From 031416f065292cfb404bae80424dde209ab83a71 Mon Sep 17 00:00:00 2001
From: Argenis <theonlyhennygod@gmail.com>
Date: Sat, 21 Mar 2026 19:38:11 -0400
Subject: [PATCH] fix(approval): support wildcard `*` in auto_approve and
 always_ask (#4184)

auto_approve = ["*"] was doing exact string matching, so only the
literal tool name "*" was matched. Users expecting wildcard semantics
had every tool blocked in supervised mode.

Also adds "prompt exceeds max length" to the context-window error
detection hints (fixes GLM/ZAI error 1261 detection).

Closes #4127
---
 src/approval/mod.rs       | 4 ++--
 src/providers/reliable.rs | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/approval/mod.rs b/src/approval/mod.rs
index 3b2b9a4f6..bffae728a 100644
--- a/src/approval/mod.rs
+++ b/src/approval/mod.rs
@@ -122,7 +122,7 @@ impl ApprovalManager {
         }
 
         // always_ask overrides everything.
-        if self.always_ask.contains(tool_name) {
+        if self.always_ask.contains("*") || self.always_ask.contains(tool_name) {
             return true;
         }
 
@@ -136,7 +136,7 @@ impl ApprovalManager {
         }
 
         // auto_approve skips the prompt.
-        if self.auto_approve.contains(tool_name) {
+        if self.auto_approve.contains("*") || self.auto_approve.contains(tool_name) {
             return false;
         }
 
diff --git a/src/providers/reliable.rs b/src/providers/reliable.rs
index d4bde3cf0..0f6bda44b 100644
--- a/src/providers/reliable.rs
+++ b/src/providers/reliable.rs
@@ -108,6 +108,7 @@ fn is_context_window_exceeded(err: &anyhow::Error) -> bool {
         "token limit exceeded",
         "prompt is too long",
         "input is too long",
+        "prompt exceeds max length",
     ];
 
     hints.iter().any(|hint| lower.contains(hint))