88 Commits

Author	SHA1	Message	Date
iven	07099e3ef0	test(hands): expand Slideshow tests (4→34) and fix Clip invalid action test ... Slideshow: add navigation edge cases, autoplay/pause/resume, spotlight/ laser/highlight defaults, content block deserialization, Hand trait dispatch, and add_slide helper tests. Clip: fix test_execute_invalid_action to expect Err (execute returns HandError for unknown variants). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 01:13:15 +08:00
iven	dce9035584	test(hands): add 28 unit tests for Twitter Hand ... Cover config defaults, 13 action types deserialization, serialization roundtrip, credential management, and data type parsing. Also add PartialEq derive to HandStatus for test assertions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 01:01:37 +08:00
iven	b1e3a27043	feat(saas): add payment integration with Alipay/WeChat mock support ... - payment.rs: create_payment, handle_payment_callback, query_payment_status - Mock pay page for development mode with HTML confirm/cancel flow - Payment callback handler with subscription auto-creation on success - Alipay form-urlencoded and WeChat JSON callback parsing - 7 new routes including callback and mock-pay endpoints Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 00:41:35 +08:00
iven	830e9fa301	feat(saas): add GenerateEmbedding worker for knowledge chunking ... - Markdown-aware content splitting (512 token chunks with 64 overlap) - CJK keyword extraction from chunk content with stop-word filtering - Full refresh strategy (delete old chunks → re-insert on update) - Phase 2 placeholder for vector embedding API integration Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 00:23:38 +08:00
iven	ef60f9a183	feat(saas): add knowledge base module — categories, items, versions, search, analytics ... - 5 knowledge tables (categories, items, chunks, versions, usage) with pgvector + HNSW + GIN indexes - 23+ API routes covering full CRUD, tree-structured categories, version snapshots - Keyword-based search with ILIKE + array match (placeholder for vector search) - Analytics endpoints: overview, trends, top-items, quality, gaps - Markdown-aware content chunking with overlap strategy - Worker dispatch for async embedding generation Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 00:21:28 +08:00
iven	b66087de0e	feat(saas): add quota middleware and usage aggregation worker ... B1.3 Quota middleware: - quota_check_middleware for relay route chain - Checks monthly relay_requests quota before processing - Gracefully degrades on billing service failure B1.5 AggregateUsageWorker: - Aggregates usage_records into billing_usage_quotas monthly - Supports single-account and all-accounts modes - Scheduled hourly via Worker dispatcher (6 workers total)	2026-04-02 00:06:39 +08:00
iven	d06ecded34	feat(saas): add quota check middleware for relay requests ... Injects billing quota verification before relay chat completion requests. Checks monthly relay_requests quota via billing::service::check_quota. Gracefully degrades on quota service failure (logs warning, allows request).	2026-04-02 00:03:26 +08:00
iven	9487cd7f72	feat(saas): add billing infrastructure — tables, types, service, handlers ... B1.1 Billing database: - 5 tables: billing_plans, billing_subscriptions, billing_invoices, billing_payments, billing_usage_quotas - Seed data: Free(¥0)/Pro(¥49)/Team(¥199) plans - JSONB limits for flexible plan configuration Billing module (crates/zclaw-saas/src/billing/): - types.rs: BillingPlan, Subscription, Invoice, Payment, UsageQuota - service.rs: plan CRUD, subscription lookup, usage tracking, quota check - handlers.rs: REST API (plans list/detail, subscription, usage) - mod.rs: routes registered at /api/v1/billing/* Cargo.toml: added chrono feature to sqlx for DateTime<Utc> support	2026-04-01 23:59:46 +08:00
iven	17a2501808	test(hands): add unit tests for BrowserHand + fix requires_approval config ... Fix needs_approval field in BrowserHand::new() from false to true to match the TOML config (hands/browser.HAND.toml says requires_approval = true). Browser automation has security implications and should require approval. Add 11 unit tests covering: - Config id and enabled state - needs_approval correctness (after fix) - Action deserialization (Navigate, Click, Type, Scrape, Screenshot) - Roundtrip serialization for all major action variants - BrowserSequence builder with stop_on_error() - Multi-step sequence execution - FormField deserialization Also add stop_on_error() builder method to BrowserSequence which was referenced in the test plan but missing from the struct. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-01 23:22:18 +08:00
iven	cc7ee3189d	test(hands): add unit tests for CollectorHand + fix HTML extraction position tracking ... Fix extract_visible_text to use proper byte position tracking (pos += char_len) instead of iterating chars without position context, which caused script/style tag detection to fail on multi-byte content. Also adds script/style stripping logic and raises truncation limit to 10000 chars. Adds 9 unit tests covering: - Config identity verification - OutputFormat serialization round-trip - HTML text extraction (basic, script stripping, style stripping, empty input) - Aggregate action with empty URLs - CollectorAction deserialization (Collect/Aggregate/Extract) - CollectionTarget deserialization	2026-04-01 23:21:43 +08:00
iven	59fc7debd6	feat(hands): add 25 unit tests + fix summary + fix HTML extraction for ResearcherHand ... - Add comprehensive test suite: config, types, action deserialization, URL encoding, HTML text extraction, hand trait methods - Fix summary field: generate rule-based summary from top search results (was always None) - Fix extract_text_from_html: correct position tracking for script/style tag detection Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-01 23:16:57 +08:00
iven	e3b93ff96d	fix(security): implement all 15 security fixes from penetration test V1 ... Security audit (2026-03-31): 5 HIGH + 10 MEDIUM issues, all fixed. HIGH: - H1: JWT password_version mechanism (pwv in Claims, middleware verification, auto-increment on password change) - H2: Docker saas port bound to 127.0.0.1 - H3: TOTP encryption key decoupled from JWT secret (production bailout) - H4+H5: Tauri CSP hardened (removed unsafe-inline, restricted connect-src) MEDIUM: - M1: Persistent rate limiting (PostgreSQL rate_limit_events table) - M2: Account lockout (5 failures -> 15min lock) - M3: RFC 5322 email validation with regex - M4: Device registration typed struct with length limits - M5: Provider URL validation on create/update (SSRF prevention) - M6: Legacy TOTP secret migration (fixed nonce -> random nonce) - M7: Legacy frontend crypto migration (static salt -> random salt) - M8+M9: Admin frontend: removed JS token storage, HttpOnly cookie only - M10: Pipeline debug log sanitization (keys only, 100-char truncation) Also: fixed CLAUDE.md Section 12 (was corrupted), added title.rs middleware skeleton, fixed RegisterDeviceRequest visibility.	2026-04-01 08:38:37 +08:00
iven	3b1a017761	fix(saas): fix Box<dyn Error> to anyhow conversion in cache init	2026-03-31 16:37:58 +08:00
iven	4e3265a853	feat(saas): replace scheduler STUB with real task dispatch framework ... - Add execute_scheduled_task helper that fetches task info and dispatches by target_type (agent/hand/workflow) - Replace STUB warn+simple-UPDATE with full execution flow: dispatch task, then update state with interval-aware next_run_at calculation - Update next_run_at using interval_seconds for recurring tasks instead of setting NULL - Fix pre-existing cache.rs borrow-after-move bug (id.clone() in insert)	2026-03-31 16:33:54 +08:00
iven	4b9698034c	fix(saas): support X-Forwarded-For from trusted reverse proxies	2026-03-31 16:24:02 +08:00
iven	a3bdf11d9a	feat(saas): add trusted_proxies config for reverse proxy rate limiting ... - Add trusted_proxies field to ServerConfig (Vec<String>, serde default) - Default value is empty vector (no proxy trust until explicitly configured) - Development config: trust localhost IPs (127.0.0.1, ::1) - Production config: placeholder localhost IPs with comment to replace	2026-03-31 16:14:57 +08:00
iven	9905a8d0d5	fix(saas-relay): eliminate DATABASE_ERROR by removing DB queries from critical path ... Root cause: each relay request executes 13-17 serial DB queries, exhausting the 50-connection pool under concurrency. When pool is exhausted, sqlx returns PoolTimedOut which maps to 500 DATABASE_ERROR. Fixes: 1. log_operation → dispatch_log_operation (async Worker dispatch, non-blocking) 2. record_usage → tokio::spawn (3 DB queries moved off critical path) 3. DB pool: max_connections 50→100 (env-configurable), acquire_timeout 5s→8s Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-31 14:08:21 +08:00
iven	2ff696289f	fix(saas): reduce DB connection pool pressure in relay path ... 1. key_pool: merge 3 serial UPDATE queries into 2 (cumulative stats + last_used_at combined into single UPDATE) 2. service: reduce SSE spawn sleep from 3s to 500ms and add 5s timeout on DB operations to prevent connection hoarding	2026-03-31 13:47:43 +08:00
iven	6cae768401	fix(desktop): session persistence — refresh/login/context/empty-content 4-bug fix ... 1. App.tsx: add restoreSession() call on startup to prevent redirect to login page after refresh (isRestoring guard + BootstrapScreen) 2. CloneManager: call syncAgents() after loadClones() to restore currentAgent and conversation history on app load 3. zclaw-memory: add get_or_create_session() so frontend session UUID is persisted directly — kernel no longer creates mismatched IDs 4. openai.rs: assistant message content must be non-empty for Kimi/Qwen APIs — replace empty content with meaningful placeholders Also includes admin-v2 ModelServices unified page (merge providers + models + API keys into expandable row layout)	2026-03-31 13:38:59 +08:00
iven	3e5d64484e	fix(relay): fix llm_routing read path bug and add User-Agent header for Coding Plan ... 1. connectionStore.ts: storedAccount.account.llm_routing → storedAccount.llm_routing - saveSaaSSession stores SaaSAccountInfo directly, not { account: SaaSAccountInfo } - This bug caused admin llm_routing config to never take effect 2. relay/service.rs: add User-Agent: claude-code/1.0 header - Kimi Coding Plan requires recognized coding agent User-Agent - Default reqwest UA is rejected with 403 3. Docs: add llm_routing routing mode explanation and troubleshooting entries	2026-03-31 12:02:32 +08:00
iven	ee51d5abcd	feat(admin-v2): add ProTable search, scenarios/quick_commands form, tests, remove quota_reset_interval ... - Enable ProTable search on Accounts (username/email), Models (model_id/alias), Providers (display_name/name) with hideInSearch for non-searchable columns - Add scenarios (Select tags) and quick_commands (Form.List) to AgentTemplates create form, plus service type updates - Remove unused quota_reset_interval from ProviderKey model, key_pool SQL, handlers, and frontend types; add migration + bump schema to v11 - Add Vitest config, test setup, request interceptor tests (7 cases), authStore tests (8 cases) — all 15 passing Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-31 11:13:16 +08:00
iven	8e6abc91e1	feat(key-pool): add LRU sorting via last_used_at column ... - Add migration to add last_used_at TIMESTAMPTZ column to provider_keys - Update select_best_key() SQL to sort by last_used_at ASC NULLS FIRST - Update record_key_usage() to set last_used_at = NOW() on each use - Bump SCHEMA_VERSION to 10	2026-03-31 10:14:49 +08:00
iven	1d9283f335	fix: P0+P1 security and quality fixes ... P0-1: Token refresh race condition — reject all pending requests on refresh failure P0-2: Remove X-Forwarded-For trust in rate limiting — use only ConnectInfo IP P1-3: Template grid reactive — use useSaaSStore() hook instead of getState() P1-4: Agent Template detail modal — show emoji, personality, soul_content, welcome_message, communication_style, source_id, scenarios, version P1-5: adminRouting parse validation — type-safe llm_routing extraction from localStorage P1-6: Remove unused @ant-design/charts dependency P1-extra: Type addKeyMutation data parameter (replace any) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-31 09:17:04 +08:00
iven	49abd0fe89	feat(saas): wire llm_routing into account CRUD and auth responses ... - Add llm_routing to all list_accounts/get_account SQL queries and JSON responses - Add llm_routing to UpdateAccountRequest with COALESCE update - Add llm_routing to AccountPublic struct in auth types - Wire llm_routing into register (default 'local'), login, and me handlers - Add llm_routing field to AccountRow, AccountAuthRow, AccountLoginRow model structs Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-31 03:21:19 +08:00
iven	3e57fadfc9	feat(saas): extend agent templates with soul_content, add /available endpoint, key pool cleanup, and industry seed templates ... - Add 9 extended fields to AgentTemplateInfo: soul_content, scenarios, welcome_message, quick_commands, personality, communication_style, emoji, version, source_id - Refactor service.rs to use sqlx::Row (manual column extraction) to avoid the 16-element tuple FromRow limit - Add /api/v1/agent-templates/available (lightweight public listing) and /api/v1/agent-templates/:id/full endpoints - Add 24h key_usage_window cleanup task in scheduler - Update seed data with extended fields for all 5 existing templates plus new Medical Assistant template (healthcare category)	2026-03-31 02:58:09 +08:00
iven	eb956d0dce	feat: 新增管理后台前端项目及安全加固 ... refactor(saas): 重构认证中间件与限流策略 - 登录限流调整为5次/分钟/IP - 注册限流调整为3次/小时/IP - GET请求不计入限流 fix(saas): 修复调度器时间戳处理 - 使用NOW()替代文本时间戳 - 兼容TEXT和TIMESTAMPTZ列类型 feat(saas): 实现环境变量插值 - 支持${ENV_VAR}语法解析 - 数据库密码支持环境变量注入 chore: 新增前端管理界面 - 基于React+Ant Design Pro - 包含路由守卫/错误边界 - 对接58个API端点 docs: 更新安全加固文档 - 新增密钥管理规范 - 记录P0安全项审计结果 - 补充TLS终止说明 test: 完善配置解析单元测试 - 新增环境变量插值测试用例	2026-03-31 00:11:33 +08:00
iven	6529b67353	feat(a2a): 消息重入队列 + 广播丢弃修复 + Router group 管理 ... A2A 协议完善 (feature-gated by multi-agent): - AgentInbox wrapper: VecDeque 暂存非匹配消息，requeue 替代丢弃 - a2a_delegate_task: 非匹配消息安全重入队列，不再静默丢弃 - A2aRouter: 广播/组播改用 try_send + 日志，避免持有 RwLock 跨 await - 新增 group 管理方法: add_to_group/remove_from_group/list_groups/get_group_members - 修复 Capability import 在 multi-agent feature 下的编译问题	2026-03-30 19:55:06 +08:00
iven	a0bbd4ba82	feat(scheduler): 定时任务后端持久化 + Pipeline trigger 编译修复 ... S4/S8 定时任务后端: - 新增 scheduled_tasks 表 (migration v7) - 新增 scheduled_task CRUD 模块 (handlers/service/types) - 注册 /api/scheduler/tasks 路由 (GET/POST/PATCH/DELETE) - 新增 start_user_task_scheduler() 30秒轮询循环 - 支持 cron/interval/once 三种调度类型 - once 类型执行后自动禁用 修复: - pipeline_commands.rs: 修复 pipeline.trigger 字段不存在的编译错误 (Pipeline 结构体无 trigger 字段，改用 metadata.tags/description)	2026-03-30 19:46:45 +08:00
iven	c2aff09811	feat(security): Auth Token HttpOnly Cookie — XSS 安全加固 ... 后端: - axum-extra 启用 cookie feature - login/register/refresh 设置 HttpOnly + Secure + SameSite=Strict cookies - 新增 POST /api/v1/auth/logout 清除 cookies - auth_middleware 支持 cookie 提取路径（fallback from header） - CORS: 添加 allow_credentials(true) + COOKIE header 前端 (admin-v2): - authStore: token 仅存内存，不再写 localStorage（account 保留） - request.ts: 添加 withCredentials: true 发送 cookies - 修复 refresh token rotation bug（之前不更新 stored refreshToken） - logout 调用后端清除 cookie 端点 向后兼容: API 客户端仍可用 Authorization: Bearer header Desktop (Ed25519 设备认证) 完全不受影响	2026-03-30 19:30:42 +08:00
iven	88aa4b1310	refactor: 依赖健康度改进 — serde_yaml 迁移 + workspace 统一声明 ... - zclaw-pipeline: serde_yaml 0.9 → serde_yaml_bw 2.x (drop-in fork, panic-free) 使用 package rename 保持代码中 use serde_yaml 不变 - zclaw-saas: regex/aes-gcm/bytes 改为 workspace 统一声明 urlencoding/data-encoding 保留为 crate-local (仅此 crate 使用)	2026-03-30 18:23:13 +08:00
iven	544358764e	fix(relay): 移除 SSE usage 记录中重复的 sleep ... service.rs L316-317 有两行相同的 tokio::time::sleep(3s)， 导致 SSE 流结束后实际等待 6 秒而非 3 秒才记录 usage。	2026-03-30 14:26:22 +08:00
iven	ba2c6a6105	fix(saas): P1 审计修复 — 连接池断路器 + Worker重试 + XSS防护 + 状态机SQL解析器 ... P1 修复内容: - F7: health handler 连接池容量检查 (80%阈值返回503 degraded) - F9: SSE spawned task 并发限制 (Semaphore 16 permits) - F10: Key Pool 单次 JOIN 查询优化 (消除 N+1) - F12: CORS panic → 配置错误 - F14: 连接池使用率计算修正 (ratio = used*100/total) - F15: SQL 迁移解析器替换为状态机 (支持 $$, DO $body$, 存储过程) - Worker 重试机制: 失败任务通过 mpsc channel 重新入队 - DOMPurify XSS 防护 (PipelineResultPreview) - Admin V2: ErrorBoundary + SWR全局配置 + 请求优化	2026-03-30 14:21:39 +08:00
iven	bc8c77e7fe	fix(security): P0 审计修复 — 6项关键安全/编译问题 ... F1: kernel.rs multi-agent 编译错误 — 重排 spawn_agent 中 A2A 注册顺序， 在 config 被 registry.register() 消费前使用 F2: saas-config.toml 从 git 追踪中移除 — 包含数据库密码已进入版本历史 F3: config.rs 硬编码开发密钥改用 #[cfg(debug_assertions)] 编译时门控 — dev fallback 密钥不再进入 release 构建 F4: 公共认证端点添加 IP 速率限制 (20 RPM) — 防止暴力破解 F5: SSE relay 路由分离出全局 15s TimeoutLayer — 避免长流式响应被截断 F6: Provider API 密钥入库前 AES-256-GCM 加密 — 明文存储修复 附带：完整审计报告 docs/superpowers/specs/2026-03-30-comprehensive-audit-report.md	2026-03-30 13:32:22 +08:00
iven	834aa12076	fix: P0 panic风险修复 + P1编译warnings清零 + P2代码/文档清理 ... P0 安全性: - account/handlers.rs: .unwrap() → .expect() 语义化错误信息 - relay/handlers.rs: SSE Response .unwrap() → .expect() P1 编译质量 (6 warnings → 0): - kernel.rs: 移除未使用的 Capability import 和 config_clone 变量 - pipeline_commands.rs: 未使用变量 id → _id - db.rs: 移除多余括号 - relay/service.rs: 移除未使用的 StreamExt import - telemetry/service.rs: 抑制 param_idx 未读赋值警告 - main.rs: TcpKeepalive::with_retries() Linux-only 条件编译 P2 代码清理: - 移除 handStore/HandsPanel/HandTaskPanel/gateway-api/SchedulerPanel 调试 console.log - SchedulerPanel: 修复 updateWorkflow 未解构导致 TS 编译错误 - 文档清理 zclaw-channels 已移除 crate 的引用	2026-03-30 11:33:47 +08:00
iven	813b49a986	feat: P0 KernelClient功能修复 + P1/P2/P3质量改进 ... P0 KernelClient 功能断裂修复: - Skill CUD: registry.rs create/update/delete + serialize_skill_md + kernel proxy - Workflow CUD: pipeline_commands.rs create/update/delete + serde_yaml依赖 - Agent更新: registry update方法 + AgentConfigUpdated事件 + agent_update命令 - Hand流式事件: HandStart/HandEnd变体替换ToolStart/ToolEnd - 后端验证: hand_get/hand_run_status/hand_run_list确认实现完整 - Approval闭环: respond_to_approval后台spawn+5分钟超时轮询 P2/P3 质量改进: - Browser WebDriver: TCP探测ChromeDriver/GeckoDriver/Edge端口替换硬编码true - api-fallbacks: 移除假技能和16个捏造安全层，替换为真实能力映射 - dead_code清理: 移除5个模块级#![allow(dead_code)]，删除3个真正死方法， 删除未注册的compactor_compact_llm命令，warnings从8降到3 - 所有变更通过cargo check + tsc --noEmit验证	2026-03-30 10:55:08 +08:00
iven	13c0b18bbc	feat: Batch 5-9 — GrowthIntegration桥接、验证补全、死代码清理、Pipeline模板、Speech/Twitter真实实现 ... Batch 5 (P0): GrowthIntegration 接入 Tauri - Kernel 新增 set_viking()/set_extraction_driver() 桥接 SqliteStorage - 中间件链共享存储，MemoryExtractor 接入 LLM 驱动 Batch 6 (P1): 输入验证 + Heartbeat - Relay 验证补全（stream 兼容检查、API key 格式校验） - UUID 类型校验、SessionId 错误返回 - Heartbeat 默认开启 + 首次聊天自动初始化 Batch 7 (P2): 死代码清理 - zclaw-channels 整体移除（317 行） - multi-agent 特性门控、admin 方法标注 Batch 8 (P2): Pipeline 模板 - PipelineMetadata 新增 annotations 字段 - pipeline_templates 命令 + 2 个示例模板 - fallback driver base_url 修复（doubao/qwen/deepseek 端点） Batch 9 (P1): SpeechHand/TwitterHand 真实实现 - SpeechHand: tts_method 字段 + Browser TTS 前端集成 (Web Speech API) - TwitterHand: 12 个 action 全部替换为 Twitter API v2 真实 HTTP 调用 - chatStore/useAutomationEvents 双路径 TTS 触发	2026-03-30 09:24:50 +08:00
iven	5595083b96	feat(skills): SemanticSkillRouter — TF-IDF + Embedding 混合路由 ... 实现 SemanticSkillRouter 核心模块 (zclaw-skills): - Embedder trait + NoOpEmbedder (TF-IDF fallback) - SkillTfidfIndex 全文索引 - retrieve_candidates() Top-K 检索 - route() 置信度阈值路由 (0.85) - cosine_similarity 公共函数 - 单元测试覆盖 Kernel 适配层 (zclaw-kernel): - EmbeddingAdapter: zclaw-growth EmbeddingClient → Embedder 文档同步: - 01-intelligent-routing.md Phase 1+2 标记完成	2026-03-30 00:54:11 +08:00
iven	eed26a1ce4	feat(pipeline): Pipeline 图持久化 — GraphStore 实现 ... 新增 GraphStore trait 和 MemoryGraphStore 实现: - save/load/delete/list_ids 异步接口 - 可选文件持久化到 JSON 目录 - 启动时从磁盘加载已保存的图 SkillOrchestrationDriver 集成: - 新增 with_graph_store() 构造函数 - graph_id 路径从硬编码错误改为从 GraphStore 查找 - 无 store 时返回明确的错误信息 修复了 "Graph loading by ID not yet implemented" 的 TODO	2026-03-30 00:25:38 +08:00
iven	f3f586efef	feat(kernel): Agent 导入/导出 + message_count 跟踪 ... Sprint 3.1 message_count 修复: - AgentRegistry 新增 message_counts 字段跟踪每个 agent 的消息数 - increment_message_count() 在 send_message 和 send_message_stream 中调用 - get_info() 返回实际计数值 Sprint 3.3 Agent 导入/导出: - Kernel 新增 get_agent_config() 方法返回原始 AgentConfig - 新增 agent_export Tauri 命令，导出配置为 JSON - 新增 agent_import Tauri 命令，从 JSON 导入并自动生成新 ID - 注册到 Tauri invoke_handler	2026-03-30 00:19:02 +08:00
iven	6040d98b18	fix(kernel): message_count 始终为 0 的 bug ... - AgentRegistry 新增 message_counts: DashMap<AgentId, u64> 跟踪字段 - 添加 increment_message_count() 方法 - Kernel.send_message() 和 send_message_stream() 中递增计数 - get_info() 返回实际计数值而非硬编码 0	2026-03-30 00:04:55 +08:00
iven	7e90cea117	fix(kernel): BREAK-02 记忆提取链路闭合 + BREAK-03 审批 HandRun 跟踪 ... BREAK-02 记忆提取链路闭合: - Kernel 新增 viking: Arc<VikingAdapter> 共享存储后端 - VikingAdapter 在 boot() 中初始化, 全生命周期共享 - create_middleware_chain() 注册 MemoryMiddleware (priority 150) - CompactionMiddleware 的 growth 参数从 None 改为 GrowthIntegration - zclaw-runtime 重新导出 VikingAdapter BREAK-03 审批后 HandRun 跟踪: - respond_to_approval() 添加完整 HandRun 生命周期跟踪 - Pending → Running → Completed/Failed 状态转换 - 支持 duration_ms 计时和 cancellation 注册 - 与 execute_hand() 保持一致的跟踪粒度	2026-03-29 23:45:52 +08:00
iven	09df242cf8	fix(saas): Sprint 1 P0 阻塞修复 ... 1.1 补全 docker-compose.yml (PostgreSQL 16 + SaaS 后端容器) 1.2 Migration 系统化: - provider_keys.max_rpm/max_tpm 改为 BIGINT 匹配 Rust Option<i64> - 移除 seed_demo_data 中的 ALTER TABLE 运行时修补 - seed 数据绑定类型 i32→i64 对齐列定义 1.3 saas-config.toml 修复: - 添加 cors_origins (开发环境 localhost) - 添加 [scheduler] section (注释示例) - 数据库密码改为开发默认值 + ZCLAW_DATABASE_URL 环境变量覆盖 - 添加配置文档注释 (JWT/TOTP/管理员环境变量)	2026-03-29 23:27:24 +08:00
iven	04c366fe8b	feat(runtime): DeerFlow 模式中间件链 Phase 1-4 全部完成 ... 借鉴 DeerFlow 架构，实现完整中间件链系统： Phase 1 - Agent 中间件链基础设施 - MiddlewareChain Clone 支持 - LoopRunner 双路径集成 (middleware/legacy) - Kernel create_middleware_chain() 工厂方法 Phase 2 - 技能按需注入 - SkillIndexMiddleware (priority 200) - SkillLoadTool 工具 - SkillDetail/SkillIndexEntry 结构体 - KernelSkillExecutor trait 扩展 Phase 3 - Guardrail 安全护栏 - GuardrailMiddleware (priority 400, fail_open) - ShellExecRule / FileWriteRule / WebFetchRule Phase 4 - 记忆闭环统一 - MemoryMiddleware (priority 150, 30s 防抖) - after_completion 双路径调用 中间件注册顺序： 100 Compaction | 150 Memory | 200 SkillIndex 400 Guardrail | 500 LoopGuard | 700 TokenCalibration 向后兼容：Option<MiddlewareChain> 默认 None 走旧路径	2026-03-29 23:19:41 +08:00
iven	7de294375b	feat(auth): 添加异步密码哈希和验证函数 ... refactor(relay): 复用HTTP客户端和请求体序列化结果 feat(kernel): 添加获取单个审批记录的方法 fix(store): 改进SaaS连接错误分类和降级处理 docs: 更新审计文档和系统架构文档 refactor(prompt): 优化SQL查询参数化绑定 refactor(migration): 使用静态SQL和COALESCE更新配置项 feat(commands): 添加审批执行状态追踪和事件通知 chore: 更新启动脚本以支持Admin后台 fix(auth-guard): 优化授权状态管理和错误处理 refactor(db): 使用异步密码哈希函数 refactor(totp): 使用异步密码验证函数 style: 清理无用文件和注释 docs: 更新功能全景和审计文档 refactor(service): 优化HTTP客户端重用和请求处理 fix(connection): 改进SaaS不可用时的降级处理 refactor(handlers): 使用异步密码验证函数 chore: 更新依赖和工具链配置	2026-03-29 21:45:29 +08:00
iven	a0ca35c9dd	feat(saas): SQL 迁移系统 + TIMESTAMPTZ + 热路径重构 ... P0: SQL 迁移系统 - crates/zclaw-saas/migrations/ — 独立 SQL 迁移文件目录 - 20260329000001_initial_schema.sql — TIMESTAMPTZ 完整 schema - 20260329000002_seed_data.sql — 角色种子数据 - db.rs: 移除 335 行内联 SCHEMA_SQL，改为文件加载 - 版本追踪: saas_schema_version 表管理迁移状态 - 向后兼容: 已有 TEXT 时间戳数据库不受影响 P1: 安全重构 - relay/service.rs: update_task_status 从 format!() 改为 3 条独立参数化查询 - config.rs: 移除 TODO 注释，补充字段文档说明 - state.rs: 添加 dispatch_log_operation 异步日志派发方法 P2: Worker 集成 - state.rs: WorkerDispatcher 接入 AppState - 所有异步后台任务基础设施就绪	2026-03-29 19:41:03 +08:00
iven	77374121dd	fix(saas): 清理 role/mod.rs 重复路由定义 ... 移除重复的 routes() 函数，将 get_role_permissions 路由指向 handlers_ext	2026-03-29 19:23:40 +08:00
iven	8b9d506893	refactor(saas): 架构重构 + 性能优化 — 借鉴 loco-rs 模式 ... Phase 0: 知识库 - docs/knowledge-base/loco-rs-patterns.md — loco-rs 10 个可借鉴模式研究 Phase 1: 数据层重构 - crates/zclaw-saas/src/models/ — 15 个 FromRow 类型化模型 - Login 3 次查询合并为 1 次 AccountLoginRow 查询 - 所有 service 文件从元组解构迁移到 FromRow 结构体 Phase 2: Worker + Scheduler 系统 - crates/zclaw-saas/src/workers/ — Worker trait + 5 个具体实现 - crates/zclaw-saas/src/scheduler.rs — TOML 声明式调度器 - crates/zclaw-saas/src/tasks/ — CLI 任务系统 Phase 3: 性能修复 - Relay N+1 查询 → 精准 SQL (relay/handlers.rs) - Config RwLock → AtomicU32 无锁 rate limit (state.rs, middleware.rs) - SSE std::sync::Mutex → tokio::sync::Mutex (relay/service.rs) - /auth/refresh 阻塞清理 → Scheduler 定期执行 Phase 4: 多环境配置 - config/saas-{development,production,test}.toml - ZCLAW_ENV 环境选择 + ZCLAW_SAAS_CONFIG 精确覆盖 - scheduler 配置集成到 TOML	2026-03-29 19:21:48 +08:00
iven	5fdf96c3f5	chore: 提交所有工作进度 — SaaS 后端增强、Admin UI、桌面端集成 ... 包含大量 SaaS 平台改进、Admin 管理后台更新、桌面端集成完善、 文档同步、测试文件重构等内容。为 QA 测试准备干净工作树。	2026-03-29 10:46:41 +08:00
iven	452ff45a5f	feat(saas): P2 增强 — TOTP 2FA、Relay 重试、配置同步升级 ... - TOTP 2FA: totp-rs v5.7.1 + data-encoding Base32, setup/verify/disable 流程, 登录时 TOTP 验证集成, SaasError::Totp 返回 400 - Relay 重试: 指数退避 (base_delay_ms * 2^attempt), 错误分类 (4xx 不重试), Admin POST /tasks/:id/retry 端点 - 配置同步: push (客户端覆盖) / merge (SaaS 优先) / diff (只读对比), 实际写入 config_items 表 - 集成测试: 27 个测试全部通过 (新增 6 个 P2 测试) - 文档: 更新 SaaS 平台总览 (模块完成度 + API 端点列表)	2026-03-27 17:58:14 +08:00
iven	bc12f6899a	feat(saas): Phase 4 端到端完善 — 设备注册、离线支持、配置迁移、集成测试 ... - 后端: devices 表 + register/heartbeat/list 端点 (UPSERT 语义) - 桌面端: 设备 ID 持久化 + 5 分钟心跳 + 离线状态指示 - saas-client: 重试逻辑 (2 次指数退避) + isServerReachable 跟踪 - ConfigMigrationWizard: 3 步向导 (方向选择→冲突解决→结果) - SaaSSettings: 修改密码折叠面板 + 迁移向导入口 - 集成测试: 21 个测试全部通过 (含设备注册/UPSERT/心跳、密码修改、E2E 生命周期) - 修复 ConfigMigrationWizard merge 分支变量遮蔽 bug	2026-03-27 15:07:03 +08:00