From 5b39f2fbd376a9ef5a6f61be464d5a5a7b5526bf Mon Sep 17 00:00:00 2001 From: Rhys Sullivan <39114868+RhysSullivan@users.noreply.github.com> Date: Fri, 1 May 2026 22:25:47 -0700 Subject: [PATCH] Add changeset for CLI patch release --- .changeset/tools-policy-menu.md | 5 +++++ apps/cli/release-notes/next.md | 3 +++ 2 files changed, 8 insertions(+) create mode 100644 .changeset/tools-policy-menu.md diff --git a/.changeset/tools-policy-menu.md b/.changeset/tools-policy-menu.md new file mode 100644 index 000000000..d228d9d9a --- /dev/null +++ b/.changeset/tools-policy-menu.md @@ -0,0 +1,5 @@ +--- +"executor": patch +--- + +Set tool policies from the Tools page. New per-row action menu (Always run / Require approval / Block / Clear) on every tree row — works on individual tools and on dotted-prefix categories. New rules auto-place by specificity so adding a category rule never silently shadows an existing tool-level override. The local UI also picks up a dedicated Policies tab for reviewing and reordering rules. diff --git a/apps/cli/release-notes/next.md b/apps/cli/release-notes/next.md index 7361006e5..2df999b82 100644 --- a/apps/cli/release-notes/next.md +++ b/apps/cli/release-notes/next.md @@ -3,6 +3,9 @@ ### MCP sources honor upstream `destructiveHint` MCP sources now read `destructiveHint` from upstream tool annotations. Tools marked destructive will require approval before running, surfaced via MCP elicitation. Refresh existing sources (or remove + re-add) to pick up annotations on tools added before this change. +### Set tool policies from the Tools page +The local UI gains a **Policies** tab for managing approval rules, plus a per-row action menu on the Tools tree. Hover any tool or category and pick **Always run / Require approval / Block / Clear** — leaf rows save a rule for the exact tool id, group rows save a `prefix.*` wildcard. New rules are auto-placed by specificity so a freshly-added group rule never silently shadows an existing leaf rule. The same menu is available from the tool detail header and from any source-detail page. + ### Per-user OAuth for OpenAPI and MCP sources OpenAPI and MCP sources now carry first-class **Connections** — a per-user sign-in state decoupled from the source definition itself.