alt Hacker NewsThe entire permissions system feels like it's ripe for a DSL of some kind. Looking at the context implementation in src/nah/context.py and the way it hardcodes a ton of assumptions makes me think it will just be a maintenance nightmare to account for _all_ possible contexts and known commands. It would be nice to be able to express that __pycache__/ is not an important directory and can be deleted at will without having to encode that specific directory name (not that this projects hardcodes it, it's just an example to get to the point).
nah already handles that: 'rm -rf __pycache__' inside your project is auto-allowed (filesystem_delete with context policy -> checks if it's inside the project -> allow). No config needed.
But you can customize everything via YAML or CLI if the defaults don't fit:
actions: filesystem_delete: allow # allow all deletes everywhere
Or nah allow filesystem_delete from the CLI.
You can also add custom classifications, swap taxonomy profiles (full/minimal), or start from a blank slate. It's fully customizable.
You are right about maintenance... the taxonomy will always be chasing new commands. That's partly why the optional LLM layer exists as a fallback for anything the classifier doesn't recognize.