iven/zclaw_openfang
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
97 Commits 2 Branches 0 Tags
4ac6da1c88366478013c40ed4d5aab0cbc5e366f
Commit Graph

5 Commits

Author SHA1 Message Date
iven
32c9f93a7b feat(security): enforce WSS for non-localhost connections 
- Add SecurityError class for clear error handling
- Add validateWebSocketSecurity function
- Block ws:// connections to non-localhost hosts
- Add unit tests for security validation logic

Security: Prevents man-in-the-middle attacks on remote connections
by requiring WSS protocol for all non-localhost WebSocket connections.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-21 17:27:56 +08:00
iven
d266a1435f feat(security): add AES-GCM encryption for localStorage fallback 
- Encrypt credentials before storing in localStorage when OS keyring unavailable
- Decrypt on retrieval with automatic fallback
- Backward compatible with existing unencrypted data (migration on next set)
- Add comprehensive unit tests (11 test cases)

Security: Credentials are now encrypted using AES-GCM when
OS keyring is unavailable, preventing plaintext exposure.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-21 17:13:50 +08:00
iven
a199434e08 test(crypto): add generateMasterKey test coverage 
- Add test for base64 string output
- Add test for 32-byte key length
- Add test for uniqueness

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-21 17:07:08 +08:00
iven
f070d9151e feat(crypto): add AES-GCM encryption utilities 
- Add arrayToBase64/base64ToArray conversion functions
- Add deriveKey for PBKDF2 key derivation
- Add encrypt/decrypt using AES-GCM
- Add generateMasterKey for random key generation
- Update setup.ts to use real Web Crypto API instead of mock
- Add comprehensive unit tests for all crypto functions

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-21 17:05:15 +08:00
iven
3e81bd3e50 feat(ui): Phase 8 UI/UX optimization and system documentation update 
## Sidebar Enhancement
- Change tabs to icon + small label layout for better space utilization
- Add Teams tab with team collaboration entry point

## Settings Page Improvements
- Connect theme toggle to gatewayStore.saveQuickConfig for persistence
- Remove OpenFang backend download section, simplify UI
- Add time range filter to UsageStats (7d/30d/all)
- Add stat cards with icons (sessions, messages, input/output tokens)
- Add token usage overview bar chart
- Add 8 ZCLAW system skill definitions with categories

## Bug Fixes
- Fix ChannelList duplicate content with deduplication logic
- Integrate CreateTriggerModal in TriggersPanel
- Add independent SecurityStatusPanel with 12 default enabled layers
- Change workflow view to use SchedulerPanel as unified entry

## New Components
- CreateTriggerModal: Event trigger creation modal
- HandApprovalModal: Hand approval workflow dialog
- HandParamsForm: Enhanced Hand parameter form
- SecurityLayersPanel: 16-layer security status display

## Architecture
- Add TOML config parsing support (toml-utils.ts, config-parser.ts)
- Add request timeout and retry mechanism (request-helper.ts)
- Add secure token storage (secure-storage.ts, secure_storage.rs)

## Tests
- Add unit tests for config-parser, toml-utils, request-helper
- Add team-client and teamStore tests

## Documentation
- Update SYSTEM_ANALYSIS.md with Phase 8 completion
- UI completion: 100% (30/30 components)
- API coverage: 93% (63/68 endpoints)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-15 14:12:11 +08:00