60 Commits

Author	SHA1	Message	Date
iven	fd3e7fd2cb	docs: V13 审计修复文档同步 — 6项状态更新 + 中间件14→15层 ... AUDIT_TRACKER: V13-GAP-01~05 FIXED, GAP-06 PARTIALLY_FIXED wiki/middleware: 15层 (TrajectoryRecorder V13注册) wiki/log: 2026-04-13 变更记录 CLAUDE.md: 中间件链 14→15 层 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-13 01:38:55 +08:00
iven	c048cb215f	docs: V13 系统性功能审计 — 6 项新发现 + TRUTH.md 数字校准 ... V13 审计聚焦 V12 后新增功能 (行业配置/Knowledge/Hermes/管家主动性): - 总体健康度 82/100 (V12: 76) - P1 新发现 3 项: TrajectoryRecorder 未注册/industryStore 孤立/桌面端无 Knowledge Search - P2 新发现 3 项: Webhook 孤儿表/Structured Data 无 Admin/PersistentMemoryStore 遗留 - 修正 V12 错误认知 5 项: Butler/MCP/Gateway/Presentation 已接通 - TRUTH.md 数字校准: Tauri 184→191, SaaS 122→136, @reserved 33→24	2026-04-12 23:33:13 +08:00
iven	2e5f63be32	docs: reorganize docs — archive outdated, create brainstorming folder ... - Create docs/brainstorming/ with 5 discussion records (Mar 16 - Apr 7) - Archive ~30 outdated audit reports (V5-V11) to docs/archive/old-audits/ - Archive superseded analysis docs to docs/archive/old-analysis/ - Archive completed session plans to docs/archive/old-plans/ - Archive old test reports/validations to respective archive folders - Remove empty directories left after moves - Keep current docs: TRUTH.md, feature docs, deployment, knowledge-base, superpowers	2026-04-07 09:54:30 +08:00
iven	ae55ad6dc4	docs: fix middleware count — 11 layers (not 12) ... Clarification is a separate system, not a middleware layer. Verified against crates/zclaw-runtime/src/middleware/ directory.	2026-04-06 22:54:19 +08:00
iven	29a1b3db5b	docs: complete features docs sync — roadmap, TRUTH, security-auth ... - roadmap.md: Tauri 177, skills 75, Pipeline 17 templates, Admin 15 pages - TRUTH.md: Admin V2 15 pages, desktop settings 19 tabs, changelog entry - 02-state-management.md: expanded Store details and descriptions - 03-security-auth.md: updated date - README.md: DeerFlow 2.0 description, skill count correction	2026-04-06 22:49:07 +08:00
iven	efc391a165	docs: sync features docs with current project state ... Update docs/features/ to reflect latest architecture: - Tauri commands: 177 (160 @connected + 16 @reserved) - Zustand stores: 18 (including chatStore 4 sub-stores) - SaaS API routes: 131 (12 modules, 34 data tables) - Workers: 7 (added AggregateUsage + GenerateEmbedding) - React 19 + Tailwind 4 tech stack - Schema v8, subtaskStatus taskId threading	2026-04-06 22:45:29 +08:00
iven	38e7c7bd9b	refactor(classroom): unify whiteboard rendering to WhiteboardCanvas ... Replace inline SVG whiteboard rendering in SceneRenderer with the dedicated WhiteboardCanvas component, gaining chart/latex support and eliminating 27 lines of duplicated rendering logic.	2026-04-06 10:53:21 +08:00
iven	828be3cc9e	fix: resolve 6 remaining defects (P2-18, P2-21, P3-04, P3-05, P3-06, P3-02) ... - P2-18: TOTP QR code local generation via qrcode lib (no external service) - P2-21: Suspend foreign LLM providers (OpenAI/Anthropic/Gemini) for early stage - P3-04: get_progress() now calculates actual percentage from completed/total steps - P3-05: saveSaaSSession calls now have .catch() error logging - P3-06: SaaS relay chatStream passes session_key/agent_id to backend - P3-02: Whiteboard unification plan document created Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-06 09:52:28 +08:00
iven	d6b1f44119	feat(admin): add ConfigSync page + close ADMIN-01/02 (AUDIT_TRACKER) ... - ADMIN-01 FIXED: ConfigSync.tsx page with ProTable + pagination - config-sync service calling GET /config/sync-logs - route + nav item + breadcrumb - backend @reserved → @connected - ADMIN-02 FALSE_POSITIVE: Logs.tsx + logs service already exist	2026-04-05 01:40:38 +08:00
iven	745c2fd754	feat(saas): add down migrations for all incremental schema changes (AUD3-DB-01) ... - 16 down SQL files in migrations/down/ for each incremental migration - db::run_down_migrations() executes rollback files in reverse order - migrate_down CLI task: task=migrate_down timestamp=20260402 - Initial schema and seed data excluded (would be destructive)	2026-04-05 01:35:33 +08:00
iven	3b0ab1a7b7	fix(types): Desktop type safety hardening (TYPE-01) ... - Unify ConnectionState: kernel-types.ts now canonical source with 'handshaking', gateway-types.ts re-exports - PromptTemplateInfo source/status → union literals - PromptVariable.type → union literal - CreateRoleRequest id/permissions → optional - PropertyPanel: replace 13 as any with typed accessor pattern - chatStore: window cast via as unknown as Record	2026-04-05 01:30:29 +08:00
iven	36168d6978	docs(audit): sync AUD3-FE-05/06 table status to FIXED	2026-04-05 01:13:27 +08:00
iven	b84a503500	docs(audit): batch close 17 OPEN items + update TRUTH.md command counts ... Closed items (FALSE_POSITIVE): V11-P3-02/03/08, V11-P4-03/04/05, AUD3-FE-04/07/08, V11-P3-04/06, AUD3-CONC-03, DOC-03/04, V11-P4-01 Fixed: V11-P2-05, AUD3-FE-03, AUD3-FE-09, DOC-03 Documented: AUD3-API-02, V11-P4-02, SEC2-P3-01/02 TRUTH.md: 171→177 commands (160 @connected / 16 @reserved) CLAUDE.md: skills 76→75, unified counts	2026-04-05 01:07:08 +08:00
iven	13a40dbbf5	docs(audit): update tracker with DEAD-05 + V11-P2-05 progress ... - DEAD-05: 10 dead saas-client methods removed (PARTIALLY_FIXED) - V11-P2-05: 9 stale @reserved annotations corrected to @connected Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-05 00:23:45 +08:00
iven	26dc500b1b	docs(audit): batch close 15 P2/P3 items as FALSE_POSITIVE ... CLOSED items: - BREAK-02/03/04: FALSE_POSITIVE (already closed in changelog) - V11-P2-01: saas-admin.ts deleted - V11-P2-02: admin-v2 has roles service+page - V11-P2-04: ToolDefinition re-export, not duplicate - V11-P2-06: fetch_all sync-only, no LIMIT needed - V11-P3-02/03: function removed or feature-gated - V11-P3-05/DEAD-04: properly feature-gated - AUD3-CONC-02/DB-02: already covered by SEC2-P2-05/08 - EVAL-01: zclaw-channels removed - SEC-V9-02: comprehensive validation exists - DOC-01/02: tauri command count updated 175→171 Also fixed BREAK-02/03/04 table rows to match changelog status.	2026-04-04 23:52:33 +08:00
iven	37e77d0d5e	docs(audit): close P2/P3 items, FALSE_POSITIVE resolved ... - SEC-V9-02: relay input validation already comprehensive - AUDIT-01: audit-logger.ts already deleted in prior cleanup - G-07: provider_keys vs account_api_keys intentional architecture - V11-P2-03: gateway-storage sync methods already replaced - V11-P3-01: audit-logger.ts already deleted - V11-P3-07: secure-storage sync same as V11-P2-03 - Batch 7 commit hash corrected (1fec8cf)	2026-04-04 21:51:36 +08:00
iven	6c6fcb76b3	docs(audit): resolve 3 P1 architecture decisions ... - SEC2-P1-01 FactStore: FALSE_POSITIVE (trait already removed) - V11-P1-03 3 SQL tables: FALSE_POSITIVE (2 active via JOIN, 1 write-only downgrade to P3) - M4-04 deep approval: WONTFIX (4-layer defense-in-depth sufficient) - M11-02: FIXED (map_err added in prev commit)	2026-04-04 21:31:47 +08:00
iven	1fec8cfbc1	fix(arch): unify TS/Rust types + classroom persistence registration + approval audit ... - M11-03: Register ClassroomPersistence via Tauri .setup() hook with in-memory fallback. Previously missing — classroom commands would crash at runtime. - M3-02: Document BrowserHand as schema validator + TypeScript delegation passthrough (dual-path architecture explicitly documented). - M4-04: Add defense-in-depth audit logging in execute_hand() and execute_hand_with_source() when needs_approval hands bypass approval gate. - TYPE-01: Add #[serde(rename_all = "camelCase")] to Rust AgentInfo. Add missing fields to TS AgentInfo (messageCount, createdAt, updatedAt). Fix KernelStatus TS interface to match Rust KernelStatusResponse (baseUrl/model instead of defaultProvider/defaultModel). - SEC2-P1-01: Document EXTRACTION_DRIVER OnceCell as legacy path; Kernel struct field is the active path. - TriggerSource: Add #[derive(PartialEq)] for approval audit comparisons.	2026-04-04 21:09:02 +08:00
iven	8e56df74ec	docs: update audit tracker with V12 module audit fix progress	2026-04-04 19:28:11 +08:00
iven	442ec0eeef	docs(audit): V12 模块化端到端审计报告 — 11 模块 + 总报告 ... 混合矩阵式审计：10 个功能模块 × 五维检查清单 - 项目整体健康度: 76/100 - 2 个 P0 (M4 双数据库 + 反思引擎 LLM 未接入) - 15 个 P1 (跨 M2/M3/M4/M5/M6/M7/M11) - 三类断链模式: 写了没接/接了不对/双实现未统一 - 三阶段修复路线图: P0(2-3天) → P1(5-7天) → P2(5-7天)	2026-04-04 17:55:03 +08:00
iven	305984c982	fix(saas): P2 code quality fixes + config PATCH/PUT alignment ... P2 code quality (SEC2-P2-01~10): - P2-04: Replace vague TODO with detailed Phase 2 design note in generate_embedding.rs - P2-05: Add NOTE(fire-and-forget) annotations to 4 long-running tokio::spawn in main.rs - P2-07: Add DESIGN NOTE to scheduler explaining sequential execution rationale - P2-08: Add compile-time table name whitelist + runtime char validation in db.rs - P2-02: Verified N/A (only zclaw-pipeline uses serde_yaml_bw, no inconsistency) - P2-06: Verified N/A (bind loop correctly matches 6-column placeholders) - P2-03: Remains OPEN (requires upstream sqlx release) Config HTTP method alignment (B3-4): - Fix admin-v2 config.ts: request.patch -> request.put to match backend .put() route - Fix backend handler doc comment: PATCH -> PUT - Add @reserved annotations to 6 config handlers without frontend callers	2026-04-03 21:32:17 +08:00
iven	22b967d2a6	docs(features): v0.10.1/v0.10.2 数字校准 + 行业模板文档更新 ... - README.md: SKILL 76→75, Tauri 命令 175→171, SaaS API 58→131, Workers 5→7, 数据表 25→34, Admin 11→13 页面 - 00-saas-overview.md: Agent Template 新增 5 个端点文档、种子数据表、端到端数据流图 - roadmap.md: 同步最新数字 - fix(saasStore): toTopRequired → totpRequired 拼写修复	2026-04-03 21:29:44 +08:00
iven	8898bb399e	docs: audit reports + feature docs + skills + admin-v2 + config sync ... Update audit tracker, roadmap, architecture docs, add admin-v2 Roles page + Billing tests, sync CLAUDE.md, Cargo.toml, docker-compose.yml, add deep-research / frontend-design / chart-visualization skills Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 19:25:00 +08:00
iven	73ff5e8c5e	feat(desktop): DeerFlow visual redesign + stream hang fix + intelligence client ... DeerFlow frontend visual overhaul: - Card-style input box (white rounded card, textarea top, actions bottom) - Dropdown mode selector (闪速/思考/Pro/Ultra with icons+descriptions) - Colored quick-action chips (小惊喜/写作/研究/收集/学习) - Minimal top bar (title + token count + export) - Warm gray color system (#faf9f6 bg, #f5f4f1 sidebar, #e8e6e1 border) - DeerFlow-style sidebar (新对话/对话/智能体 nav) - Reasoning block, tool call chain, task progress visualization - Streaming text, model selector, suggestion chips components - Resizable artifact panel with drag handle - Virtualized message list for 100+ messages Bug fixes: - Stream hang: GatewayClient onclose code 1000 now calls onComplete - WebView2 textarea border: CSS !important override for UA styles - Gateway stream event handling (response/phase/tool_call types) Intelligence client: - Unified client with fallback drivers (compactor/heartbeat/identity/memory/reflection) - Gateway API types and type conversions	2026-04-01 22:03:07 +08:00
iven	e3b93ff96d	fix(security): implement all 15 security fixes from penetration test V1 ... Security audit (2026-03-31): 5 HIGH + 10 MEDIUM issues, all fixed. HIGH: - H1: JWT password_version mechanism (pwv in Claims, middleware verification, auto-increment on password change) - H2: Docker saas port bound to 127.0.0.1 - H3: TOTP encryption key decoupled from JWT secret (production bailout) - H4+H5: Tauri CSP hardened (removed unsafe-inline, restricted connect-src) MEDIUM: - M1: Persistent rate limiting (PostgreSQL rate_limit_events table) - M2: Account lockout (5 failures -> 15min lock) - M3: RFC 5322 email validation with regex - M4: Device registration typed struct with length limits - M5: Provider URL validation on create/update (SSRF prevention) - M6: Legacy TOTP secret migration (fixed nonce -> random nonce) - M7: Legacy frontend crypto migration (static salt -> random salt) - M8+M9: Admin frontend: removed JS token storage, HttpOnly cookie only - M10: Pipeline debug log sanitization (keys only, 100-char truncation) Also: fixed CLAUDE.md Section 12 (was corrupted), added title.rs middleware skeleton, fixed RegisterDeviceRequest visibility.	2026-04-01 08:38:37 +08:00
iven	3e5d64484e	fix(relay): fix llm_routing read path bug and add User-Agent header for Coding Plan ... 1. connectionStore.ts: storedAccount.account.llm_routing → storedAccount.llm_routing - saveSaaSSession stores SaaSAccountInfo directly, not { account: SaaSAccountInfo } - This bug caused admin llm_routing config to never take effect 2. relay/service.rs: add User-Agent: claude-code/1.0 header - Kimi Coding Plan requires recognized coding agent User-Agent - Default reqwest UA is rejected with 403 3. Docs: add llm_routing routing mode explanation and troubleshooting entries	2026-03-31 12:02:32 +08:00
iven	eb956d0dce	feat: 新增管理后台前端项目及安全加固 ... refactor(saas): 重构认证中间件与限流策略 - 登录限流调整为5次/分钟/IP - 注册限流调整为3次/小时/IP - GET请求不计入限流 fix(saas): 修复调度器时间戳处理 - 使用NOW()替代文本时间戳 - 兼容TEXT和TIMESTAMPTZ列类型 feat(saas): 实现环境变量插值 - 支持${ENV_VAR}语法解析 - 数据库密码支持环境变量注入 chore: 新增前端管理界面 - 基于React+Ant Design Pro - 包含路由守卫/错误边界 - 对接58个API端点 docs: 更新安全加固文档 - 新增密钥管理规范 - 记录P0安全项审计结果 - 补充TLS终止说明 test: 完善配置解析单元测试 - 新增环境变量插值测试用例	2026-03-31 00:11:33 +08:00
iven	9d310e5a3c	docs: 更新 roadmap — S2/S4/S8/F16 标记已完成	2026-03-30 19:56:03 +08:00
iven	e7b2d1c099	docs: 审计后文档同步 — feature-checklist/roadmap/technical-reference 更新 ... - feature-checklist: 新增 Admin V2 章节(12项全通过)，Speech/Twitter 状态提升， Hands 9/11 可用，安全备注更新 - roadmap: 标记 S1/S3 审批/Hand 为已完成，更新 crate 数量(10)， 新增审计/依赖/清理已完成项 - technical-reference: 更新日期至 03-30，crate 数量 10	2026-03-30 18:32:02 +08:00
iven	834aa12076	fix: P0 panic风险修复 + P1编译warnings清零 + P2代码/文档清理 ... P0 安全性: - account/handlers.rs: .unwrap() → .expect() 语义化错误信息 - relay/handlers.rs: SSE Response .unwrap() → .expect() P1 编译质量 (6 warnings → 0): - kernel.rs: 移除未使用的 Capability import 和 config_clone 变量 - pipeline_commands.rs: 未使用变量 id → _id - db.rs: 移除多余括号 - relay/service.rs: 移除未使用的 StreamExt import - telemetry/service.rs: 抑制 param_idx 未读赋值警告 - main.rs: TcpKeepalive::with_retries() Linux-only 条件编译 P2 代码清理: - 移除 handStore/HandsPanel/HandTaskPanel/gateway-api/SchedulerPanel 调试 console.log - SchedulerPanel: 修复 updateWorkflow 未解构导致 TS 编译错误 - 文档清理 zclaw-channels 已移除 crate 的引用	2026-03-30 11:33:47 +08:00
iven	a7d33d0207	feat(admin): Admin V2 — Ant Design Pro 纯 SPA 重写 ... Next.js SSR/hydration 与 SWR fetch-on-mount 存在根本冲突： hydration 卸载组件时 abort 的请求仍占用后端 DB 连接， retry 循环耗尽 PostgreSQL 连接池导致后端完全卡死。 admin-v2 使用 Vite + React + antd 纯 SPA 彻底消除此问题： - 12 页面全部完成（Login, Dashboard, Accounts, Providers, Models, API Keys, Usage, Relay, Config, Prompts, Logs, Agent Templates） - ProTable + ProForm + ProLayout 统一 UI 模式 - TanStack Query + Axios + Zustand 数据层 - JWT 自动刷新 + 401 重试机制 - 全部 18 网络请求 200 OK，零 ERR_ABORTED 同时更新 troubleshooting 第 13 节和 SaaS 平台文档。	2026-03-30 09:35:59 +08:00
iven	5595083b96	feat(skills): SemanticSkillRouter — TF-IDF + Embedding 混合路由 ... 实现 SemanticSkillRouter 核心模块 (zclaw-skills): - Embedder trait + NoOpEmbedder (TF-IDF fallback) - SkillTfidfIndex 全文索引 - retrieve_candidates() Top-K 检索 - route() 置信度阈值路由 (0.85) - cosine_similarity 公共函数 - 单元测试覆盖 Kernel 适配层 (zclaw-kernel): - EmbeddingAdapter: zclaw-growth EmbeddingClient → Embedder 文档同步: - 01-intelligent-routing.md Phase 1+2 标记完成	2026-03-30 00:54:11 +08:00
iven	7de294375b	feat(auth): 添加异步密码哈希和验证函数 ... refactor(relay): 复用HTTP客户端和请求体序列化结果 feat(kernel): 添加获取单个审批记录的方法 fix(store): 改进SaaS连接错误分类和降级处理 docs: 更新审计文档和系统架构文档 refactor(prompt): 优化SQL查询参数化绑定 refactor(migration): 使用静态SQL和COALESCE更新配置项 feat(commands): 添加审批执行状态追踪和事件通知 chore: 更新启动脚本以支持Admin后台 fix(auth-guard): 优化授权状态管理和错误处理 refactor(db): 使用异步密码哈希函数 refactor(totp): 使用异步密码验证函数 style: 清理无用文件和注释 docs: 更新功能全景和审计文档 refactor(service): 优化HTTP客户端重用和请求处理 fix(connection): 改进SaaS不可用时的降级处理 refactor(handlers): 使用异步密码验证函数 chore: 更新依赖和工具链配置	2026-03-29 21:45:29 +08:00
iven	b7ec317d2c	docs: 更新功能文档 — 反映架构重构成果 ... - docs/features/README.md — 技能数 69→70, Hands 11个, 成熟度更新 - 智能层文档成熟度上调 (身份演化 L3, 反思引擎 L3) - 后端集成文档更新 SaaS 迁移系统说明 - 知识库添加架构重构记录	2026-03-29 19:42:37 +08:00
iven	8b9d506893	refactor(saas): 架构重构 + 性能优化 — 借鉴 loco-rs 模式 ... Phase 0: 知识库 - docs/knowledge-base/loco-rs-patterns.md — loco-rs 10 个可借鉴模式研究 Phase 1: 数据层重构 - crates/zclaw-saas/src/models/ — 15 个 FromRow 类型化模型 - Login 3 次查询合并为 1 次 AccountLoginRow 查询 - 所有 service 文件从元组解构迁移到 FromRow 结构体 Phase 2: Worker + Scheduler 系统 - crates/zclaw-saas/src/workers/ — Worker trait + 5 个具体实现 - crates/zclaw-saas/src/scheduler.rs — TOML 声明式调度器 - crates/zclaw-saas/src/tasks/ — CLI 任务系统 Phase 3: 性能修复 - Relay N+1 查询 → 精准 SQL (relay/handlers.rs) - Config RwLock → AtomicU32 无锁 rate limit (state.rs, middleware.rs) - SSE std::sync::Mutex → tokio::sync::Mutex (relay/service.rs) - /auth/refresh 阻塞清理 → Scheduler 定期执行 Phase 4: 多环境配置 - config/saas-{development,production,test}.toml - ZCLAW_ENV 环境选择 + ZCLAW_SAAS_CONFIG 精确覆盖 - scheduler 配置集成到 TOML	2026-03-29 19:21:48 +08:00
iven	5fdf96c3f5	chore: 提交所有工作进度 — SaaS 后端增强、Admin UI、桌面端集成 ... 包含大量 SaaS 平台改进、Admin 管理后台更新、桌面端集成完善、 文档同步、测试文件重构等内容。为 QA 测试准备干净工作树。	2026-03-29 10:46:41 +08:00
iven	452ff45a5f	feat(saas): P2 增强 — TOTP 2FA、Relay 重试、配置同步升级 ... - TOTP 2FA: totp-rs v5.7.1 + data-encoding Base32, setup/verify/disable 流程, 登录时 TOTP 验证集成, SaasError::Totp 返回 400 - Relay 重试: 指数退避 (base_delay_ms * 2^attempt), 错误分类 (4xx 不重试), Admin POST /tasks/:id/retry 端点 - 配置同步: push (客户端覆盖) / merge (SaaS 优先) / diff (只读对比), 实际写入 config_items 表 - 集成测试: 27 个测试全部通过 (新增 6 个 P2 测试) - 文档: 更新 SaaS 平台总览 (模块完成度 + API 端点列表)	2026-03-27 17:58:14 +08:00
iven	80d98b35a5	fix(audit): v5 审计修复 8 项 — 条件编译、安全加固、冗余清理 ... - N1: Whiteboard Export 动作标注 demo=true - N2/N3: Director + A2A 通过 #[cfg(feature)] 条件编译隔离 - N4: viking_adapter 文本匹配降级为 LOW（生产路径走 SqliteStorage） - N5: 移除冗余 compactor_compact_llm Tauri 命令注册 - M3: hand_approve/hand_cancel 添加 hand_id 验证防跨 Hand 审批 - N7: scheduled_task 文档注释标注 PLANNNED - 新增 COMPREHENSIVE_AUDIT_V5.md 独立审计报告 - 更新 DEEP_AUDIT_REPORT.md 追加修复记录（累计 32 项）	2026-03-27 12:33:44 +08:00
iven	256dba49db	fix(audit): 第五轮审计修复 — 反思LLM分析、语义路由、并行执行、错误中文化 ... - P2: 反思引擎接入 LLM 深度行为分析 (analyze_patterns_with_llm) - P3-M6: 语义路由 RuntimeLlmIntentDriver 真实 LLM 匹配 - P3-L1: V2 Pipeline execute_parallel 改用 buffer_unordered 真正并行 - P3-S10: Rust 用户可见错误提示统一中文化 累计修复 27 项，完成度 ~72% → ~78%	2026-03-27 12:10:48 +08:00
iven	30b2515f07	feat(audit): 审计修复第四轮 — 跨会话搜索、LLM压缩集成、Presentation渲染器 ... - S9: MessageSearch 新增 Session/Global 双模式，Global 调用 VikingStorage memory_search - M4b: LLM 压缩器集成到 kernel AgentLoop，支持 use_llm 配置切换 - M4c: 压缩时自动提取记忆到 VikingStorage (runtime + tauri 双路径) - H6: 新增 ChartRenderer(recharts)、Document/Slideshow 完整渲染 - 累计修复 23 项，整体完成度 ~72%，真实可用率 ~80%	2026-03-27 11:44:14 +08:00
iven	7ae6990c97	fix(audit): 修复深度审计 P2 问题 — 自主授权后端守卫、反思历史累积、心跳持久化 ... - M5-补: hand_execute/skill_execute 接收 autonomy_level 参数，后端三层守卫 (supervised 全部审批 / assisted 尊重 needs_approval / autonomous 跳过) - M3: hand_approve/hand_cancel 移除 _hand_name 下划线，添加审计日志 - M4-补: 反思历史累积存储到 reflection:history:{agent_id} 数组(最多20条) get_history 优先读持久化历史，保留 latest key 向后兼容 - 心跳历史: VikingStorage 持久化 HeartbeatResult 数组，tick() 也存历史 heartbeat_init 恢复历史，重启后不丢失 - L2: 确认 gatewayStore 仅注释引用，无需修改 - 身份回滚: 确认 IdentityChangeProposal.tsx 已实现 HistoryItem + restoreSnapshot - 更新 DEEP_AUDIT_REPORT.md 完成度 72% (核心 92%, 真实可用 80%)	2026-03-27 11:32:35 +08:00
iven	b7bc9ddcb1	fix(audit): 修复深度审计 P1/P2 问题 — 记忆统一、持久化、前端适配 ... H3: 重写 memory_commands.rs 统一到 VikingStorage 单一存储，移除双写 H4: 心跳引擎 record_interaction() 持久化到 VikingStorage，启动时恢复 M4: 反思结果/状态持久化到 VikingStorage metadata，重启后自动恢复 - HandApprovalModal import 修正 (handStore 替代 gatewayStore) - kernel-client.ts 幽灵调用替换为 kernel_status - PersistentMemoryStore dead_code warnings 清理 - 审计报告和 README 更新至 v0.6.3，完成度 58%→62%	2026-03-27 09:59:55 +08:00
iven	a71c4138cc	fix(audit): 修复深度审计发现的 P0/P1 问题 (8项) ... 基于 DEEP_AUDIT_REPORT.md 修复 2 CRITICAL + 4 HIGH + 1 MEDIUM 问题: - C1: PromptOnly 技能集成 LLM 调用 — 定义 LlmCompleter trait， 通过 LlmDriverAdapter 桥接 zclaw_runtime::LlmDriver， PromptOnlySkill.execute() 现在调用 LLM 生成内容 - C2: 反思引擎空记忆 bug — 新增 query_memories_for_reflection() 从 VikingStorage 查询真实记忆传入 reflect() - H7: Agent Store 接口适配 — KernelClient 添加 listClones/createClone/ deleteClone/updateClone 方法，映射到 agent_* 命令 - H8: Hand 审批检查 — hand_execute 执行前检查 needs_approval， 需审批返回 pending_approval 状态 - M1: 幽灵命令注册 — 注册 hand_get/hand_run_status/hand_run_list 三个 Tauri 桩命令 - H1/H2: SpeechHand/TwitterHand 添加 demo 标签 - H5: 归档过时 VERIFICATION_REPORT 文档更新: DEEP_AUDIT_REPORT.md 标记修复状态，README.md 更新 关键指标和变更历史。整体完成度从 ~50% 提升至 ~58%。	2026-03-27 09:36:50 +08:00
iven	eed347e1a6	feat: 实现循环防护和安全验证功能 ... refactor(loop_guard): 为LoopGuard添加Clone派生 feat(capabilities): 实现CapabilityManager.validate()安全验证 fix(agentStore): 添加token用量追踪 chore: 删除未实现的Predictor/Lead HAND.toml文件 style(Credits): 移除假数据并标注开发中状态 refactor(Skills): 动态加载技能卡片 perf(configStore): 为定时任务添加localStorage降级 docs: 更新功能文档和版本变更记录	2026-03-27 07:56:53 +08:00
iven	0d4fa96b82	refactor: 统一项目名称从OpenFang到ZCLAW ... 重构所有代码和文档中的项目名称，将OpenFang统一更新为ZCLAW。包括： - 配置文件中的项目名称 - 代码注释和文档引用 - 环境变量和路径 - 类型定义和接口名称 - 测试用例和模拟数据 同时优化部分代码结构，移除未使用的模块，并更新相关依赖项。	2026-03-27 07:36:03 +08:00
iven	4b08804aa9	docs: 更新 features/README.md 反映真实功能完成度 ... 基于审计报告更新 20 项功能模块的成熟度评级： - 平均真实完成度从文档声称的 L3.3 修正为 68% - 各模块成熟度标注从文档声称值调整为实际值 - 新增 P0-P2 清理工作记录	2026-03-27 00:55:49 +08:00
iven	c3996573aa	refactor: 移除 Team 和 Swarm 协作功能 ... 功能论证结论：Team（团队）和 Swarm（协作）为零后端支持的 纯前端 localStorage 空壳，Pipeline 系统已完全覆盖其全部能力。 删除 16 个文件，约 7,950 行代码： - 5 个组件：TeamCollaborationView, TeamOrchestrator, TeamList, DevQALoop, SwarmDashboard - 1 个 Store：teamStore.ts - 3 个 Client/库：team-client.ts, useTeamEvents.ts, agent-swarm.ts - 1 个类型文件：team.ts - 4 个测试文件 - 1 个文档（归档 swarm-coordination.md） 修改 4 个文件： - Sidebar.tsx：移除"团队"和"协作"导航项 - App.tsx：移除 team/swarm 视图路由 - types/index.ts：移除 team 类型导出 - chatStore.ts：移除 dispatchSwarmTask 方法 更新 CHANGELOG.md 和功能文档 README.md	2026-03-26 20:27:19 +08:00
iven	ef3d4e3094	docs: 更新功能文档以反映 Agent Growth System 实现 ... - 更新 README.md 版本至 v0.6.0 - 添加 zclaw-growth crate (第 9 个 crate) - 添加 Agent Growth System 组件状态表 - 更新关键指标 (135 tests, 9 crates) - 更新 roadmap.md 当前状态和执行清单 Agent Growth System 包含: - SqliteStorage + FTS5 全文搜索 - MemoryRetriever + TF-IDF 语义检索 - PromptInjector + Token 预算控制 - MemoryExtractor + LLM 驱动提取 - VikingAdapter 存储抽象层 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-26 18:39:40 +08:00
iven	14f8d4d3ad	feat(presentation): add Smart Presentation Layer for Pipeline output ... - Add PresentationAnalyzer in Rust backend (13 tests passing) - Add PresentationContainer with auto type detection - Add TypeSwitcher for manual type switching - Add ChartRenderer, QuizRenderer, SlideshowRenderer, DocumentRenderer - Integrate ResultModal into PipelinesPanel for result display - Update docs: pipeline-overview.md, README.md, roadmap.md Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-26 18:32:23 +08:00
iven	bf6d81f9c6	refactor: 清理未使用代码并添加未来功能标记 ... style: 统一代码格式和注释风格 docs: 更新多个功能文档的完整度和状态 feat(runtime): 添加路径验证工具支持 fix(pipeline): 改进条件判断和变量解析逻辑 test(types): 为ID类型添加全面测试用例 chore: 更新依赖项和Cargo.lock文件 perf(mcp): 优化MCP协议传输和错误处理	2026-03-25 21:55:12 +08:00