Move tool executor behind tarpc. (#12)

Implement tool executor as a separate tarpc service to improve isolation and create sandboxing opportunities. Reviewed-on: #12 Co-authored-by: Drew Galbraith <drew@tiramisu.one> Co-committed-by: Drew Galbraith <drew@tiramisu.one>
2026-03-14 22:08:05 +00:00 · 2026-03-14 22:08:05 +00:00 · 312a5866f7
commit 312a5866f7
parent 7420755800
17 changed files with 465 additions and 476 deletions
--- a/src/tui/mod.rs
+++ b/src/tui/mod.rs
@ -90,8 +90,6 @@ pub struct AppState {
    pub viewport_height: u16,
    /// Transient error message shown in the status bar, cleared on next keypress.
    pub status_error: Option<String>,
-    /// A tool approval request waiting for user input (y/n).
-    pub pending_approval: Option<events::PendingApproval>,
    /// Whether the sandbox is in yolo (unsandboxed) mode.
    pub sandbox_yolo: bool,
    /// Whether network access is currently allowed.
@ -115,7 +113,6 @@ impl AppState {
            pending_keys: Vec::new(),
            viewport_height: 0,
            status_error: None,
-            pending_approval: None,
            sandbox_yolo: false,
            network_allowed: false,
            epoch: 0,
@ -224,17 +221,6 @@ pub async fn run(
                    .send(UserAction::ClearHistory { epoch: state.epoch })
                    .await;
            }
-            Some(input::LoopControl::ToolApproval {
-                tool_use_id,
-                approved,
-            }) => {
-                let _ = action_tx
-                    .send(UserAction::ToolApprovalResponse {
-                        tool_use_id,
-                        approved,
-                    })
-                    .await;
-            }
            Some(input::LoopControl::SetNetworkPolicy(allowed)) => {
                let _ = action_tx.send(UserAction::SetNetworkPolicy(allowed)).await;
            }