Extending Auto-Approval For Aider: Enhanced Control

Hey guys! Today, we're diving deep into an exciting new feature proposal for Aider that's all about giving you more control and streamlining your workflow. This feature focuses on extending the auto-approval capabilities within Aider, specifically targeting the discussion category. We're talking about reducing those repetitive prompts while keeping your system secure. Let's get into the details!

The Problem: Reducing Repetitive UI Prompts

The core issue we're tackling is the repetitive UI prompts that users encounter when Aider, especially in agent mode, requests file operations. While security is paramount, constantly clicking 'yes' or 'no' can become tedious and time-consuming. Imagine you're deep in a coding session, and Aider needs to perform several file-related tasks. Each prompt breaks your flow. We need a way to maintain that security without sacrificing efficiency.

Think of it like this: you trust Aider to handle certain file operations, but you're not quite ready to give it free rein on command execution. The current system offers a blanket auto-approve setting, which is a bit like using a sledgehammer to crack a nut. We need a more granular approach, something that lets you fine-tune what gets auto-approved and what doesn't. This is where the concept of distinguishing between Agent tool actions and Aider actions comes into play. By differentiating these actions, we can create a system where you can auto-approve file operations – things like reading, writing, or modifying files – while still auto-denying potentially risky commands.

This granular control is crucial for several reasons. First, it aligns with the principle of least privilege, ensuring that Aider only has the permissions it absolutely needs. Second, it significantly reduces the cognitive load on the user, freeing them from the constant need to review and approve routine actions. And third, it paves the way for more complex workflows where Aider can handle a wider range of tasks autonomously, without compromising security. So, how do we achieve this magical balance? Let's dive into the proposed solution.

The Solution: Granular Auto-Approval Controls

The proposed solution introduces granular auto-approval controls, a system that distinguishes between Agent tool actions and Aider actions. This allows you to auto-approve file operations while automatically denying commands, offering a sweet spot between convenience and security. Think of it as setting up different levels of trust for different types of actions. You might trust Aider to handle file modifications within a specific directory, but you'd still want to manually approve any command-line executions.

This approach involves several key components. First, we need to update the data model to accommodate these new settings. This means adding fields to the AgentProfile interface that specifically control auto-approval behavior for both Agent tools and Aider actions. These new fields will allow you to independently configure whether file operations and commands should be auto-approved or auto-denied. This is a massive step forward from the current all-or-nothing approach, giving you much finer control over Aider's behavior.

Next, we need to modify the Agent tool approval logic to take these new settings into account. This involves updating the handleApproval function to check not only the overall autoApprove setting but also the specific settings for file operations and commands. This ensures that the system behaves as expected, auto-approving actions when appropriate and prompting for approval when necessary. But it's not just about the Agent tools; we also need to consider Aider's own actions. This is where the Aider action interceptor comes in.

The interceptor acts as a gatekeeper, examining Aider's requests before they're executed. It checks the auto-approval settings and, based on those settings, either auto-approves the action, auto-denies it, or falls back to the user prompt. This ensures that the granular control extends to all of Aider's activities, not just those initiated by Agent tools. Finally, we need to provide you, the user, with a way to configure these settings. This means adding new UI controls to the Agent Selector, allowing you to easily toggle auto-approval for file operations and commands for both Agent tools and Aider actions. It's all about making the powerful features accessible and easy to use.

Implementation Details: Diving into the Code

Let's get a bit more technical and explore the implementation details. We'll break down the key code changes and how they contribute to the overall solution. This isn't just about understanding the code; it's about seeing how the different pieces fit together to create a cohesive and powerful feature.

1. Data Model Changes (src/common/types.ts)

First up, we need to modify the AgentProfile interface to include the new auto-approval settings. Here's a snippet of the proposed changes:

// src/common/types.ts - AgentProfile interface
export interface AgentProfile {
  // ... existing fields
  autoApprove: boolean; // Keep for compatibility
  
  // Simple granular rules
  agentAutoApprove: {
    fileOps: boolean;    // Auto-approve agent file operations
    commands: boolean;    // Auto-deny agent commands (always false)
  };
  
  aiderAutoApprove: {
    fileOps: boolean;    // Auto-approve aider file operations  
    commands: boolean;    // Auto-deny aider commands (always false)
  };
}

As you can see, we're adding two new objects: agentAutoApprove and aiderAutoApprove. Each of these objects contains two boolean properties: fileOps and commands. These properties allow you to independently control auto-approval for file operations and commands for both Agent tools and Aider actions. The autoApprove field is kept for compatibility, ensuring that existing profiles continue to work as expected.

2. Agent Tool Approval Logic (src/main/agent/tools/approval-manager.ts)

Next, we need to update the handleApproval function in src/main/agent/tools/approval-manager.ts to take these new settings into account. Here's the proposed code:

// src/main/agent/tools/approval-manager.ts
public async handleApproval(key: string, text: string, subject?: string): Promise<[boolean, string | undefined]> {
  if (this.profile.autoApprove) {
    return [true, undefined];
  }

  // Auto-approve agent file operations
  if (key.includes('file') && this.profile.agentAutoApprove?.fileOps) {
    return [true, undefined];
  }
  
  // Auto-deny agent commands
  if (key.includes('bash') && this.profile.agentAutoApprove?.commands === false) {
    return [false, 'Agent commands auto-denied'];
  }

  // Fall back to user prompt
  return await this.promptUser(key, text, subject);
}

This code first checks the existing autoApprove setting for compatibility. If that's enabled, it auto-approves the action. Otherwise, it checks the new granular settings. If the action involves a file operation and agentAutoApprove.fileOps is enabled, it auto-approves the action. If the action involves a command and agentAutoApprove.commands is disabled, it auto-denies the action. If none of these conditions are met, it falls back to the user prompt.

3. Aider Action Interceptor (src/main/task/task.ts)

The Aider action interceptor is implemented within the askQuestion method in src/main/task/task.ts. Here's the code:

// src/main/task/task.ts - modify askQuestion method
public async askQuestion(questionData: QuestionData, awaitAnswer = true): Promise<[string, string | undefined]> {
  // Check aider auto-approve rules first
  const profile = this.getCurrentAgentProfile();
  if (profile && !profile.autoApprove && profile.aiderAutoApprove) {
    const text = questionData.text.toLowerCase();
    
    // Auto-approve file operations
    if (profile.aiderAutoApprove.fileOps && 
        (text.includes('file') || text.includes('add to context') || text.includes('create'))) {
      return ['y', 'Auto-approved'];
    }
    
    // Auto-deny commands
    if (profile.aiderAutoApprove.commands === false && 
        (text.includes('command') || text.includes('run') || text.includes('execute'))) {
      return ['n', 'Auto-denied'];
    }
  }

  // Continue with existing question logic...
}

This code checks the aiderAutoApprove settings and, based on those settings, either auto-approves or auto-denies the action. It uses simple string matching to determine whether the action involves a file operation or a command. If none of the conditions are met, it continues with the existing question logic.

4. UI Controls (src/renderer/src/components/AgentSelector/AgentSelector.tsx)

The UI controls are added to the Agent Selector component in src/renderer/src/components/AgentSelector/AgentSelector.tsx. Here's the proposed code:

// src/renderer/src/components/AgentSelector/AgentSelector.tsx
{/* Replace existing autoApprove checkbox */}
<div className="space-y-2 px-3 py-2">
  <div className="text-xs font-medium text-text-secondary">Agent Auto-Approve</div>
  <Checkbox
    label="File operations"
    checked={activeProfile.agentAutoApprove?.fileOps ?? false}
    onChange={(checked) => handleToggleProfileSetting('agentAutoApprove.fileOps', checked)}
    size="sm"
  />
  <Checkbox
    label="Commands (deny)"
    checked={activeProfile.agentAutoApprove?.commands === false}
    onChange={(checked) => handleToggleProfileSetting('agentAutoApprove.commands', !checked)}
    size="sm"
  />
  
  <div className="text-xs font-medium text-text-secondary mt-3">Aider Auto-Approve</div>
  <Checkbox
    label="File operations"
    checked={activeProfile.aiderAutoApprove?.fileOps ?? false}
    onChange={(checked) => handleToggleProfileSetting('aiderAutoApprove.fileOps', checked)}
    size="sm"
  />
  <Checkbox
    label="Commands (deny)"
    checked={activeProfile.aiderAutoApprove?.commands === false}
    onChange={(checked) => handleToggleProfileSetting('aiderAutoApprove.commands', !checked)}
    size="sm"
  />
</div>

This code replaces the existing autoApprove checkbox with four new checkboxes, allowing you to control auto-approval for file operations and commands for both Agent tools and Aider actions. The handleToggleProfileSetting function is used to update the settings when the checkboxes are toggled.

5. Setting Handler Update (src/renderer/src/components/AgentSelector/AgentSelector.tsx)

The handleToggleProfileSetting function is responsible for updating the agent profile settings when the checkboxes are toggled. Here's the code:

// src/renderer/src/components/AgentSelector/AgentSelector.tsx
const handleToggleProfileSetting = (setting: string, value: boolean) => {
  if (activeProfile && settings) {
    const updatedProfile = { ...activeProfile };
    
    // Handle nested properties with dot notation
    if (setting.includes('.')) {
      const [section, prop] = setting.split('.');
      updatedProfile[section] = {
        ...updatedProfile[section],
        [prop]: value,
      };
    } else {
      updatedProfile[setting] = value;
    }
    
    void saveSettings({
      ...settings,
      agentProfiles: settings.agentProfiles.map((profile) => 
        profile.id === activeProfile.id ? updatedProfile : profile
      ),
    });
  }
};

This code handles both simple and nested properties, allowing you to update the agentAutoApprove and aiderAutoApprove settings. It uses dot notation to access the nested properties and updates the settings accordingly.

Files to Modify: A Quick Recap

To implement this feature, we'll need to modify the following files:

1. src/common/types.ts - Add new properties to AgentProfile
2. src/main/agent/tools/approval-manager.ts - Add agent approval logic
3. src/main/task/task.ts - Add aider action interceptor
4. src/renderer/src/components/AgentSelector/AgentSelector.tsx - Add UI controls
5. src/common/locales/en.json - Add translation keys

Default Behavior: Safety First

To ensure a smooth transition and maintain a secure environment, the default behavior is designed with safety in mind:

• New profiles will have all approvals disabled by default. This means that no actions will be auto-approved unless you explicitly enable them. This is crucial for preventing accidental security breaches and ensuring that you have full control over Aider's behavior from the get-go.
• Existing profiles that use the autoApprove setting will continue to work as they do now. This ensures backward compatibility and prevents any unexpected disruptions to your existing workflows. You can then gradually migrate to the new granular settings at your own pace.
• File operations and commands can be auto-approved independently. This is the core of the granular control feature. You can choose to auto-approve file operations while still requiring manual approval for commands, or vice versa. This flexibility allows you to tailor Aider's behavior to your specific needs and risk tolerance.
• Commands will be auto-denied by default when the auto-approval feature is enabled. This is a crucial security measure. Commands can potentially execute arbitrary code on your system, so it's important to handle them with extra caution. By default, commands will require manual approval, giving you the opportunity to review them before they're executed.

The Result: Enhanced Control and Reduced Fatigue

So, what's the end result of all this? With these changes, you'll get four simple checkboxes in the UI:

• Agent file ops: Auto-approve/deny
• Agent commands: Auto-allow/deny
• Aider file ops: Auto-approve/deny
• Aider commands: Auto-allow/deny

This simple yet powerful interface allows you to fine-tune Aider's auto-approval behavior to your exact preferences. By clearly separating concerns, we reduce prompt fatigue while maintaining security. No more endless clicking! You'll have the peace of mind knowing that Aider is handling routine tasks efficiently while still keeping you in control of critical operations.

This enhancement is a significant step towards a more user-friendly and secure Aider experience. By providing granular control over auto-approval, we're empowering you to customize Aider's behavior to your specific needs and preferences. It's all about striking the right balance between automation and control, ensuring that Aider is a powerful tool that works for you, not against you.

Conclusion

In conclusion, extending the auto-approval feature with granular controls is a game-changer for Aider. It addresses the problem of repetitive prompts, enhances security, and provides a more streamlined user experience. By implementing these changes, we're making Aider an even more powerful and versatile tool for developers and anyone working with code. What do you guys think about this proposal? Let us know your thoughts and suggestions in the comments below! We're always eager to hear your feedback and make Aider the best tool it can be.

• Ref: https://github.com/hotovo/aider-desk/issues/443
• Ref: https://github.com/hotovo/aider-desk/issues/422