow to true", () => {
+      // #given version is below 1.1.1
-      expect(permissionValueToBoolean("allow")).toBe(true)
+      setVersionCache("1.0.150")
-    })
 
-    test("converts deny to false", () => {
+      // #when creating restrictions
-      expect(permissionValueToBoolean("deny")).toBe(false)
+      const result = createAgentToolRestrictions(["write", "edit"])
-    })
 
-    test("converts ask to false", () => {
+      // #then returns tools format
-      expect(permissionValueToBoolean("ask")).toBe(false)
+      expect(result).toEqual({
+        tools: { write: false, edit: false },
       })
     })
 
-  describe("booleanToPermissionValue", () => {
+    test("assumes new format when version unknown", () => {
-    test("converts true to allow", () => {
+      // #given version is null
-      expect(booleanToPermissionValue(true)).toBe("allow")
+      setVersionCache(null)
-    })
 
-    test("converts false to deny", () => {
+      // #when creating restrictions
-      expect(booleanToPermissionValue(false)).toBe("deny")
+      const result = createAgentToolRestrictions(["write"])
+
+      // #then returns permission format (assumes new version)
+      expect(result).toEqual({
+        permission: { write: "deny" },
+      })
     })
   })
 
-  describe("convertToolsToPermission", () => {
+  describe("migrateToolsToPermission", () => {
-    test("converts boolean tools config to permission format", () => {
+    test("converts boolean tools to permission values", () => {
-      // #given tools config with booleans
+      // #given tools config
       const tools = { write: false, edit: true, bash: false }
 
-      // #when converting to permission
+      // #when migrating
-      const result = convertToolsToPermission(tools)
+      const result = migrateToolsToPermission(tools)
 
-      // #then converts to permission values
+      // #then converts correctly
-      expect(result).toEqual({ write: "deny", edit: "allow", bash: "deny" })
+      expect(result).toEqual({
+        write: "deny",
+        edit: "allow",
+        bash: "deny",
       })
-
-    test("handles empty tools config", () => {
-      // #given empty config
-      // #when converting
-      const result = convertToolsToPermission({})
-
-      // #then returns empty object
-      expect(result).toEqual({})
     })
   })
 
-  describe("convertPermissionToTools", () => {
+  describe("migratePermissionToTools", () => {
-    test("converts permission to boolean tools config", () => {
+    test("converts permission to boolean tools", () => {
       // #given permission config
       const permission = { write: "deny" as const, edit: "allow" as const }
 
-      // #when converting to tools
+      // #when migrating
-      const result = convertPermissionToTools(permission)
+      const result = migratePermissionToTools(permission)
 
-      // #then converts to boolean values
+      // #then converts correctly
       expect(result).toEqual({ write: false, edit: true })
     })
 
     test("excludes ask values", () => {
-      // #given permission with ask value
+      // #given permission with ask
       const permission = {
         write: "deny" as const,
         edit: "ask" as const,
         bash: "allow" as const,
       }
 
-      // #when converting
+      // #when migrating
-      const result = convertPermissionToTools(permission)
+      const result = migratePermissionToTools(permission)
 
       // #then ask is excluded
       expect(result).toEqual({ write: false, bash: true })
     })
   })
 
-  describe("createAgentRestrictions", () => {
+  describe("migrateAgentConfig", () => {
-    test("creates restrictions with denied tools", () => {
+    test("migrates tools to permission for v1.1.1+", () => {
-      // #given deny tools list
+      // #given v1.1.1 and config with tools
-      const config = { denyTools: ["write", "task"] }
+      setVersionCache("1.1.1")
-
-      // #when creating restrictions
-      const result = createAgentRestrictions(config)
-
-      // #then creates tools config
-      expect(result).toEqual({ tools: { write: false, task: false } })
-    })
-
-    test("creates restrictions with permission", () => {
-      // #given permission config
       const config = {
-        permission: { edit: "deny" as const, bash: "ask" as const },
+        model: "test",
+        tools: { write: false, edit: false },
       }
 
-      // #when creating restrictions
+      // #when migrating
-      const result = createAgentRestrictions(config)
+      const result = migrateAgentConfig(config)
 
-      // #then creates permission config
+      // #then converts to permission
-      expect(result).toEqual({
+      expect(result.tools).toBeUndefined()
-        permission: { edit: "deny", bash: "ask" },
+      expect(result.permission).toEqual({ write: "deny", edit: "deny" })
-      })
+      expect(result.model).toBe("test")
     })
 
-    test("combines tools and permission", () => {
+    test("migrates permission to tools for old versions", () => {
-      // #given both deny tools and permission
+      // #given old version and config with permission
+      setVersionCache("1.0.150")
       const config = {
-        denyTools: ["task"],
+        model: "test",
-        permission: { edit: "deny" as const },
+        permission: { write: "deny" as const, edit: "deny" as const },
       }
 
-      // #when creating restrictions
+      // #when migrating
-      const result = createAgentRestrictions(config)
+      const result = migrateAgentConfig(config)
 
-      // #then includes both
+      // #then converts to tools
-      expect(result).toEqual({
+      expect(result.permission).toBeUndefined()
-        tools: { task: false },
+      expect(result.tools).toEqual({ write: false, edit: false })
-        permission: { edit: "deny" },
-      })
     })
 
-    test("returns empty object when no config provided", () => {
+    test("preserves other config fields", () => {
-      // #given empty config
+      // #given config with other fields
-      // #when creating restrictions
+      setVersionCache("1.1.1")
-      const result = createAgentRestrictions({})
+      const config = {
+        model: "test",
+        temperature: 0.5,
+        prompt: "hello",
+        tools: { write: false },
+      }
 
-      // #then returns empty object
+      // #when migrating
-      expect(result).toEqual({})
+      const result = migrateAgentConfig(config)
+
+      // #then preserves other fields
+      expect(result.model).toBe("test")
+      expect(result.temperature).toBe(0.5)
+      expect(result.prompt).toBe("hello")
     })
   })
 })

src/shared/permission-compat.ts

@@ -1,72 +1,78 @@
-import { supportsNewPermissionSystem as checkNewPermissionSystem } from "./opencode-version"
+import { supportsNewPermissionSystem } from "./opencode-version"
 
 export type PermissionValue = "ask" | "allow" | "deny"
-export type BashPermission = PermissionValue | Record<string, PermissionValue>
 
-export interface StandardPermission {
+export interface LegacyToolsFormat {
-  edit?: PermissionValue
+  tools: Record<string, boolean>
-  bash?: BashPermission
-  webfetch?: PermissionValue
-  doom_loop?: PermissionValue
-  external_directory?: PermissionValue
 }
 
-export interface ToolsConfig {
+export interface NewPermissionFormat {
-  [toolName: string]: boolean
+  permission: Record<string, PermissionValue>
 }
 
-export interface AgentPermissionConfig {
+export type VersionAwareRestrictions = LegacyToolsFormat | NewPermissionFormat
-  permission?: StandardPermission
+
-  tools?: ToolsConfig
+export function createAgentToolRestrictions(
+  denyTools: string[]
+): VersionAwareRestrictions {
+  if (supportsNewPermissionSystem()) {
+    return {
+      permission: Object.fromEntries(
+        denyTools.map((tool) => [tool, "deny" as const])
+      ),
+    }
+  }
+
+  return {
+    tools: Object.fromEntries(denyTools.map((tool) => [tool, false])),
+  }
 }
 
-export { checkNewPermissionSystem as supportsNewPermissionSystemFromCompat }
+export function migrateToolsToPermission(
-
+  tools: Record<string, boolean>
-export function createToolDenyList(toolNames: string[]): ToolsConfig {
-  return Object.fromEntries(toolNames.map((name) => [name, false]))
-}
-
-export function permissionValueToBoolean(value: PermissionValue): boolean {
-  return value === "allow"
-}
-
-export function booleanToPermissionValue(value: boolean): PermissionValue {
-  return value ? "allow" : "deny"
-}
-
-export function convertToolsToPermission(
-  tools: ToolsConfig
 ): Record<string, PermissionValue> {
   return Object.fromEntries(
     Object.entries(tools).map(([key, value]) => [
       key,
-      booleanToPermissionValue(value),
+      value ? ("allow" as const) : ("deny" as const),
     ])
   )
 }
 
-export function convertPermissionToTools(
+export function migratePermissionToTools(
   permission: Record<string, PermissionValue>
-): ToolsConfig {
+): Record<string, boolean> {
   return Object.fromEntries(
     Object.entries(permission)
       .filter(([, value]) => value !== "ask")
-      .map(([key, value]) => [key, permissionValueToBoolean(value)])
+      .map(([key, value]) => [key, value === "allow"])
   )
 }
 
-export function createAgentRestrictions(config: {
+export function migrateAgentConfig(
-  denyTools?: string[]
+  config: Record<string, unknown>
-  permission?: StandardPermission
+): Record<string, unknown> {
-}): AgentPermissionConfig {
+  const result = { ...config }
-  const result: AgentPermissionConfig = {}
 
-  if (config.denyTools && config.denyTools.length > 0) {
+  if (supportsNewPermissionSystem()) {
-    result.tools = createToolDenyList(config.denyTools)
+    if (result.tools && typeof result.tools === "object") {
+      const existingPermission =
+        (result.permission as Record<string, PermissionValue>) || {}
+      const migratedPermission = migrateToolsToPermission(
+        result.tools as Record<string, boolean>
+      )
+      result.permission = { ...migratedPermission, ...existingPermission }
+      delete result.tools
+    }
+  } else {
+    if (result.permission && typeof result.permission === "object") {
+      const existingTools = (result.tools as Record<string, boolean>) || {}
+      const migratedTools = migratePermissionToTools(
+        result.permission as Record<string, PermissionValue>
+      )
+      result.tools = { ...migratedTools, ...existingTools }
+      delete result.permission
     }
-
-  if (config.permission) {
-    result.permission = config.permission
   }
 
   return result