hermes-agent/website/docs/user-guide
Teknium e2fe529efb
feat(approvals): user-defined deny rules that block commands even under yolo (#59164)
Adds approvals.deny to config.yaml — a list of fnmatch globs matched
against terminal commands. A match blocks unconditionally, BEFORE the
--yolo / /yolo / approvals.mode=off bypass, making it the user-editable
counterpart to the code-shipped hardline blocklist.

- Checked in both command gates (check_dangerous_command and
  check_all_command_guards), after the hardline floor and sudo-stdin
  guard, before the yolo bypass and permanent allowlist.
- Matching runs over the same normalized/deobfuscated command variants
  as the dangerous-pattern detector, case-insensitive.
- Opt-in: empty/absent list is a no-op; behavior unchanged.

Supersedes the trust-engine approach from #21500 with a minimal
config-native design: the only capability the existing stack lacked
was deny-that-beats-yolo. Allow already exists (command_allowlist),
ask already exists (session approvals).
2026-07-05 14:48:40 -07:00
..
features docs: warn that mid-session model switches break prompt caching (#58747) 2026-07-05 04:34:05 -07:00
messaging feat(discord): optional admin-only gate for exec-approval buttons (#51751) 2026-07-05 06:42:42 -07:00
secrets feat(secrets/bitwarden): EU Cloud + self-hosted server URL support (#31378) 2026-05-24 02:19:57 -07:00
skills feat(delegate): remove model-facing toolsets arg — subagents always inherit parent's (#56386) 2026-07-01 05:35:26 -07:00
_category_.json feat: add documentation website (Docusaurus) 2026-03-05 05:24:55 -08:00
checkpoints-and-rollback.md feat(checkpoints): v2 single-store rewrite with real pruning + disk guardrails (#20709) 2026-05-06 05:44:35 -07:00
cli.md docs: deep audit — registry drift, stale claims, 2-week PR coverage, dashboard screenshot (#40952) 2026-06-07 01:39:06 -07:00
configuration.md feat(approvals): user-defined deny rules that block commands even under yolo (#59164) 2026-07-05 14:48:40 -07:00
configuring-models.md docs: warn that mid-session model switches break prompt caching (#58747) 2026-07-05 04:34:05 -07:00
desktop.md docs: warn that mid-session model switches break prompt caching (#58747) 2026-07-05 04:34:05 -07:00
docker.md fix(docker): replace dashboard --insecure with basic-auth provider 2026-06-21 19:05:27 -07:00
git-worktrees.md docs: deep audit — registry drift, stale claims, 2-week PR coverage, dashboard screenshot (#40952) 2026-06-07 01:39:06 -07:00
managed-scope.md docs: add managed scope admin guide + cross-link from configuration 2026-06-19 07:46:33 -07:00
multi-profile-gateways.md docs(gateway): document multiplexing opt-in + contract changes 2026-06-19 07:34:15 -07:00
profile-distributions.md Expand .gitignore example 2026-06-20 20:42:49 -07:00
profiles.md fix: make profile subprocess HOME policy explicit 2026-06-14 03:20:21 -07:00
security.md feat(approvals): user-defined deny rules that block commands even under yolo (#59164) 2026-07-05 14:48:40 -07:00
sessions.md docs(sessions): clarify sessions.json is the gateway routing index, not the session list (#51726) 2026-06-23 23:56:36 -07:00
tui.md docs(tui): correct HERMES_TUI_GATEWAY_URL — dashboard-internal, not remote-attach (#42162) 2026-06-08 09:37:03 -07:00
windows-native.md docs(windows): correct native data dir to %LOCALAPPDATA%\hermes (#42856) 2026-06-09 14:11:20 -05:00
windows-wsl-quickstart.md fix(docs): update all install instructions everywhere 2026-06-04 21:07:45 -04:00