Closes AI-267
This PR adds a skills subpage in the settings UI, where we display
global skills in the user tab and project skills in the corresponding
project tab. The approach taken here was the simplest one out of the
possible avenues we could've taken to implement this (which would
possibly require bigger refactors), given this is potentially the very
first page in the settings UI where we're displaying stuff that does not
correspond to data available in the `settings.json`.
Important to note that a major limitation of the global approach is that
it's dependent on the native agent having loaded the skill index,
meaning there's an edge case where, if you open the settings UI _before_
having opened the agent panel, you won't immediately see the available
skills. Something to discuss but that it felt like a viable option for a
first ship.
Release Notes:
- Agent: Added a skills section to the settings UI.
In the interactive MCP OAuth flow, the MCP client registers itself with
the authorization in one of three ways:
- Client ID Metadata Document aka CIMD (recommended default). This is
already implemented: https://zed.dev/oauth/client-metadata.json.
- Dynamic Client Registration (DCR). This is the traditional method.
Also already implemented in Zed.
- Pre-registration: the client is registered out of band, typically in
the IdP or SaaS provider's UI. You get a client id and maybe a client
secret, that have to be provided by the MCP client when it wants to
exchange an access token. This is what this pull request is about.
This PR has two main parts:
- Allow users to configure a client id and optional client secret for an
MCP server in their configuration, under a new `oauth` key, and take it
into account
- Make the MCP server state and the configuration modal aware of the
intermediate states (client secret missing) and error cases stemming
from client pre-registration.
The client secret can be stored either in the system keychain or in
plain text in the MCP server configuration. The UI tries to steer user
towards the more secure option: the keychain.
<img width="715" height="201" alt="Screenshot 2026-04-10 at 16 48 06"
src="https://github.com/user-attachments/assets/5e64103e-6746-4ef0-8bd9-533d492b6912"
/>
<img width="884" height="544" alt="Screenshot 2026-04-10 at 16 47 07"
src="https://github.com/user-attachments/assets/0e35bb3c-cbc4-4e8c-a713-66323597b2e2"
/>
<img width="785" height="558" alt="Screenshot 2026-04-10 at 16 47 23"
src="https://github.com/user-attachments/assets/03339187-1508-461a-87ae-a7c2647df9a5"
/>
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Closes
https://github.com/issues/assigned?issue=zed-industries%7Czed%7C52198
**Note for the reviewer: I know how busy the AI team is at the moment so
please treat this as low priority, we don't have signal that this is a
highly desired feature. It's a rather large PR, so I'm happy to pair
review / walk through it.**
Release Notes:
- Added support for OAuth client pre-registration (client id, client
secret) to the built-in MCP client.
This PR fixes a panic that could occur in the `edit_file` tool where
streaming in text could split in the middle of a multibyte character.
Closes FR-3 and [ZED-7ZX](https://zed-dev.sentry.io/issues/7480598098).
Release Notes:
- Fixed a panic that could occur when streaming in text with the
`edit_file` tool.
Closes AI-266
This PR adds a built-in skill called `create-skill`, which allows the
Zed agent to have access to a skill that teaches it how to properly
create skills for Zed. You can manually invoke it as well as just
letting the model auto-invoke it in case your prompt suggests creating a
new skill.
Release Notes:
- Agent: Added a built-in skill called `create-skill` to make the Zed
agent informed about how to do that.
---------
Co-authored-by: Richard Feldman <richard@zed.dev>
Still behind a flag until RFD progresses. But also fixes one area where
we would have called delete even if we didn't have support.
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- N/A
Closes AI-230
This PR makes skills, added as /-mentions, be rendered in the agent
panel as creases, like anything you'd @-mention. Naturally, clicking on
the crease button opens the corresponding skill file in a buffer.
It turned out to be quite a bit of plumbing to make this work,
particularly as I am also introducing an interface to display dividers
and headers in the completion menu. This was relevant to me to add
because it sets a good foundation to convert many agent panel-related
actions as slash commands.
Release Notes:
- N/A
---------
Co-authored-by: MartinYe1234 <52641447+MartinYe1234@users.noreply.github.com>
Watches a user-global `AGENTS.md` file alongside `settings.json` (at
`~/.config/zed/AGENTS.md` on macOS/Linux, `%APPDATA%\Zed\AGENTS.md` on
Windows) and includes its trimmed contents in the native agent's system
prompt.
This matches the pattern used by Codex (`CODEX_HOME/AGENTS.md`,
defaulting to `~/.codex/AGENTS.md`) and OpenCode
(`~/.config/opencode/AGENTS.md`): personal instructions live next to
other app config and apply across every project the user opens.
## Behavior
- Native Zed agent only. Not passed to ACP / external agents.
- Reads the local config dir, so SSH-remoted projects still get the
local user's personal `AGENTS.md` (project rules continue to come from
the remote workspace).
- Missing, empty, or whitespace-only files are silently treated as no
`AGENTS.md`.
- Read errors surface through the same notification UI as settings
errors, with a stable notification ID that's dismissed once the file
becomes readable again.
- The file is read in full, matching how existing project rules / repo
`AGENTS.md` files are loaded today.
## System prompt rendering
In the system prompt, the user-global `AGENTS.md` appears as `###
Personal AGENTS.md` immediately before `### Project Rules`, so the model
sees personal defaults first and project guidance later (project rules
take precedence on conflicts).
## Tests
- `user_agents_md` watcher: initial load, empty/whitespace ignored,
reacts to file edits.
- `SystemPromptTemplate`: renders personal `AGENTS.md` before project
rules; omits the section when no user `AGENTS.md` is present.
Closes AI-231
Release Notes:
- Added support for a global `AGENTS.md` file alongside `settings.json`
that is automatically included in the agent's instructions for every
project.
The tool definition is very clearly contradicting the previous behavior.
Performance impact is unclear to me, we increase the work in a
potentially expensive loop, but it seems necessary to have both the
specified behavior from the tool definition, as well as the
heuristic/fallback for misbehaving models that seems to be intended.
Self-Review Checklist:
- [X] I've reviewed my own diff for quality, security, and reliability
- [X] Unsafe blocks (if any) have justifying comments
- [X] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [X] Tests cover the new/changed behavior
- [X] Performance impact has been considered and is acceptable
Closes#56225
Release Notes:
- Fixed tool paths preferring files in subdirectories named after the
project root
Treat `.agents/skills/` (project-local) and `~/.agents/skills/` (global)
as **sensitive paths**, on par with `.zed/` and the global config
directory. The agent's built-in editing tools (`edit_file`,
`write_file`, `create_directory`, `delete_path`, `move_path`,
`copy_path`) now require explicit user authorization before modifying
anything inside those paths, because the contents of skill files control
agent behavior.
This protection is worth landing on its own, ahead of Zed adding its own
skills support: other agents (e.g. Claude Code) already write skill
files into these locations, so a Zed installation may already have
skills on disk that should not be silently editable by the agent.
Also tightens the **pre-existing `.zed/` check** to compare path
components case-insensitively. macOS and Windows use case-insensitive
filesystems by default, so without this fix a malicious settings author
could bypass the local-settings classifier with `.ZED/settings.json`
(the canonicalized inode would match, but the path-component comparison
would miss it). The new `.agents/skills/` check has the same hazard and
now shares a single `component_matches_ignore_ascii_case` helper with
the `.zed/` check.
Introduces the `agent_skills` crate, scoped for now to just the path
constants and helpers (`global_skills_dir`,
`project_skills_relative_path`, `SKILL_FILE_NAME`) so the
tool-permission machinery can recognize the agent skills tree without
depending on a skill discovery / parsing / loading layer. Those will
land in follow-up PRs.
Closes AI-217
Release Notes:
- Agent: Require user confirmation before letting tools modify files
inside `.agents/skills/` (per-project) or `~/.agents/skills/` (global),
so skills installed by any agent are protected from unsolicited edits
---------
Co-authored-by: MartinYe1234 <52641447+MartinYe1234@users.noreply.github.com>
Co-authored-by: Martin Ye <martinye022@gmail.com>
Co-authored-by: Danilo Leal <daniloleal09@gmail.com>
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- N/A
At this point, this tool rarely gets called and the agent can likely
figure out how to call these itself.
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- Removed open tool from built-in Agent tools.
Streamline the instructions around communication, tool use, planning,
and project roots.
Remove the `now` tool and also clean up several tool descriptions.
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- N/A
---------
Co-authored-by: Bennet Bo Fenner <bennetbo@gmx.de>
Closes#52042
Release Notes:
- agent: Added setting `subagent_model` to specify which model is used
when subagent is spawned
---------
Co-authored-by: Ben Brandt <benjamin.j.brandt@gmail.com>
Before:
1. Agent tries to edit unsaved file
2. Tool call fails with error telling the agent to ask the user to save
or discard edits
3. User types save/restore
4. Agent uses save/restore tool
https://github.com/user-attachments/assets/c94dd361-e8e0-48ee-be31-da8afe594419
After:
1. Agent tries to edit unsaved file
2. User is prompted to save/restore file
3. User accepts/rejects or saves/discards file manually
https://github.com/user-attachments/assets/1d98a0c4-4420-4426-94f2-42355de230be
Release Notes:
- agent: Improved UX when agent tries to edit unsaved buffer
---------
Co-authored-by: Ben Brandt <benjamin.j.brandt@gmail.com>
This fixes a race condition where the thread would not get the LSP tools
at startup if the feature flag was not resolved yet.
We now always add the tools, but filter them out when we start a new
turn if the feature flag is not set.
Release Notes:
- N/A
Fixed an issue where the leak detector would sometimes cause panics when
running unit evals. Fixed this by matching the tear-down logic that we
use in the `gpui::test` macro
> thread 'tools::evals::edit_file::eval_from_pixels_constructor'
(14336149) panicked at crates/gpui/src/app/entity_map.rs:1116:9:
Exited with leaked handles:
Leaked handle for entity language::buffer::Buffer (EntityId(50v1)):
Release Notes:
- N/A
In the case where the model would respond with `new_text` before
`old_text`, we would just emit an empty `old_text`, because the parsing
layer was operating under the assumption that `old_text` occurs before
`new_text`.
We now hold back new text chunks if we receive them first, and only emit
them once old_text is complete.
In addition to that we also need to handle the case where the first
chunk contains `old_text` and `new_text`. In that case we don't know
which one of the two fields have finished streaming, since we can't rely
on the ordering anymore. Therefore we hold back all events until we
receive the full edit, and emit a single OldTextChunk (done = true) and
a single NewTextChunk (done = true)
Closes#55398
Release Notes:
- agent: Fixed an issue where editing would sometimes fail for specific
models (Deepseek v4)
Splits the edit tool into two separate tools `write_file` (previously
`mode = write`), and `edit_file` (previously `mode = edit`).
This makes the JSON schema for the `edit_tool` much simpler. We've seen
models (especially older ones) struggle with providing `mode = edit +
edits` and `mode = write + content` fields. This seems to improve eval
scores for Sonnet 4.6 slightly.
Also added two unit evals to ensure that the model uses the tool to
create new/override existing files
Release Notes:
- N/A
---------
Co-authored-by: Ben Brandt <benjamin.j.brandt@gmail.com>
Fixes#54244
When the `read_file` tool is called with a path that points to a
directory instead of a file, it now returns a clear, actionable error
message telling the agent to use `list_directory` instead.
Previously the tool would fail with an unhelpful generic error. Now it
explicitly checks whether the path is a directory before attempting to
read it.
A test covering this case is also included.
Release Notes:
- Fixed `read_file` tool returning an unhelpful error when given a
directory path; it now suggests using `list_directory` instead.
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Fixes#55436
The create-directory agent tool was classified as a read tool, which
caused
the agent UI to render it with the search icon.
This PR marks `create_directory` as an edit tool and gives it a
folder-add
icon in the conversation tool card. Creating a directory mutates the
project,
so treating it as an edit tool better matches the behavior and avoids
the
misleading search icon.
Validation:
- `cargo build -p zed`
- `cargo test -p agent test_create_directory_tool_kind_is_edit --
--nocapture`
- `git diff --check`
- Manually verified in a local dev build that asking the agent to create
`tmp-
zed-icon-test-dir` shows a folder icon instead of a search icon, and
that the
directory is created successfully.
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/
zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- Fixed create-directory agent tool cards showing a search icon.
<img width="593" height="281" alt="07547c9f-2cf2-432b-8c0f-86f336dce3c5"
src="https://github.com/user-attachments/assets/a5a277ee-56c5-4801-a7d8-27c347222169"
/>
<img width="594" height="157" alt="2b3f2b62-4782-42f1-a20d-c26f9cfe8940"
src="https://github.com/user-attachments/assets/37845785-5145-4701-9060-1dd1bdb60801"
/>
---------
Co-authored-by: Ben Brandt <benjamin.j.brandt@gmail.com>
Move guidance about pty-blocking commands from the `TerminalToolInput`
struct-level doc comment to the `command` field's doc comment so it's
surfaced more prominently to the model in the tool's JSON schema, and
call out `--no-pager` and `GIT_EDITOR=true` explicitly for git
operations.
In practice, the previous wording about `git --no-pager diff` was easy
for agents to overlook, leading to terminal calls that block waiting on
`less` (for `git log`/`git diff`/`git show`) or on an interactive editor
(for `git rebase`/`git commit`/`git merge`).
Unit eval change before/after wording change:
<img width="1662" height="740" alt="image"
src="https://github.com/user-attachments/assets/5f7921f3-87fa-4f88-9839-193ca4522572"
/>
Closes AI-154
Release Notes:
- Zed Agent's terminal tool now much more consistently uses `--no-pager`
and `GIT_EDITOR` with `git` commands
Previously schemars generated oneOf variants for these enums (because we
added inline comments), making the schemas more complicated than they
had to be.
E.g. `edit_file` `mode`
Before:
```json
{
"mode": {
"description": "The mode of operation on the file. Possible values:\n- 'write': Replace the entire contents of the file. If the file doesn't exist, it will be created. Requires 'content' field.\n- 'edit': Make granular edits to an existing file. Requires 'edits' field.\n\nWhen a file already exists or you just created it, prefer editing it as opposed to recreating it from scratch.",
"oneOf": [
{
"description": "Overwrite the file with new content (replacing any existing content).\nIf the file does not exist, it will be created.",
"type": "string",
"const": "write"
},
{
"description": "Make granular edits to an existing file",
"type": "string",
"const": "edit"
}
]
}
}
```
After:
```json
{
"mode": {
"description": "The mode of operation on the file. Possible values:\n- 'write': Replace the entire contents of the file. If the file doesn't exist, it will be created. Requires 'content' field.\n- 'edit': Make granular edits to an existing file. Requires 'edits' field.\n\nWhen a file already exists or you just created it, prefer editing it as opposed to recreating it from scratch.",
"type": "string",
"enum": ["write", "edit"]
}
}
```
Release Notes:
- N/A
We did not really use it in practice (we would only display it in the
tool card header until we received a path), so as is it just wastes
tokens. Therefore removing it.
Release Notes:
- agent: Reduce token usage when LLM edits file
Adds 4 (technically 5) new tools to the zed agent, corresponding to LSP
actions:
- `find_references`
- `goto_definition`
- `rename_symbol`
- `get_code_actions` and `apply_code_actions`
Notes:
- `rename_symbol` skips doing a `prepare_rename`. If there is nothing to
rename at the position, it will forward the error to the agent
- The code action tools are stateful. The state is stored in the
`get_code_actions` tool itself as a `PendingCodeActions`. It is not
passed into/out of subagents. Calling `apply_code_actions` without
calling `get_code_actions` first is an error, but I've never seen an
agent do this
Symbols are identified by:
- file name
- line number
- symbol
If there is no substring match on that line for the symbol text, it is
an error. If there are multiple, it chooses the first. This may not be
great if you have a line like: `fn convert(x: foo::Something) ->
bar::Something` - the second `Something` is a different symbol, but is
inacessible to these tools. Probably fine for now, but we can look into
improving
Release Notes:
- Added: New tools for the Zed Agent for interacting with language
servers
---------
Co-authored-by: Lukas Wirth <me@lukaswirth.dev>
Ports some changes introduced in #51165 out to make merge conflicts
easier to handle.
Splits the `Pipeline` into two separate types for mode edit/write so we
don't need to maintain that invariant inside the pipeline/in the parser
Also moves the parser to be a submodule of `edit_file_tool`
Release Notes:
- N/A
Does not actually seem useful to the LLM to include `Failed to receive
tool input: ...` in the error message. We now only include the actual
error.
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [ ] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- N/A
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Closes #ISSUE
Release Notes:
- agent: Improve reliability when LLM edits file
Previously, we would always return an error if the LLM attempted to edit
a file that had been modified on disk or by the user in the meantime.
However, this often led to unnecessary failures and slowdowns. So,
instead of failing every time, we now attempt to resolve a match. If we
don't find one, we return an error to inform the LLM that the file has
been modified since the last read.
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- agent: Do not fail edit tool if file has unsaved changes
cc: @danilo-leal
This setting is from when we had the git worktree picker in the agent
panel, now that it is in the menu bar it doesn't make sense to keep it.
We plan to add a similar feature in the future to handle the "new thread
== new git worktree" workflow
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Closes #ISSUE
Release Notes:
- N/A
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- N/A
gpt-5.5 likes to call the `now` tool with upper-case "UTC", leading to
this error:
> Failed to receive tool input: tool input was not fully received
Release Notes:
- N/A
Updates our MCP implementation to support `2025-06-18` and `2025-11-25`
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Closes#54458, #53456
Release Notes:
- Support latest MCP version (`2025-11-25`)
We already enabled the feature flag, but that only applies to logged in
users. Going to make sure that everyone gets the new tool as long as the
model supports it.
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- agent: Improve edit tool performance for models that support streaming
tool calls.
Fixes#51537
`regex::escape()` escapes dashes, but dashes are only special inside
`[]` character classes in regex. This means tool_permissions patterns
end up with unnecessary backslashes:
**Before:** `^https?://typescript\-eslint\.io`, `^git\-lfs\s+pull(\s|$)`
**After:** `^https?://typescript-eslint\.io`, `^git-lfs\s+pull(\s|$)`
The fix adds a small `escape_for_pattern()` helper that calls
`regex::escape()` then strips the unnecessary dash escaping via
`.replace("\\-", "-")`. This is applied to all five call sites in
`pattern_extraction.rs`.
Tests updated to expect unescaped dashes, plus a new
`test_dashes_are_not_escaped` test covering terminal commands, URLs, and
paths with dashes.
This PR was developed with AI assistance.
Release Notes:
- Fixed unnecessary escaping of dashes in agent tool permission patterns
(e.g. `typescript\-eslint` is now `typescript-eslint`)
---------
Co-authored-by: Matt Van Horn <455140+mvanhorn@users.noreply.github.com>
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Release Notes:
- N/A
Self-Review Checklist:
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable
Closes #ISSUE
Release Notes:
- N/A
NativeAgentServer::connect used `prompt_store.await?` which turned any
PromptStore initialization failure (permission denied, disk issues,
etc.) into a hard connection error, putting the ConversationView into
LoadError state and preventing all new native agent threads from being
created.
Changed to `.log_err()` so the error is logged at ERROR level but thread
creation proceeds with `prompt_store: None`. `NativeAgent::new` already
accepts `Option<Entity<PromptStore>>` and handles `None` gracefully —
user custom prompts won't load but threads still work.
Added a regression test that serializes a stale thread ID, loads the
panel (triggering the "last active thread not found in database"
warning), then dispatches NewThread through the real NativeAgentServer
path and verifies it produces a connected thread.
Release Notes:
- Agent panel now handles filesystem errors more gracefully
This change fixes a small bug where we were showing "Loading project..."
even when in fact we had already started the search.
It also refactors three booleans in the `SearchState` enum, so that it's
harder to make similar mistakes in the future.
Release Notes:
- N/A
When the agent issued several parallel tool calls that all required
confirmation, clicking "Always for en.wikipedia.org" (or similar) on the
first prompt would persist the new rule to settings but leave the
sibling prompts stuck waiting on their own oneshot channels. The same
happened across subagents, and whenever the user edited settings.json by
hand while prompts were on screen.
`ToolCallEventStream::authorize()` now takes full ownership of the
permission decision. It evaluates the tool-permission settings up front,
and on Confirm it spawns a task that races the user's response against a
`SettingsStore` observer. When settings change, it re-runs the decision;
a new Allow or Deny drops the response receiver, flips the tool call
status to dismiss the prompt UI, and resolves the task without user
input. Subagents fall out of this for free since each thread observes
`SettingsStore` independently.
A few tools (`copy_path`, `move_path`, `delete_path`,
`create_directory`, `save_file`, `restore_file_from_disk`, and the
`edit-file` helper) sometimes need to prompt even when settings say
Allow — for example, edits that target `.zed/settings.json`. For those,
a new `authorize_always_prompt()` method skips the settings check and
always waits for user input; tools pick between the two at the call site
based on whether the path is sensitive.
Closes#54101.
Release Notes:
- In the agent panel, when you click "Always allow" for a tool, this
decision now gets propagated to other pending calls to the same tool.
Co-authored-by: Ben Brandt <benjamin.j.brandt@gmail.com>
Co-authored-by: Bennet Bo Fenner <bennetbo@gmx.de>
