jbr870/claude-permit
1
0
Fork 0
Code Issues 17 Pull requests Projects Releases Packages Wiki Activity Actions

Add claude-permit report --html subcommand: v1 system snapshot #10

New issue
Closed
opened 2026-04-20 20:44:16 +00:00 by jbr870 · 1 comment
jbr870 commented 2026-04-20 20:44:16 +00:00
Owner
Copy link

Summary

First iteration of a static HTML dashboard for claude-permit. Renders a read-only system snapshot so the user can actually see their current config — rules, config paths, audit log size — without grepping through TOML files. No audit-log parsing in this iteration; that's the follow-up (#1).

Supersedes the stats naming in #1: the subcommand is renamed to report --html so it can grow tabs/sections (inventory, stats, trends) over time without a later rename.

Command

claude-permit report --html <output-path>

Generates a self-contained HTML file (inline CSS/JS, no external assets). Single-binary feel preserved — no server process.

What's needed

Header strip (top of page)

  • Paths: ~/.claude/claude-permit/config.toml, auto-rules.toml, audit.jsonl
  • For each: file size and last-modified timestamp
  • Rule counts per kind: N deny, N ask, N allow, N deny_promote, N auto-promoted

Rules section (four tables, one per kind)

Columns:

  • Tool pattern (regex)
  • Field matchers (e.g. command, file_path regexes)
  • Source: config.toml vs auto-rules.toml
  • For auto-rules only: promoted_at, LLM reasoning (if present)

Sortable client-side. No filter UI in v1.

Data sources

  • config.toml (user-managed rules)
  • auto-rules.toml (machine-managed, auto-promoted)
  • File metadata (stat) for header strip

Nothing from audit.jsonl in this iteration — deliberately scoped out.

Out of scope (deferred)

  • Anything read from audit.jsonl (counts, trends, latency, hit rates) — that's #1
  • Rule hit counts (needs audit parsing and named rules per #2)
  • Editing / promoting / deleting rules from the report
  • Filter UI, search, live updates, server mode

Relationship to other issues

  • #1 (originally stats) → renamed to report --html and becomes the follow-up: adds an audit-log-driven "Stats" section to this same report (session scorecards, trends, hit counts, LLM latency). Shares the HTML skeleton and command built here.
  • #2 (named rules) → unblocks meaningful rule hit counts in #1, not this issue.
  • #9 (audit subcommand for review-and-promote) → separate workflow; may share audit-parsing code with #1.

Design considerations

  • Self-contained HTML (inline assets). User runs claude-permit report --html out.html and opens in a browser. No server, no build step, no external CDN dependencies.
  • Keep the rendering code decoupled from the TOML parsing so #1 can add new sections without refactoring.
  • Truncate long regex patterns visually (full text on hover / title attribute).

Context

Motivation: user has zero visibility into the system right now. First tangible step toward observability is seeing the state that already exists in TOML files.

## Summary First iteration of a static HTML dashboard for `claude-permit`. Renders a read-only system snapshot so the user can actually *see* their current config — rules, config paths, audit log size — without grepping through TOML files. No audit-log parsing in this iteration; that's the follow-up (#1). Supersedes the `stats` naming in #1: the subcommand is renamed to `report --html` so it can grow tabs/sections (inventory, stats, trends) over time without a later rename. ## Command ``` claude-permit report --html <output-path> ``` Generates a self-contained HTML file (inline CSS/JS, no external assets). Single-binary feel preserved — no server process. ## What's needed ### Header strip (top of page) - Paths: `~/.claude/claude-permit/config.toml`, `auto-rules.toml`, `audit.jsonl` - For each: file size and last-modified timestamp - Rule counts per kind: N `deny`, N `ask`, N `allow`, N `deny_promote`, N auto-promoted ### Rules section (four tables, one per kind) Columns: - Tool pattern (regex) - Field matchers (e.g. `command`, `file_path` regexes) - Source: `config.toml` vs `auto-rules.toml` - For auto-rules only: `promoted_at`, LLM reasoning (if present) Sortable client-side. No filter UI in v1. ### Data sources - `config.toml` (user-managed rules) - `auto-rules.toml` (machine-managed, auto-promoted) - File metadata (stat) for header strip **Nothing from `audit.jsonl`** in this iteration — deliberately scoped out. ## Out of scope (deferred) - Anything read from `audit.jsonl` (counts, trends, latency, hit rates) — that's #1 - Rule hit counts (needs audit parsing *and* named rules per #2) - Editing / promoting / deleting rules from the report - Filter UI, search, live updates, server mode ## Relationship to other issues - **#1** (originally `stats`) → renamed to `report --html` and becomes the **follow-up**: adds an audit-log-driven "Stats" section to this same report (session scorecards, trends, hit counts, LLM latency). Shares the HTML skeleton and command built here. - **#2** (named rules) → unblocks meaningful rule hit counts in #1, not this issue. - **#9** (audit subcommand for review-and-promote) → separate workflow; may share audit-parsing code with #1. ## Design considerations - Self-contained HTML (inline assets). User runs `claude-permit report --html out.html` and opens in a browser. No server, no build step, no external CDN dependencies. - Keep the rendering code decoupled from the TOML parsing so #1 can add new sections without refactoring. - Truncate long regex patterns visually (full text on hover / title attribute). ## Context Motivation: user has zero visibility into the system right now. First tangible step toward observability is seeing the state that already exists in TOML files.
jbr870 commented 2026-04-27 12:32:33 +00:00
Author
Owner
Copy link

Implemented. report --html subcommand wired in src/main.rs:42 and src/main.rs:107, with dedicated src/report.rs module. Implementing commits: ee98754 (feat), 84dc662 (fixes), aba0b60 (regression tests).

Implemented. `report --html` subcommand wired in src/main.rs:42 and src/main.rs:107, with dedicated src/report.rs module. Implementing commits: ee98754 (feat), 84dc662 (fixes), aba0b60 (regression tests).
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
12-auto-promote-quote-escaping
No results found.
Labels
Clear labels   
enhancement
New feature or improvement

  
observability
Insights, stats, and transparency features

  
research
Research and analysis

No labels
enhancement
observability
research
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
jbr870/claude-permit#10
No description provided.