mirror of
https://github.com/ultraworkers/claw-code-parity.git
synced 2026-04-30 00:27:55 +02:00
Yeachan-Heo
bf59abc9e9
ConversationRuntime already performs permission-policy checks and interactive approvals before dispatching a tool. The CLI tool executor was routing those same tool calls back through GlobalToolRegistry::execute, which re-ran the enforcer without a prompter and flipped approved bash calls back into denials. Add a preauthorized execution path for runtime-dispatched tools, keep registry enforcement for direct callers, and format the files that were already tripping rustfmt on main. Constraint: CI on main was failing both cargo fmt and the mock parity harness after permission enforcement landed Rejected: Remove registry enforcement globally | would reopen direct-dispatch permission gaps Confidence: high Scope-risk: narrow Reversibility: clean Directive: Use execute_preauthorized only after ConversationRuntime or an equivalent caller has already completed permission gating Tested: cargo fmt --all --check; cargo test -p rusty-claude-cli; cargo test -p tools Not-tested: Full workspace test matrix beyond the Rust CI workflow targets