non-interactive tty should not touch the allowlists commands

[aleyan]

Check for interaction sessions for dela allow and dela deny and stop on them.

Summary by CodeRabbit

• Documentation
  • Added an Allowlist subsection specifying the allowlist file path, rule granularity, and when entries are updated.
• Improvements
  • allow/deny commands now only run interactively and will fail in non-interactive contexts.
  • Command error messages clarified to distinguish not-found vs other errors.
• Tests
  • Integration tests expanded to cover allow/deny flows, deny semantics, and non-interactive enforcement.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 23935e62-3d79-4977-bd78-eb3dfc56c482

📥 Commits

Reviewing files that changed from the base of the PR and between 3deaf12 and 234d75f.

📒 Files selected for processing (3)

• cargo_crap_baseline.json
• src/commands/mod.rs
• tests/docker_noinit/test_noinit.sh

---

📝 Walkthrough

Walkthrough

Adds a non-interactive gate helper and uses it to block scripted runs of dela allow/dela deny, refactors commands into execute_inner, updates unit and integration tests to exercise TTY/non-TTY behavior, adjusts CRAP baseline entries, and documents allowlist/MCP behavior.

Changes

Non-interactive gate and related updates

Layer / File(s)	Summary
Gate helper and baseline updates src/commands/mod.rs, cargo_crap_baseline.json	Adds gate_non_interactive and updates CRAP baseline entries for the new gate and related command metrics.
Apply gate to allow and deny src/commands/allow.rs, src/commands/deny.rs	execute() now calls super::gate_non_interactive(...) and delegates to new execute_inner(...); unit tests were updated to call execute_inner directly.
Integration test pseudo-TTY adjustments tests/docker_noinit/test_noinit.sh	Runs allow/deny scenarios under script -eqc (pseudo-terminal), adds Test 33 asserting non-interactive failures for dela allow and dela deny, and updates related success/failure checks.
Docs, main formatting, and Dockerfile fix README.md, src/main.rs, tests/docker_noinit/Dockerfile	README adds Allowlist.toml subsection and MCP clarifications; main extracts err.to_string() into msg for consistent error printing; Dockerfile fixes apk add continuation to include util-linux.

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• aleyan/dela#166: Prior changes to dela allow that this PR builds upon by adding the non-interactive gate.
• aleyan/dela#167: Modifies dela deny implementation and test changes related to deny command behavior.

"I hopped through code and tests tonight,
Poking gates where scripts shouldn't bite.
TTYs please whisper, agents stay mute,
Rabbits guard tasks with a polite toot. 🐇"

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title 'non-interactive tty should not touch the allowlists commands' accurately describes the core change: adding non-interactive session detection to prevent agents from executing the dela allow and dela deny commands.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch stopagents

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@README.md`:
- Around line 64-66: Insert a blank line before the "### Allowlist.toml" heading
and correct the typo "excplicitly" to "explicitly" in the README.md section that
describes the allowlist (refer to the "Allowlist.toml" heading and the path
"~/.config/dela/allowlist.toml"), and ensure the commands `dela allow <task>`
and `dela deny <task>` remain unchanged.

In `@src/commands/deny.rs`:
- Around line 7-22: The non-interactive gating logic (the should_block function
and its error/exit behavior) is duplicated between deny::execute and
allow::execute; extract this into a single shared helper (e.g.,
ensure_interactive or gate_non_interactive) in a common module and have both
deny::execute and allow::execute call that helper instead of their local
should_block; the helper should accept the same inputs (is_terminal, is_test,
force_interactive or compute them internally), perform the same eprintln +
std::process::exit(1) behavior, and remove the local should_block from
src/commands/deny.rs so both modules remain aligned as the policy evolves.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: dc770f1c-6b6f-49d3-8475-b80ea78c7b94

📥 Commits

Reviewing files that changed from the base of the PR and between 03a2418 and b0185d2.

📒 Files selected for processing (9)

• README.md
• cargo_crap_baseline.json
• dev_docs/project_plan.md
• src/allowlist.rs
• src/commands/allow.rs
• src/commands/deny.rs
• src/commands/mod.rs
• src/main.rs
• tests/docker_noinit/test_noinit.sh

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tests/docker_noinit/test_noinit.sh`:
- Line 847: The assertions use "script -qc ..." which doesn't propagate the
wrapped child's exit code; update every "script -qc" invocation in the test file
to include the --return/-e flag (i.e. change "script -qc" to "script -eqc") so
the exit status of the enclosed command (e.g. the "dela allow print-args"
invocations) is returned and the conditional branches behave deterministically;
search for all occurrences of "script -qc" in tests/docker_noinit/test_noinit.sh
and replace them with "script -eqc".

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: bbfad0af-088a-4d60-94c6-2e6731dcac48

📥 Commits

Reviewing files that changed from the base of the PR and between b0185d2 and 3deaf12.

📒 Files selected for processing (8)

• README.md
• cargo_crap_baseline.json
• src/commands/allow.rs
• src/commands/deny.rs
• src/commands/mod.rs
• src/main.rs
• tests/docker_noinit/Dockerfile
• tests/docker_noinit/test_noinit.sh