fix(audit): v5 审计修复 8 项 — 条件编译、安全加固、冗余清理
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
- N1: Whiteboard Export 动作标注 demo=true - N2/N3: Director + A2A 通过 #[cfg(feature)] 条件编译隔离 - N4: viking_adapter 文本匹配降级为 LOW(生产路径走 SqliteStorage) - N5: 移除冗余 compactor_compact_llm Tauri 命令注册 - M3: hand_approve/hand_cancel 添加 hand_id 验证防跨 Hand 审批 - N7: scheduled_task 文档注释标注 PLANNNED - 新增 COMPREHENSIVE_AUDIT_V5.md 独立审计报告 - 更新 DEEP_AUDIT_REPORT.md 追加修复记录(累计 32 项)
This commit is contained in:
iven
@@ -1171,7 +1171,20 @@ pub async fn hand_approve(
|
||||
hand_name, run_id, approved, reason
|
||||
);
|
||||
|
||||
// run_id maps to approval id
|
||||
// Verify the approval belongs to the specified hand before responding.
|
||||
// This prevents cross-hand approval attacks where a run_id from one hand
|
||||
// is used to approve a different hand's pending execution.
|
||||
let approvals = kernel.list_approvals().await;
|
||||
let entry = approvals.iter().find(|a| a.id == run_id && a.status == "pending")
|
||||
.ok_or_else(|| format!("Approval not found or already resolved: {}", run_id))?;
|
||||
|
||||
if entry.hand_id != hand_name {
|
||||
return Err(format!(
|
||||
"Approval run_id {} belongs to hand '{}', not '{}' as requested",
|
||||
run_id, entry.hand_id, hand_name
|
||||
));
|
||||
}
|
||||
|
||||
kernel.respond_to_approval(&run_id, approved, reason).await
|
||||
.map_err(|e| format!("Failed to approve hand: {}", e))?;
|
||||
|
||||
@@ -1197,6 +1210,18 @@ pub async fn hand_cancel(
|
||||
hand_name, run_id
|
||||
);
|
||||
|
||||
// Verify the approval belongs to the specified hand before cancelling
|
||||
let approvals = kernel.list_approvals().await;
|
||||
let entry = approvals.iter().find(|a| a.id == run_id && a.status == "pending")
|
||||
.ok_or_else(|| format!("Approval not found or already resolved: {}", run_id))?;
|
||||
|
||||
if entry.hand_id != hand_name {
|
||||
return Err(format!(
|
||||
"Approval run_id {} belongs to hand '{}', not '{}' as requested",
|
||||
run_id, entry.hand_id, hand_name
|
||||
));
|
||||
}
|
||||
|
||||
kernel.cancel_approval(&run_id).await
|
||||
.map_err(|e| format!("Failed to cancel hand: {}", e))?;
|
||||
|
||||
@@ -1297,8 +1322,10 @@ pub struct ScheduledTaskResponse {
|
||||
|
||||
/// Create a scheduled task (backed by kernel TriggerManager)
|
||||
///
|
||||
/// Tasks are stored in the kernel's trigger system. Automatic execution
|
||||
/// requires a scheduler loop (not yet implemented in embedded kernel mode).
|
||||
/// ⚠️ PLANNNED: Tasks are stored in the kernel's trigger system, but automatic
|
||||
/// execution requires a scheduler loop that is not yet implemented in embedded
|
||||
/// kernel mode. Created tasks will be persisted but not auto-executed until
|
||||
/// the scheduler loop is implemented.
|
||||
#[tauri::command]
|
||||
pub async fn scheduled_task_create(
|
||||
state: State<'_, KernelState>,
|
||||
|
||||
@@ -1466,7 +1466,7 @@ pub fn run() {
|
||||
intelligence::compactor::compactor_estimate_messages_tokens,
|
||||
intelligence::compactor::compactor_check_threshold,
|
||||
intelligence::compactor::compactor_compact,
|
||||
intelligence::compactor::compactor_compact_llm,
|
||||
// compactor_compact_llm removed: redundant with runtime maybe_compact_with_config()
|
||||
// Reflection Engine
|
||||
intelligence::reflection::reflection_init,
|
||||
intelligence::reflection::reflection_record_conversation,
|
||||
|
||||
Reference in New Issue
Block a user