Remove the deprecated Claude subscription login path and restore a green Rust workspace

ROADMAP #37 was still open even though several earlier backlog items were
already closed. This change removes the local login/logout surface, stops
startup auth resolution from treating saved OAuth credentials as a supported
path, and updates diagnostics/help to point users at ANTHROPIC_API_KEY or
ANTHROPIC_AUTH_TOKEN only.

While proving the change with the user-requested workspace gates, clippy
surfaced additional pre-existing warning failures across the Rust workspace.
Those were cleaned up in-place so the required `cargo fmt`, `cargo clippy
--workspace --all-targets -- -D warnings`, and `cargo test --workspace`
sequence now passes end to end.

Constraint: User explicitly required full-workspace fmt/clippy/test before commit/push
Constraint: Existing dirty leader worktree had to be stashed before attempted OMX team worktree launch
Rejected: Keep login/logout but hide them from help | left unsupported auth flow and saved OAuth fallback intact
Rejected: Stop after ROADMAP #37 targeted tests | did not satisfy required full-workspace verification gate
Confidence: medium
Scope-risk: moderate
Reversibility: clean
Directive: Do not reintroduce saved OAuth as a silent Anthropic startup fallback without an explicit supported auth policy
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: Remote push effects beyond origin/main update

rust/crates/runtime/src/compact.rs

@@ -135,8 +135,7 @@ pub fn compact_session(session: &Session, config: CompactionConfig) -> Compactio
             let starts_with_tool_result = first_preserved
                 .blocks
                 .first()
-                .map(|b| matches!(b, ContentBlock::ToolResult { .. }))
-                .unwrap_or(false);
+                .is_some_and(|b| matches!(b, ContentBlock::ToolResult { .. }));
             if !starts_with_tool_result {
                 break;
             }
@@ -741,7 +740,7 @@ mod tests {
 
     /// Regression: compaction must not split an assistant(ToolUse) /
     /// user(ToolResult) pair at the boundary. An orphaned tool-result message
-    /// without the preceding assistant tool_calls causes a 400 on the
+    /// without the preceding assistant `tool_calls` causes a 400 on the
     /// OpenAI-compat path (gaebal-gajae repro 2026-04-09).
     #[test]
     fn compaction_does_not_split_tool_use_tool_result_pair() {
@@ -795,8 +794,7 @@ mod tests {
             let curr_is_tool_result = messages[i]
                 .blocks
                 .first()
-                .map(|b| matches!(b, ContentBlock::ToolResult { .. }))
-                .unwrap_or(false);
+                .is_some_and(|b| matches!(b, ContentBlock::ToolResult { .. }));
             if curr_is_tool_result {
                 let prev_has_tool_use = messages[i - 1]
                     .blocks

rust/crates/runtime/src/session.rs

@@ -1467,12 +1467,8 @@ mod tests {
 /// Called by external consumers (e.g. clawhip) to enumerate sessions for a CWD.
 #[allow(dead_code)]
 pub fn workspace_sessions_dir(cwd: &std::path::Path) -> Result<std::path::PathBuf, SessionError> {
-    let store = crate::session_control::SessionStore::from_cwd(cwd).map_err(|e| {
-        SessionError::Io(std::io::Error::new(
-            std::io::ErrorKind::Other,
-            e.to_string(),
-        ))
-    })?;
+    let store = crate::session_control::SessionStore::from_cwd(cwd)
+        .map_err(|e| SessionError::Io(std::io::Error::other(e.to_string())))?;
     Ok(store.sessions_dir().to_path_buf())
 }
 
@@ -1489,8 +1485,7 @@ mod workspace_sessions_dir_tests {
         let result = workspace_sessions_dir(&tmp);
         assert!(
             result.is_ok(),
-            "workspace_sessions_dir should succeed for a valid CWD, got: {:?}",
-            result
+            "workspace_sessions_dir should succeed for a valid CWD, got: {result:?}"
         );
         let dir = result.unwrap();
         // The returned path should be non-empty and end with a hash component

rust/crates/runtime/src/session_control.rs

@@ -74,6 +74,7 @@ impl SessionStore {
         &self.workspace_root
     }
 
+    #[must_use]
     pub fn create_handle(&self, session_id: &str) -> SessionHandle {
         let id = session_id.to_string();
         let path = self

rust/crates/runtime/src/worker_boot.rs

@@ -575,28 +575,28 @@ fn push_event(
 /// Write current worker state to `.claw/worker-state.json` under the worker's cwd.
 /// This is the file-based observability surface: external observers (clawhip, orchestrators)
 /// poll this file instead of requiring an HTTP route on the opencode binary.
+#[derive(serde::Serialize)]
+struct StateSnapshot<'a> {
+    worker_id: &'a str,
+    status: WorkerStatus,
+    is_ready: bool,
+    trust_gate_cleared: bool,
+    prompt_in_flight: bool,
+    last_event: Option<&'a WorkerEvent>,
+    updated_at: u64,
+    /// Seconds since last state transition. Clawhip uses this to detect
+    /// stalled workers without computing epoch deltas.
+    seconds_since_update: u64,
+}
+
 fn emit_state_file(worker: &Worker) {
     let state_dir = std::path::Path::new(&worker.cwd).join(".claw");
-    if let Err(_) = std::fs::create_dir_all(&state_dir) {
+    if std::fs::create_dir_all(&state_dir).is_err() {
         return;
     }
     let state_path = state_dir.join("worker-state.json");
     let tmp_path = state_dir.join("worker-state.json.tmp");
 
-    #[derive(serde::Serialize)]
-    struct StateSnapshot<'a> {
-        worker_id: &'a str,
-        status: WorkerStatus,
-        is_ready: bool,
-        trust_gate_cleared: bool,
-        prompt_in_flight: bool,
-        last_event: Option<&'a WorkerEvent>,
-        updated_at: u64,
-        /// Seconds since last state transition. Clawhip uses this to detect
-        /// stalled workers without computing epoch deltas.
-        seconds_since_update: u64,
-    }
-
     let now = now_secs();
     let snapshot = StateSnapshot {
         worker_id: &worker.worker_id,