iven/zclaw_openfang
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
136 Commits 2 Branches 0 Tags
3ff08faa5638b2d26bbfa0f79fb9daff0c65c990
Commit Graph

5 Commits

Author SHA1 Message Date
iven
3ff08faa56 release(v0.2.0): streaming, MCP protocol, Browser Hand, security enhancements 
## Major Features

### Streaming Response System
- Implement LlmDriver trait with `stream()` method returning async Stream
- Add SSE parsing for Anthropic and OpenAI API streaming
- Integrate Tauri event system for frontend streaming (`stream:chunk` events)
- Add StreamChunk types: Delta, ToolStart, ToolEnd, Complete, Error

### MCP Protocol Implementation
- Add MCP JSON-RPC 2.0 types (mcp_types.rs)
- Implement stdio-based MCP transport (mcp_transport.rs)
- Support tool discovery, execution, and resource operations

### Browser Hand Implementation
- Complete browser automation with Playwright-style actions
- Support Navigate, Click, Type, Scrape, Screenshot, Wait actions
- Add educational Hands: Whiteboard, Slideshow, Speech, Quiz

### Security Enhancements
- Implement command whitelist/blacklist for shell_exec tool
- Add SSRF protection with private IP blocking
- Create security.toml configuration file

## Test Improvements
- Fix test import paths (security-utils, setup)
- Fix vi.mock hoisting issues with vi.hoisted()
- Update test expectations for validateUrl and sanitizeFilename
- Add getUnsupportedLocalGatewayStatus mock

## Documentation Updates
- Update architecture documentation
- Improve configuration reference
- Add quick-start guide updates

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-24 03:24:24 +08:00
iven
e49ba4460b feat(security): add security configuration and tool validation 
Security Configuration:
- config/security.toml with shell_exec, file_read, file_write, web_fetch, browser, and mcp settings
- Command whitelist/blacklist for shell execution
- Path restrictions for file operations
- SSRF protection for web fetch

Tool Security Implementation:
- ShellSecurityConfig with whitelist/blacklist validation
- ShellExecTool with actual command execution
- Timeout and output size limits
- Security checks before command execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-24 03:10:32 +08:00
iven
5a35243fd2 feat(protocols): implement MCP JSON-RPC transport layer 
Add complete MCP protocol implementation:
- mcp_types.rs: JSON-RPC types, initialize, tools, resources, prompts
- mcp_transport.rs: Stdio-based transport with split mutexes for stdin/stdout
- McpServerConfig builders for npx/node/python MCP servers
- Full McpClient trait implementation for tools/resources/prompts
- Add McpError variant to ZclawError

Transport supports:
- Starting MCP server processes via Command
- JSON-RPC 2.0 request/response over stdio
- Length-prefixed message framing
- Tool listing and invocation
- Resource listing and reading
- Prompt listing and retrieval

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-24 02:00:10 +08:00
iven
58cd24f85b feat: add internal ZCLAW kernel crates to git tracking 2026-03-22 09:26:36 +08:00
iven
7abfca9d5c feat(kernel): add internal ZCLAW kernel integration with Tauri 
Phase 1-3 of independence architecture:
- zclaw-types: Add ToolDefinition, ToolResult, KernelConfig, ModelConfig
- zclaw-kernel: Fix AgentInfo provider field, export config module
- desktop: Add kernel_commands for internal kernel access
- Add AgentId FromStr implementation for parsing

New Tauri commands:
- kernel_init, kernel_status, kernel_shutdown
- agent_create, agent_list, agent_get, agent_delete
- agent_chat

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-22 08:37:20 +08:00