iven
|
03ead44385
|
fix(security): P0 安全修复 — 审计日志 PII 脱敏 + AI Token 计量 + backup.sh 拼写 + CI audit
1. 审计日志 PII 脱敏: audit_service.rs 中 old_value/new_value 自动 mask
patient/consultation/follow_up 等资源类型的 PII 字段(id_number/phone/name 等)
2. AI Token 计量: chat_handler.rs 从 Provider response 和 AgentOrchestrator 提取
实际 input_tokens/output_tokens,替代硬编码 0
3. AI display_hints: 从 AgentOrchestrator 传递 display_hints 给前端 ChatResponse
4. backup.sh: PGDATABSE 拼写错误修复为 PGDATABASE
5. CI: npm audit 移除 || true,高危漏洞阻止合并
6. 新增六维度深度分析报告 docs/discussions/2026-05-28
|
2026-05-29 07:56:29 +08:00 |
|
iven
|
a5efab2a13
|
ci(mp): E3-4 小程序 CI 集成
- Gitea CI 新增 miniprogram-test job(tsc + vitest)
- GitHub Actions 新增 miniprogram-test job(tsc + vitest)
- 与 Rust/Web CI 并行执行,加速反馈周期
|
2026-05-22 08:49:25 +08:00 |
|
iven
|
227d81ddd6
|
ci(security): 新增 cargo audit + npm audit 安全扫描步骤
后端 CI 添加 cargo audit 依赖漏洞扫描,前端添加 npm audit。
在每次 PR 和 main push 时自动检测已知安全漏洞。
|
2026-05-17 12:50:27 +08:00 |
|
iven
|
6997bb1d90
|
test: Phase 0 测试基础设施 — TestApp + MSW + 覆盖率工具 + CI
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- TestApp struct 封装 TestDb + HealthState + tenant_id/operator_id
- TestFixture 工厂方法: create_patient/create_doctor/create_schedule/create_appointment
- 前端 MSW v2 handlers (auth) + server setup + vitest 集成
- vitest coverage v8 配置 + test:coverage script
- GitHub Actions CI: backend (check + test + clippy) + frontend (tsc + test + build)
|
2026-04-27 21:12:08 +08:00 |
|