feat(v2): complete multi-LLM providers, TUI redesign, and advanced agent features

Multi-LLM Provider Support: - Add llm-core crate with LlmProvider trait abstraction - Implement Anthropic Claude API client with streaming - Implement OpenAI API client with streaming - Add token counting with SimpleTokenCounter and ClaudeTokenCounter - Add retry logic with exponential backoff and jitter Borderless TUI Redesign: - Rewrite theme system with terminal capability detection (Full/Unicode256/Basic) - Add provider tabs component with keybind switching [1]/[2]/[3] - Implement vim-modal input (Normal/Insert/Visual/Command modes) - Redesign chat panel with timestamps and streaming indicators - Add multi-provider status bar with cost tracking - Add Nerd Font icons with graceful ASCII fallbacks - Add syntax highlighting (syntect) and markdown rendering (pulldown-cmark) Advanced Agent Features: - Add system prompt builder with configurable components - Enhance subagent orchestration with parallel execution - Add git integration module for safe command detection - Add streaming tool results via channels - Expand tool set: AskUserQuestion, TodoWrite, LS, MultiEdit, BashOutput, KillShell - Add WebSearch with provider abstraction Plugin System Enhancement: - Add full agent definition parsing from YAML frontmatter - Add skill system with progressive disclosure - Wire plugin hooks into HookManager 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-02 17:24:14 +01:00
parent 09c8c9d83e
commit 10c8e2baae
67 changed files with 11444 additions and 626 deletions
--- a/crates/platform/permissions/src/lib.rs
+++ b/crates/platform/permissions/src/lib.rs
@@ -16,6 +16,12 @@ pub enum Tool {
    Task,
    TodoWrite,
    Mcp,
+    // New tools
+    MultiEdit,
+    LS,
+    AskUserQuestion,
+    BashOutput,
+    KillShell,
 }

 #[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
@@ -123,23 +129,27 @@ impl PermissionManager {
        match self.mode {
            Mode::Plan => match tool {
                // Read-only tools are allowed in plan mode
-                Tool::Read | Tool::Grep | Tool::Glob | Tool::NotebookRead => {
+                Tool::Read | Tool::Grep | Tool::Glob | Tool::NotebookRead | Tool::LS => {
                    PermissionDecision::Allow
                }
+                // User interaction and session state tools allowed
+                Tool::AskUserQuestion | Tool::TodoWrite => PermissionDecision::Allow,
                // Everything else requires asking
                _ => PermissionDecision::Ask,
            },
            Mode::AcceptEdits => match tool {
                // Read operations allowed
-                Tool::Read | Tool::Grep | Tool::Glob | Tool::NotebookRead => {
+                Tool::Read | Tool::Grep | Tool::Glob | Tool::NotebookRead | Tool::LS => {
                    PermissionDecision::Allow
                }
                // Edit/Write operations allowed
-                Tool::Edit | Tool::Write | Tool::NotebookEdit => PermissionDecision::Allow,
+                Tool::Edit | Tool::Write | Tool::NotebookEdit | Tool::MultiEdit => PermissionDecision::Allow,
                // Bash and other dangerous operations still require asking
                Tool::Bash | Tool::WebFetch | Tool::WebSearch | Tool::Mcp => PermissionDecision::Ask,
+                // Background shell operations same as Bash
+                Tool::BashOutput | Tool::KillShell => PermissionDecision::Ask,
                // Utility tools allowed
-                Tool::TodoWrite | Tool::SlashCommand | Tool::Task => PermissionDecision::Allow,
+                Tool::TodoWrite | Tool::SlashCommand | Tool::Task | Tool::AskUserQuestion => PermissionDecision::Allow,
            },
            Mode::Code => {
                // Everything allowed in code mode