Skip to content

refactor(modules): re-tier approvals as default, extract self-mod as optional#1849

Merged
gavrielc merged 1 commit intov2from
refactor/pr7-retier-approvals
Apr 18, 2026
Merged

refactor(modules): re-tier approvals as default, extract self-mod as optional#1849
gavrielc merged 1 commit intov2from
refactor/pr7-retier-approvals

Conversation

@gavrielc
Copy link
Copy Markdown
Collaborator

@gavrielc gavrielc commented Apr 18, 2026

Summary

Promotes approvals to the default tier with a public API (requestApproval + registerApprovalHandler) that other modules consume. Self-modification (install_packages / request_rebuild / add_mcp_server) moves into a new optional module that registers delivery actions + matching approval handlers via the new API.

Resolves the transitional tier violation flagged in PR #5 where core imported from the permissions optional module via src/access.ts — that file is now deleted.

Changes

Approvals (default tier)

  • New src/modules/approvals/primitive.ts exports requestApproval, registerApprovalHandler, notifyAgent. Absorbs pickApprover / pickApprovalDelivery / channelTypeOf from the deleted `src/access.ts`.
  • response-handler.ts now dispatches to registered handlers on approve (action-keyed Map). Reject path is centralized.
  • Drops self-mod-specific delivery-action registrations; they moved to the new self-mod module.
  • onecli-approvals.ts now imports picks from the primitive instead of `src/access.ts`.

Self-mod (optional tier)

  • New `src/modules/self-mod/` with:
    • `request.ts` — 3 delivery-action handlers (validate input + call `requestApproval`)
    • `apply.ts` — 3 approval-handler implementations (orchestration on approve: `updateContainerConfig`, `buildAgentGroupImage`, `killContainer`)
    • `index.ts` — registers 3 delivery actions + 3 approval handlers at import time
    • `project.md` + `agent.md`
  • Depends on approvals (new API) and core (container-runner, container-config).

Other

  • `src/access.ts` and `src/access.test.ts` deleted. Tests split across `src/modules/approvals/picks.test.ts` (approver selection) and `src/modules/permissions/permissions.test.ts` (access + roles + DM).
  • `src/modules/index.ts` barrel: approvals loads before self-mod so `registerApprovalHandler` is bound when self-mod registers at import time.

Test plan

  • `pnpm run build` — clean
  • `pnpm test` — 137 host tests pass (15 test files)
  • `bun test` in `container/agent-runner/` — 17 tests pass
  • Service boots (`NanoClaw running`, `OneCLI approval handler started`) and shuts down cleanly on SIGTERM
  • Manual: trigger an `install_packages` flow end-to-end (agent → admin DM card → approve → rebuild + container restart)
  • Manual: reject an approval → agent receives rejection notification

🤖 Generated with Claude Code

@gavrielc @claude
refactor(modules): re-tier approvals as default; extract self-mod as …
95fdec3 
…optional

Promotes approvals to the default tier with a public API (requestApproval +
registerApprovalHandler) that other modules consume. Self-modification
(install_packages / request_rebuild / add_mcp_server) moves into a new
optional module that registers delivery actions + matching approval handlers
via the new API.

## Approvals (default tier)

- Adds `src/modules/approvals/primitive.ts` exporting `requestApproval`,
  `registerApprovalHandler`, `notifyAgent`. Absorbs `pickApprover` /
  `pickApprovalDelivery` / `channelTypeOf` from the deleted `src/access.ts`.
- Rewrites `response-handler.ts` to dispatch to registered approval handlers
  on approve (action-keyed Map). Reject path is centralized.
- Drops the three self-mod-specific delivery-action registrations from
  `approvals/index.ts`; they belong to self-mod now.
- `onecli-approvals.ts` now imports picks from the primitive instead of
  `src/access.ts`.

## Self-mod (optional tier)

- New `src/modules/self-mod/` with request handlers (validate input + call
  requestApproval) and apply handlers (orchestration on approve).
- `apply.ts` owns updateContainerConfig + buildAgentGroupImage + killContainer
  calls. Self-mod depends on approvals (via registerApprovalHandler +
  requestApproval + notifyAgent) and on core (container-runner, container-config).
- Registers 3 delivery actions + 3 approval handlers at import time.

## Other changes

- `src/access.ts` and `src/access.test.ts` deleted. Tests split across
  `src/modules/approvals/picks.test.ts` (approver selection) and
  `src/modules/permissions/permissions.test.ts` (access + roles + DM).
- `src/modules/index.ts` barrel: approvals loads before self-mod so
  registerApprovalHandler is bound when self-mod registers at import time.

## Validation

- `pnpm run build` clean
- `pnpm test` — 137 host tests pass
- `bun test` in container/agent-runner — 17 tests pass
- Service starts; boot log shows `OneCLI approval handler started`,
  `NanoClaw running`; clean SIGTERM shutdown

Resolves the transitional tier violation flagged in PR #5 where core
imported from the permissions optional module via `src/access.ts`.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@gavrielc gavrielc requested a review from gabi-simons as a code owner April 18, 2026 16:42
@gavrielc gavrielc merged commit 3d945db into v2 Apr 18, 2026
1 check passed
@gavrielc gavrielc deleted the refactor/pr7-retier-approvals branch April 18, 2026 16:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gabi-simons gabi-simons Awaiting requested review from gabi-simons gabi-simons is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gavrielc