Skip to content

WriteTool fails to assign secure permissions to sensitive files #14853

New issue
New issue
Open
#14851
Open
WriteTool fails to assign secure permissions to sensitive files#14853
#14851
Assignees
thdxr
Labels
coreAnything pertaining to core functionality of the application (opencode server stuff)
@n24q02m

Description

@n24q02m
n24q02m
opened on Feb 24, 2026

The problem

There is a failing unit test in test/tool/write.test.ts called sets file permissions when writing sensitive data. The WriteTool currently writes all files with default permissions and does not restrict access to 0o644 or 0o600 when creating or editing sensitive files like .env or sensitive.json.

Steps to reproduce

Run bun test test/tool/write.test.ts on unix.

Expected behavior

The test should pass and files ending in .env, .env.local, or sensitive.json should receive restricted read/write permissions for security.

Metadata

Metadata

Assignees

Labels

coreAnything pertaining to core functionality of the application (opencode server stuff)

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions