Add --workspace-mode=direct to skip snapshot isolation#137
Merged
Conversation
Brings back the pre-d268fd2 direct-workspace path behind an opt-in flag. Snapshot mode stays the default; direct mounts the workspace read-write with no snapshot, no review, and no git config sanitization, guarded by tighten-only config merge and a first-run --yes acknowledgement persisted under XDG_STATE_HOME. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
jhrozek
previously approved these changes
Apr 22, 2026
Contributor
jhrozek
left a comment
jhrozek
left a comment
There was a problem hiding this comment.
LGTM. One non-blocking inline nit about ResolvedWorkspaceMode() being dead code outside its own test — either remove it or wire it in as the single source of truth for the default.
Delegate the empty-string normalization to the domain method instead of inlining it in run(), making cfg.Workspace.ResolvedWorkspaceMode() the single source of truth. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
jhrozek
approved these changes
Apr 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
--workspace-mode=<snapshot|direct>(defaultsnapshot) and a matchingworkspace.modeglobal config key. Direct mode mounts the workspace read-write inside the VM with no COW snapshot, no diff, no review, and no git config sanitization..broodbox.yamlcannot enable direct mode: the merge is tighten-only (mirrors the egress and MCP authz patterns), so a repo can only force snapshot, never widen to direct. A warning is printed when a workspace config attempts it.--yesacknowledgement is persisted at\$XDG_STATE_HOME/broodbox/direct-mode-ack; subsequent direct-mode runs do not require the flag. A startup stderr banner prints every direct-mode run.--workspace-mode=directwith--reviewor--excludeon the same invocation is a hard error (silent-ignore would be a data-loss footgun).review.enabled: truefrom global config is warned-and-ignored when direct wins.--reviewstays exactly as it is today: still an opt-in, still meaningful in snapshot mode, no rename and no deprecation.Safety notes
Direct mode loses: git config sanitization, worktree post-processor, hash-verified flush, sensitive-path classification, snapshot post-processors. It keeps: egress policy, credential seeding, settings injection, MCP authz. The README has a new "Workspace modes" section calling this out.
Architecture:
SandboxRunneralready has nil-guards onWorkspaceCloner/Reviewer/Flusher/Differat every call site, so direct mode is wired by leaving those deps nil and settingSnapshot.Enabled=falseonRunOpts. No new implementations were needed.Test plan
task fmtcleantask lintcleantask testpasses (added 5 merge cases +StricterWorkspaceMode,IsValidWorkspaceMode,Config.Validate, andResolvedWorkspaceModetests inpkg/domain/config/)--workspace-mode=bogus,--workspace-mode=direct --review,--workspace-mode=direct --exclude=foo,--workspace-mode=directwithout--yesall error clearlybbox claude-code --workspace-mode=direct --yeson a throwaway workspace.broodbox.yamlcontainingworkspace.mode: directto confirm the warning fires and the mode is ignored🤖 Generated with Claude Code