From 440879b2db74b0b91139e11dc936f241b5e3a703 Mon Sep 17 00:00:00 2001 From: Lindsay Holmwood Date: Wed, 6 May 2026 23:29:47 +1000 Subject: [PATCH] feat(cli): allow user to opt into permissions bypass MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When a user starts onboarding by running `npx stash@latest init`, it runs through a series of detection steps, and finishes by handing off to one of Claude Code, Codex, an `AGENTS.md` editor agent, or the CipherStash Wizard, to do the integration of the encryption SDK into their app. When the user picks Claude Code, the CLI spawns the claude binary with a single argument — the launch prompt — and inherits stdio so the user can watch the session. Claude needs to run a lot of read/edit/exec commands to understand the project before it can wire up the encryption SDK. Unless the user has already configured Claude to skip permission prompts, every one of those commands stops to ask for approval. That forces the user to babysit the integration the whole way through. `init` should invoke Claude with `--allow-dangerously-skip-permissions`, so the user can shift to that mode if they decide to let Claude run with the integration. --- .changeset/allow-claude-yolo.md | 5 +++++ packages/cli/src/commands/init/lib/handoff-helpers.ts | 11 ++++++++++- .../cli/src/commands/init/steps/handoff-claude.ts | 4 ++-- 3 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 .changeset/allow-claude-yolo.md diff --git a/.changeset/allow-claude-yolo.md b/.changeset/allow-claude-yolo.md new file mode 100644 index 00000000..49c642db --- /dev/null +++ b/.changeset/allow-claude-yolo.md @@ -0,0 +1,5 @@ +--- +"stash": patch +--- + +feat(cli): pass `--allow-dangerously-skip-permissions` when `stash init` launches Claude Code, so the user can opt in to skip-permissions mode mid-session without relaunching. Codex and Wizard handoffs are unchanged. diff --git a/packages/cli/src/commands/init/lib/handoff-helpers.ts b/packages/cli/src/commands/init/lib/handoff-helpers.ts index 45b2e96e..bd4ac2d0 100644 --- a/packages/cli/src/commands/init/lib/handoff-helpers.ts +++ b/packages/cli/src/commands/init/lib/handoff-helpers.ts @@ -16,6 +16,11 @@ import { * prompt as a single argument. `stdio: 'inherit'` so the user sees tool * calls and approves edits live; the call resolves with the exit code. * + * Claude is launched with `--allow-dangerously-skip-permissions` so the + * user can opt in to skip-permissions mode for the integration handoff + * without having to relaunch — the flag permits the toggle, it doesn't + * force it on. + * * Returns -1 if the binary isn't on PATH (the spawn `error` event fires * before `close` does). Init never aborts on a non-zero code — the * artifacts are already written, the user can re-run the agent. @@ -24,8 +29,12 @@ export function spawnAgent( binary: 'claude' | 'codex', prompt: string, ): Promise { + const args = + binary === 'claude' + ? ['--allow-dangerously-skip-permissions', prompt] + : [prompt] return new Promise((resolvePromise) => { - const child = spawn(binary, [prompt], { stdio: 'inherit', shell: false }) + const child = spawn(binary, args, { stdio: 'inherit', shell: false }) child.on('close', (code) => resolvePromise(code ?? 0)) child.on('error', () => resolvePromise(-1)) }) diff --git a/packages/cli/src/commands/init/steps/handoff-claude.ts b/packages/cli/src/commands/init/steps/handoff-claude.ts index ce018e32..b6dad5c4 100644 --- a/packages/cli/src/commands/init/steps/handoff-claude.ts +++ b/packages/cli/src/commands/init/steps/handoff-claude.ts @@ -43,7 +43,7 @@ export const handoffClaudeStep: InitStep = { `Install: ${CLAUDE_INSTALL_URL}`, '', 'Once installed, run:', - ` claude '${launchPrompt}'`, + ` claude --allow-dangerously-skip-permissions '${launchPrompt}'`, ].join('\n'), 'Files written — install Claude Code to run the handoff', ) @@ -54,7 +54,7 @@ export const handoffClaudeStep: InitStep = { const exitCode = await spawnAgent('claude', launchPrompt) if (exitCode !== 0) { p.log.warn( - `Claude Code exited with code ${exitCode}. Re-run \`claude '${launchPrompt}'\` to resume.`, + `Claude Code exited with code ${exitCode}. Re-run \`claude --allow-dangerously-skip-permissions '${launchPrompt}'\` to resume.`, ) }