Fix audit hanging: add auto_apply param + allow_write for tool access

Root cause: claude agent without --dangerously-skip-permissions hangs on tool permission prompts when stdin=DEVNULL. Fixes: - run_audit() now passes allow_write=True so agent can use Read/Bash tools without interactive permission prompts - Added auto_apply param: False for API (result only), CLI confirms with user then applies manually - API explicitly passes auto_apply=False - Tests for auto_apply=True/False behavior Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-15 18:00:39 +02:00 · 2026-03-15 18:00:39 +02:00 · 9cbb3cec37
commit 9cbb3cec37
parent 96509dcafc
4 changed files with 78 additions and 5 deletions
--- a/agents/runner.py
+++ b/agents/runner.py
@ -224,9 +224,13 @@ def run_audit(
    conn: sqlite3.Connection,
    project_id: str,
    noninteractive: bool = False,
+    auto_apply: bool = False,
 ) -> dict:
    """Audit pending tasks against the actual codebase.

+    auto_apply=True: marks already_done tasks as done in DB.
+    auto_apply=False: returns results only (for API/GUI).
+
    Returns {success, already_done, still_pending, unclear, duration_seconds, ...}
    """
    project = models.get_project(conn, project_id)
@ -281,10 +285,11 @@ def run_audit(
    if project_path.is_dir():
        working_dir = str(project_path)

-    # Run agent
+    # Run agent — allow_write=True so claude can use Read/Bash tools
+    # without interactive permission prompts (critical for noninteractive mode)
    start = time.monotonic()
    result = _run_claude(prompt, model="sonnet", working_dir=working_dir,
-                         noninteractive=noninteractive)
+                         allow_write=True, noninteractive=noninteractive)
    duration = int(time.monotonic() - start)

    raw_output = result.get("output", "")
@ -327,11 +332,25 @@ def run_audit(
            "duration_seconds": duration,
        }

+    already_done = parsed.get("already_done", [])
+
+    # Auto-apply: mark already_done tasks as done in DB
+    applied = []
+    if auto_apply and already_done:
+        for item in already_done:
+            tid = item.get("id")
+            if tid:
+                t = models.get_task(conn, tid)
+                if t and t["project_id"] == project_id and t["status"] == "pending":
+                    models.update_task(conn, tid, status="done")
+                    applied.append(tid)
+
    return {
        "success": True,
-        "already_done": parsed.get("already_done", []),
+        "already_done": already_done,
        "still_pending": parsed.get("still_pending", []),
        "unclear": parsed.get("unclear", []),
+        "applied": applied,
        "duration_seconds": duration,
        "tokens_used": result.get("tokens_used"),
        "cost_usd": result.get("cost_usd"),