Unified permission sync and enforcement for AI coding agent CLIs.
Project description
gperm
gperm is a unified permission manager for multiple AI coding agent CLIs.
It keeps permission profiles in one place, applies them to native config files when possible, and falls back to inline CLI flags when a tool does not expose persistent project-level settings.
Japanese README: README.ja.md
Features
- Unified permission profiles for
claude,geminicli,copilot,codex,opencode, andantigravity - Global config under
XDG_CONFIG_HOME/gperm/config.toml - Project override under
./.gperm/config.tomlwith higher precedence gperm config showdisplays the active config source chaingperm checkshows drift between desired and native settingsgperm syncupdates native settings, interactive by defaultgperm inlineprints inline flags for agents that support runtime permission flagsgperm execruns the target CLI with expanded inline flags- Locale-aware CLI messages: English by default, Japanese when
LANG/LC_*starts withja
Supported agents
| Agent | Alias | Tested version | Global | Project | Inline | Notes |
|---|---|---|---|---|---|---|
| Claude Code | claude |
2.1.62 |
Native | Native | Native | Uses ~/.claude/settings.json and ./.claude/settings.json |
| Gemini CLI | gemini, geminicli |
0.31.0 |
Native | Native | Native | Generates policy TOML under gperm-managed directories |
| GitHub Copilot CLI | copilot, copilot cli, copilot-cli |
1.0.2 |
Native | Partial | Native | Persistent project trust is stored in global config; tool rules are runtime-only |
| Codex CLI | codex |
0.112.0 |
Native | Native | Native | Project trust is managed through global projects."<path>" entries |
| OpenCode | opencode |
1.2.24 |
Native | Native | None | No documented inline permission flags in gperm 0.0.1 |
| Antigravity | antigravity |
1.107.0 |
Experimental | Experimental | None | Inferred from installed settings keys, not vendor docs |
Native config locations
| Agent | Global config | Project config |
|---|---|---|
| Claude Code | ~/.claude/settings.json |
./.claude/settings.json |
| Gemini CLI | ~/.gemini/settings.json and ~/.gemini/trustedFolders.json |
./.gemini/settings.json |
| GitHub Copilot CLI | ~/.copilot/config.json |
No native project config file; gperm uses global trust entries and inline flags |
| Codex CLI | ~/.codex/config.toml |
./.codex/config.toml |
| OpenCode | ~/.config/opencode/opencode.json or .jsonc |
./opencode.json |
| Antigravity | ~/.config/Antigravity/User/settings.json |
./.vscode/settings.json |
Install
uv sync
uv run gperm --help
One-line installer:
curl -sSL https://raw.githubusercontent.com/igtm/global-permission/main/install.sh | bash
Commands
gperm --help
gperm --version
gperm agents
gperm import claude ~/.claude/settings.json
gperm import opencode ~/.config/opencode/opencode.jsonc
gperm doctor
gperm config init
gperm config show
gperm check
gperm sync
gperm inline codex
gperm exec copilot -- -p "review this repo"
Config resolution
Resolution order:
- Built-in defaults
XDG_CONFIG_HOME/gperm/config.toml./.gperm/config.toml
The project-local ./.gperm/config.toml wins over the XDG config.
Example config
version = 1
default_profile = "balanced"
[profiles.safe]
approval = "plan"
sandbox = "read-only"
trust = false
[profiles.balanced]
approval = "default"
sandbox = "workspace-write"
trust = true
allow_shell = ["git status", "git diff"]
deny_shell = ["git push"]
[agents.codex]
profile = "balanced"
command = "codex"
[project]
profile = "safe"
Import native settings
Import a Claude or OpenCode native config into gperm:
gperm import claude ~/.claude/settings.json
gperm import opencode ~/.config/opencode/opencode.jsonc
Behavior:
- Claude global config imports into
~/.config/gperm/config.toml - OpenCode global config imports into
~/.config/gperm/config.toml - Project-local source files import into
./.gperm/config.toml - Imported profiles default to
imported-claudeorimported-opencode
Notes
gpermupdates only permission-related keys and leaves unrelated settings intact.- JSONC files are parsed correctly, but comments and whitespace may be normalized on write.
- For agents that cannot persist some permission concepts natively,
gpermreports the gap instead of silently dropping it. - Gemini sidecar policy files are generated under
~/.config/gperm/generated/or./.gperm/generated/. install.shinstallsgperm, creates a starter config when missing, and runsgperm doctor.
Release automation
Merged PRs into main can trigger an automatic release when the PR carries exactly one of these labels:
release:patchrelease:minorrelease:major
The repository now includes:
Required GitHub secrets:
RELEASE_GITHUB_TOKENPYPI_API_TOKEN
For a smoke test, a docs-only PR with one release label is enough to exercise the full pipeline.
References
- Claude Code permissions: https://code.claude.com/docs/en/permissions
- Claude Code settings: https://code.claude.com/docs/en/settings
- Gemini CLI policy engine: https://geminicli.com/docs/reference/policy-engine/
- GitHub Copilot CLI config: https://docs.github.com/en/copilot/how-tos/copilot-cli/set-up-copilot-cli/configure-copilot-cli
- OpenCode permissions: https://opencode.ai/docs/ja/permissions/
- Codex config basics: https://developers.openai.com/codex/config-basics
- Codex config reference: https://developers.openai.com/codex/config-reference
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
global_permission-0.0.3.tar.gz
(40.8 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file global_permission-0.0.3.tar.gz.
File metadata
- Download URL: global_permission-0.0.3.tar.gz
- Upload date:
- Size: 40.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.9 {"installer":{"name":"uv","version":"0.10.9","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a2af995d10743cc9e312f64eb413683e48aae3ef1359a724359bf6e457bc674e
|
|
| MD5 |
e7f5085c6d3b8d17c7925c40696bc782
|
|
| BLAKE2b-256 |
33164a73584c3d20c5fc876920c5a1a1a13b058edbc79f0a8a8bb056315c03d2
|
File details
Details for the file global_permission-0.0.3-py3-none-any.whl.
File metadata
- Download URL: global_permission-0.0.3-py3-none-any.whl
- Upload date:
- Size: 34.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.9 {"installer":{"name":"uv","version":"0.10.9","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a7e51fe23b135f1e8a9093e0f121e2a804270e32a54b4cab5a93f23ac5be7e09
|
|
| MD5 |
2b8ef27687e03af7e0b5249078dbbfa7
|
|
| BLAKE2b-256 |
7e3bb526492cf5f7874aff9492d47a1318b5c90cb735a93e5e7bbd2b043c5378
|
