feat(cli): implement atomic writes and safety checks for trusted folders (#18406)

2026-04-19 09:41:17 -07:00 · 2026-02-09 09:16:56 -08:00
parent 01906a9205
commit 81ccd80c6d
16 changed files with 549 additions and 971 deletions
--- a/packages/cli/src/ui/hooks/usePermissionsModifyTrust.ts
+++ b/packages/cli/src/ui/hooks/usePermissionsModifyTrust.ts
@@ -92,12 +92,12 @@ export const usePermissionsModifyTrust = (
    settings.merged.security.folderTrust.enabled ?? true;

  const updateTrustLevel = useCallback(
-    (trustLevel: TrustLevel) => {
+    async (trustLevel: TrustLevel) => {
      // If we are not editing the current workspace, the logic is simple:
      // just save the setting and exit. No restart or warnings are needed.
      if (!isCurrentWorkspace) {
        const folders = loadTrustedFolders();
-        folders.setValue(cwd, trustLevel);
+        await folders.setValue(cwd, trustLevel);
        onExit();
        return;
      }
@@ -140,7 +140,7 @@ export const usePermissionsModifyTrust = (
      } else {
        const folders = loadTrustedFolders();
        try {
-          folders.setValue(cwd, trustLevel);
+          await folders.setValue(cwd, trustLevel);
        } catch (_e) {
          coreEvents.emitFeedback(
            'error',
@@ -153,11 +153,11 @@ export const usePermissionsModifyTrust = (
    [cwd, settings.merged, onExit, addItem, isCurrentWorkspace],
  );

-  const commitTrustLevelChange = useCallback(() => {
+  const commitTrustLevelChange = useCallback(async () => {
    if (pendingTrustLevel) {
      const folders = loadTrustedFolders();
      try {
-        folders.setValue(cwd, pendingTrustLevel);
+        await folders.setValue(cwd, pendingTrustLevel);
        return true;
      } catch (_e) {
        coreEvents.emitFeedback(