Bump actions/upload-artifact from 5 to 7 in /.github/workflows#1
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v5...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
s-zx
added a commit
that referenced
this pull request
Apr 27, 2026
…axes Per user feedback: lumping bypassPermissions next to ask/plan/do in a single mode picker conflates two unrelated concepts. ask/plan/do are work modes (tool list, system prompt, step budget); bypassPermissions is a permission posture (how strict approvals are). They're independently togglable in Claude Code and should be in Crest too. Restructure: - Mode axis (work): ask, plan, do (+ hidden bench). Selected via mode picker / :ask :plan :do prefix. Determines tool list, prompt, step budget. - Posture axis (strictness): default, acceptEdits, bypassPermissions (+ hidden bench). Toggled via Shift+Tab cycle or /permission slash command. Status pill in overlay header shows current posture. Posture details (per user clarification — full Claude Code set): - default: rules + ask for unmatched (the default) - acceptEdits: auto-allow file-edit tools when target is inside cwd; shell and other mutations still prompt. Solves the #1 friction in interactive use without giving up shell-command safety. - bypassPermissions: auto-allow except bypass-immune safety paths Cycle order on Shift+Tab: default → acceptEdits → bypassPermissions → default. Matches Claude's pattern minus the plan step (which is a Crest mode, not a posture). Architecture changes: - CheckRequest gains a Posture field - Decision pipeline reordered: plan-mode hard refusal first (step 0), then rules, then per-tool safety checks (immune to posture), then posture-driven defaults for unmatched, then mode default, then ask - API request body grows optional permissionPosture field; mode:"bench" forces posture:"bench" for backward compat - Settings schema gains defaultPosture key UI surface (§3.4 expanded): - Status pill (clickable, color-coded by posture severity) - Shift+Tab keybinding only active when overlay has focus - /permission slash command for keyboard-discovery Mode picker becomes: [ask, plan, do]. Bench remains API-accepted but hidden. The previous draft's [ask, plan, do, bypassPermissions] picker is gone — picking a posture is a separate affordance now. Decisions log + Q5 (the structural feedback) added to §6/§7. Tracker (claude-code-parity.md §3) highlights restructured to lead with the Mode/Posture split. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
s-zx
added a commit
that referenced
this pull request
Apr 27, 2026
…ault Per user feedback: clicking through every change approval is too cumbersome for personal local-coding work. Bundled default posture is acceptEdits, not default. Users who want the cautious behavior flip to default posture via Shift+Tab. Posture name and bundled default are independent concepts: - The posture *named* default keeps the same semantics (ask for unmatched calls) — name is a Claude Code convention we keep for parity in the rule engine - The bundled defaultPosture setting value defaults to acceptEdits for new installs Why diverge from Claude Code: - Claude Code ships with default-as-default partly because its audience includes high-stakes shared environments (terminals on prod servers, etc.). - Crest is a personal terminal, used overwhelmingly for local coding. The iterative edit-test-edit loop is the dominant flow, and clicking every diff is the #1 friction. Risk is bounded: - File backups exist (filebackup.MakeFileBackup in multi_edit.go) - mtime tracking (commit 0ce9f60) refuses stale-edit clobbers - Bypass-immune paths still prompt: .env, .git/, .ssh/, credentials*, secret-bearing files - shell_exec — the truly dangerous tool — still prompts by default - Deny rules still fire regardless of posture - The cautious default posture is one Shift+Tab away when wanted Doc §3.3 — posture table marks acceptEdits as new-chat default, adds a "Why acceptEdits is the bundled default" rationale subsection. Wire-format example uses acceptEdits. Settings schema documents DefaultPosture default value. Decisions log §6 captures the divergence from Claude. §7 adds Q6 with rationale. Tracker (claude-code-parity.md §3) highlights call out the bundled-default choice. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps actions/upload-artifact from 5 to 7.
Release notes
Sourced from actions/upload-artifact's releases.
Commits
043fb46Merge pull request #797 from actions/yacaovsnc/update-dependency634250cInclude changes in typespec/ts-http-runtime 0.3.5e454baaReadme: bump all the example versions to v7 (#796)74fad66Update the readme with direct upload details (#795)bbbca2dSupport direct file uploads (#764)589182cUpgrade the module to ESM and bump dependencies (#762)47309c9Merge pull request #754 from actions/Link-/add-proxy-integration-tests02a8460Add proxy integration testb7c566aMerge pull request #745 from actions/upload-artifact-v6-releasee516bc8docs: correct description of Node.js 24 support in READMEDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)