claude-code

d0zingcat/claude-code

Fork 0

mirror of https://github.com/instructkr/claude-code.git synced 2026-05-13 17:36:44 +00:00

Commit Graph

Author	SHA1	Message	Date
Jobdori	8cc7d4c641	chore: additional AI slop cleanup and enforcer wiring from sessions 1/5 Session 1 (ses_2ad65873): with_enforcer builders + 2 regression tests Session 5 (ses_2ad67e8e): continued AI slop cleanup pass — redundant comments, unused_self suppressions, unreachable! tightening Session cleanup (ses_2ad6b26c): Python placeholder centralization Workspace tests: 363+ passed, 0 failed.	2026-04-03 18:35:27 +09:00
Jobdori	618a79a9f4	feat: ultraclaw session outputs — registry tests, MCP bridge, PARITY.md, cleanup Ultraclaw mode results from 10 parallel opencode sessions: - PARITY.md: Updated both copies with all 9 landed lanes, commit hashes, line counts, and test counts. All checklist items marked complete. - MCP bridge: McpToolRegistry.call_tool now wired to real McpServerManager via async JSON-RPC (discover_tools -> tools/call -> shutdown) - Registry tests: Added coverage for TaskRegistry, TeamRegistry, CronRegistry, PermissionEnforcer, LspRegistry (branch-focused tests) - Permissions refactor: Simplified authorize_with_context, extracted helpers, added characterization tests (185 runtime tests pass) - AI slop cleanup: Removed redundant comments, unused_self suppressions, tightened unreachable branches - CLI fixes: Minor adjustments in main.rs and hooks.rs All 363+ tests pass. Workspace compiles clean.	2026-04-03 18:23:03 +09:00
Jobdori	66283f4dc9	feat(runtime+tools): PermissionEnforcer — permission mode enforcement layer Add PermissionEnforcer in crates/runtime/src/permission_enforcer.rs and wire enforce_permission_check() into crates/tools/src/lib.rs. Runtime additions: - PermissionEnforcer: wraps PermissionPolicy with enforcement API - check(tool, input): validates tool against active mode via policy.authorize() - check_file_write(path, workspace_root): workspace boundary enforcement - ReadOnly: deny all writes - WorkspaceWrite: allow within workspace, deny outside - DangerFullAccess/Allow: permit all - Prompt: deny (no prompter available) - check_bash(command): read-only command heuristic (60+ safe commands) - Detects -i/--in-place/redirect operators as non-read-only - is_within_workspace(): string-prefix boundary check - is_read_only_command(): conservative allowlist of safe CLI commands Tool wiring: - enforce_permission_check() public API for gating execute_tool() calls - Maps EnforcementResult::Denied to Err(reason) for tool dispatch 9 new tests covering all permission modes + workspace boundary + bash heuristic.	2026-04-03 17:55:04 +09:00

Author

SHA1

Message

Date

Jobdori

8cc7d4c641

chore: additional AI slop cleanup and enforcer wiring from sessions 1/5

Session 1 (ses_2ad65873): with_enforcer builders + 2 regression tests
Session 5 (ses_2ad67e8e): continued AI slop cleanup pass — redundant
  comments, unused_self suppressions, unreachable! tightening
Session cleanup (ses_2ad6b26c): Python placeholder centralization

Workspace tests: 363+ passed, 0 failed.

2026-04-03 18:35:27 +09:00

Jobdori

618a79a9f4

feat: ultraclaw session outputs — registry tests, MCP bridge, PARITY.md, cleanup

Ultraclaw mode results from 10 parallel opencode sessions:

- PARITY.md: Updated both copies with all 9 landed lanes, commit hashes,
  line counts, and test counts. All checklist items marked complete.
- MCP bridge: McpToolRegistry.call_tool now wired to real McpServerManager
  via async JSON-RPC (discover_tools -> tools/call -> shutdown)
- Registry tests: Added coverage for TaskRegistry, TeamRegistry,
  CronRegistry, PermissionEnforcer, LspRegistry (branch-focused tests)
- Permissions refactor: Simplified authorize_with_context, extracted helpers,
  added characterization tests (185 runtime tests pass)
- AI slop cleanup: Removed redundant comments, unused_self suppressions,
  tightened unreachable branches
- CLI fixes: Minor adjustments in main.rs and hooks.rs

All 363+ tests pass. Workspace compiles clean.

2026-04-03 18:23:03 +09:00

Jobdori

66283f4dc9

feat(runtime+tools): PermissionEnforcer — permission mode enforcement layer

Add PermissionEnforcer in crates/runtime/src/permission_enforcer.rs
and wire enforce_permission_check() into crates/tools/src/lib.rs.

Runtime additions:
- PermissionEnforcer: wraps PermissionPolicy with enforcement API
- check(tool, input): validates tool against active mode via policy.authorize()
- check_file_write(path, workspace_root): workspace boundary enforcement
  - ReadOnly: deny all writes
  - WorkspaceWrite: allow within workspace, deny outside
  - DangerFullAccess/Allow: permit all
  - Prompt: deny (no prompter available)
- check_bash(command): read-only command heuristic (60+ safe commands)
  - Detects -i/--in-place/redirect operators as non-read-only
- is_within_workspace(): string-prefix boundary check
- is_read_only_command(): conservative allowlist of safe CLI commands

Tool wiring:
- enforce_permission_check() public API for gating execute_tool() calls
- Maps EnforcementResult::Denied to Err(reason) for tool dispatch

9 new tests covering all permission modes + workspace boundary + bash heuristic.

2026-04-03 17:55:04 +09:00

3 Commits