Findings (new user-facing changes)

• 351ddeed9 “Permission rework (Permission rework #6319)” introduces a revamped permission system that now gates many more tools (ex: read, list, glob, grep, task, codesearch, websearch, todowrite, todoread) and changes how “always” rules work for bash (command-prefix/arity based).
• It also adds new server/API surface area for permissions: GET /permission and POST /permission/:requestID/reply, while keeping the old session-scoped permission endpoint as deprecated.

Other listed commits looked like tests/bugfixes/internal changes or already-updated docs (5f2be55e5).

Docs Updated

• Updated permission docs to cover the expanded permission keys + updated bash “always” semantics: packages/web/src/content/docs/permissions.mdx:6
• Updated server API docs to document the new permission endpoints and mark the old one deprecated: packages/web/src/content/docs/server.mdx:159
• Updated JS SDK docs to add client.permission.* methods and remove the old session-scoped permission method from Sessions: packages/web/src/content/docs/sdk.mdx:252
• Updated plugin event list from permission.updated → permission.asked: packages/web/src/content/docs/plugins.mdx:171
• Updated agent permissions docs to reflect that permissions apply to more than edit/bash/webfetch: packages/web/src/content/docs/agents.mdx:385

Validation

• packages/web docs site builds successfully via bun run build (warnings only, no failures).

Triggered by scheduled workflow

opencode session  |  github run