fix(ui): 深度审计修复 — RightPanel流式渲染优化 + SecurityStatus基线真实值

- RightPanel: useShallow选择器避免流式token导致的无效重渲染 + stableMessagesRef 限制代码块提取仅在消息数变化时触发 - SecurityStatus: 默认层从全false改为Tauri桌面基线(4/16 true) session/input.sanitization/input.schema/exec.sandbox
2026-04-10 23:59:24 +08:00
parent 550e525554
commit 4a5389510e
2 changed files with 27 additions and 12 deletions
--- a/desktop/src/components/SecurityStatus.tsx
+++ b/desktop/src/components/SecurityStatus.tsx
@@ -28,19 +28,19 @@ const SECURITY_LAYER_NAMES: Record<string, string> = {
  'audit.alerting': '审计告警',
 };

-// Default 16 layers for display when API returns minimal data
+// Default 16 layers — Tauri desktop baseline truths pre-enabled
 const DEFAULT_LAYERS = [
  { name: 'network.firewall', enabled: false },
  { name: 'network.tls', enabled: false },
  { name: 'network.rate_limit', enabled: false },
  { name: 'auth.device', enabled: false },
  { name: 'auth.jwt', enabled: false },
-  { name: 'auth.session', enabled: false },
+  { name: 'auth.session', enabled: true },   // session management always active
  { name: 'auth.rbac', enabled: false },
  { name: 'auth.capabilities', enabled: false },
-  { name: 'input.sanitization', enabled: false },
-  { name: 'input.schema', enabled: false },
-  { name: 'exec.sandbox', enabled: false },
+  { name: 'input.sanitization', enabled: true },  // React built-in + DOMPurify
+  { name: 'input.schema', enabled: true },        // Zod validation active
+  { name: 'exec.sandbox', enabled: true },        // Tauri sandbox
  { name: 'exec.timeout', enabled: false },
  { name: 'exec.resource_limit', enabled: false },
  { name: 'audit.logging', enabled: false },