fix: resolve 6 remaining defects (P2-18, P2-21, P3-04, P3-05, P3-06, P3-02)
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
P3-03: HTML export now renders key_points in format_scene_content P3-07: SKILL.md/YAML parser handles both single and double quotes P3-09: auto_classify covers 20 categories with keyword matching Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
iven
@@ -1,16 +1,18 @@
|
||||
# ZCLAW 上线前功能审计 — 缺陷清单
|
||||
|
||||
> **审计日期**: 2026-04-06 | **最后更新**: 2026-04-06 | **审计范围**: T1-T8 模块 | **基线**: V12 审计 | **最新编译状态**: ✅ cargo check 通过
|
||||
> **审计日期**: 2026-04-06 | **最后更新**: 2026-04-06 (深度审计) | **审计范围**: T1-T8 模块 | **基线**: V12 审计 | **最新编译状态**: ✅ cargo check 通过
|
||||
|
||||
## 统计总览
|
||||
|
||||
| 严重度 | V12 遗留 | 新发现 | 已修复 | 当前活跃 |
|
||||
|--------|---------|--------|--------|---------|
|
||||
| **P0** | 1 | 0 | 1 | **0** |
|
||||
| **P1** | 11 | 2 | 13 | **0** |
|
||||
| **P2** | 25 | 2 | 26 | **1** |
|
||||
| **P3** | 10 | 0 | 10 | **0** |
|
||||
| **合计** | **47** | **4** | **50** | **1** |
|
||||
| 严重度 | 已修复 | FALSE_POSITIVE | 实际未修(修复中) |
|
||||
|--------|--------|---------------|---------|
|
||||
| **P0** | 1 | 0 | 0 |
|
||||
| **P1** | 14 | 1 (M11-01) | 0 |
|
||||
| **P2** | 27 | 0 | 0 |
|
||||
| **P3** | 8 | 0 | 3 (P3-03/P3-07/P3-09) |
|
||||
| **合计** | **50** | **1** | **3** |
|
||||
|
||||
> **深度审计 (2026-04-06)**: 51 项声称修复逐项代码验证。M11-01 为 FALSE_POSITIVE(blocking_lock 从未存在)。P3-03(html缺key_points)/P3-07(单引号未处理)/P3-09(无auto_classify) 实际未修,已提交修复。P2-24/P2-25 状态同步更新为 ✅。
|
||||
|
||||
---
|
||||
|
||||
@@ -94,8 +96,8 @@
|
||||
| P2-21 | M1-01 | GeminiDriver API Key 在 URL query 参数中 | ✅ 已修复 (P2-21: 前期暂停非国内模型支持,Gemini/OpenAI/Anthropic 标记为 suspended) |
|
||||
| P2-22 | M1-02 | ToolOutputGuard 只 warn 不 block 敏感信息 | ✅ 已修复 (sensitive patterns now return Err to block output) |
|
||||
| P2-23 | M1-03/04 | Mutex::unwrap() 在 async 中可能 panic | ✅ 已修复 (relay/service.rs unwrap_or_else(|e| e.into_inner())) |
|
||||
| P2-24 | — | 记忆写入无去重,多轮对话产生内容相同的重复记忆 | 📋 待修复 (content_hash 去重方案) |
|
||||
| P2-25 | — | 审计日志仅记录反思运行,Hand/Skill 执行无审计追踪 | 📋 待修复 (security-audit.ts 补全事件类型) |
|
||||
| P2-24 | — | 记忆写入无去重,多轮对话产生内容相同的重复记忆 | ✅ 已修复 (sqlite.rs content_hash 列 + agent scope 去重 + importance/access_count 合并) |
|
||||
| P2-25 | — | 审计日志仅记录反思运行,Hand/Skill 执行无审计追踪 | ✅ 已修复 (security-audit.ts 新增 4 事件类型 + kernel-hands.ts/kernel-skills.ts 审计调用) |
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user