mirror of
https://github.com/lWolvesl/claw-code.git
synced 2026-04-02 07:41:52 +08:00
e2f061fd08
The Rust CLI/runtime now models permissions as ordered access levels, derives tool requirements from the shared tool specs, and prompts REPL users before one-off danger-full-access escalations from workspace-write sessions. This also wires explicit --permission-mode parsing and makes /permissions operate on the live session state instead of an implicit env-derived default. Constraint: Must preserve the existing three user-facing modes read-only, workspace-write, and danger-full-access Constraint: Must avoid new dependencies and keep enforcement inside the existing runtime/tool plumbing Rejected: Keep the old Allow/Deny/Prompt policy model | could not represent ordered tool requirements across the CLI surface Rejected: Continue sourcing live session mode solely from RUSTY_CLAUDE_PERMISSION_MODE | /permissions would not reliably reflect the current session state Confidence: high Scope-risk: moderate Reversibility: clean Directive: Add required_permission entries for new tools before exposing them to the runtime Tested: cargo fmt; cargo clippy --workspace --all-targets -- -D warnings; cargo test -q Not-tested: Manual interactive REPL approval flow in a live Anthropic session