Fix needs_approval field in BrowserHand::new() from false to true to
match the TOML config (hands/browser.HAND.toml says requires_approval = true).
Browser automation has security implications and should require approval.
Add 11 unit tests covering:
- Config id and enabled state
- needs_approval correctness (after fix)
- Action deserialization (Navigate, Click, Type, Scrape, Screenshot)
- Roundtrip serialization for all major action variants
- BrowserSequence builder with stop_on_error()
- Multi-step sequence execution
- FormField deserialization
Also add stop_on_error() builder method to BrowserSequence which was
referenced in the test plan but missing from the struct.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fix extract_visible_text to use proper byte position tracking (pos += char_len)
instead of iterating chars without position context, which caused script/style
tag detection to fail on multi-byte content. Also adds script/style stripping
logic and raises truncation limit to 10000 chars.
Adds 9 unit tests covering:
- Config identity verification
- OutputFormat serialization round-trip
- HTML text extraction (basic, script stripping, style stripping, empty input)
- Aggregate action with empty URLs
- CollectorAction deserialization (Collect/Aggregate/Extract)
- CollectionTarget deserialization
Target market is domestic China users only — integrate Alipay Face-to-Face
Payment and WeChat Native Pay directly instead of Stripe as intermediary.
Updated billing module structure, risk table, and verification criteria.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Tailor first-conversation prompts to the three target user groups:
- Education: AI tool comparison, digital transformation research
- Healthcare: administrative optimization proposal
- Design/Shantou: toy industry export trend analysis
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add comprehensive test suite: config, types, action deserialization, URL encoding,
HTML text extraction, hand trait methods
- Fix summary field: generate rule-based summary from top search results (was always None)
- Fix extract_text_from_html: correct position tracking for script/style tag detection
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add execute_scheduled_task helper that fetches task info and dispatches
by target_type (agent/hand/workflow)
- Replace STUB warn+simple-UPDATE with full execution flow: dispatch task,
then update state with interval-aware next_run_at calculation
- Update next_run_at using interval_seconds for recurring tasks instead
of setting NULL
- Fix pre-existing cache.rs borrow-after-move bug (id.clone() in insert)
- Fix inconsistent 'KernelClient' logger name to 'KernelHands' in listApprovals
- Replace console.error with logger.error in gateway-api triggerHand
- No functional changes, only logging consistency improvements
- Add searchParams state connected to useQuery queryKey/queryFn
- Enable role and status columns as searchable select dropdowns
- Map username search field to backend 'search' param
- Add onSubmit/onReset callbacks on ProTable
- Accounts.test.tsx: table data rendering + loading state verification
- AgentTemplates.test.tsx: template names and categories rendering
- Both use MSW for HTTP mocking, QueryClientProvider for React Query
- Add trusted_proxies field to ServerConfig (Vec<String>, serde default)
- Default value is empty vector (no proxy trust until explicitly configured)
- Development config: trust localhost IPs (127.0.0.1, ::1)
- Production config: placeholder localhost IPs with comment to replace
Root cause: each relay request executes 13-17 serial DB queries, exhausting
the 50-connection pool under concurrency. When pool is exhausted, sqlx returns
PoolTimedOut which maps to 500 DATABASE_ERROR.
Fixes:
1. log_operation → dispatch_log_operation (async Worker dispatch, non-blocking)
2. record_usage → tokio::spawn (3 DB queries moved off critical path)
3. DB pool: max_connections 50→100 (env-configurable), acquire_timeout 5s→8s
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1. key_pool: merge 3 serial UPDATE queries into 2 (cumulative stats +
last_used_at combined into single UPDATE)
2. service: reduce SSE spawn sleep from 3s to 500ms and add 5s timeout
on DB operations to prevent connection hoarding
1. App.tsx: add restoreSession() call on startup to prevent redirect
to login page after refresh (isRestoring guard + BootstrapScreen)
2. CloneManager: call syncAgents() after loadClones() to restore
currentAgent and conversation history on app load
3. zclaw-memory: add get_or_create_session() so frontend session UUID
is persisted directly — kernel no longer creates mismatched IDs
4. openai.rs: assistant message content must be non-empty for
Kimi/Qwen APIs — replace empty content with meaningful placeholders
Also includes admin-v2 ModelServices unified page (merge providers +
models + API keys into expandable row layout)
Multi-stage Docker build for zclaw-saas with dependency caching,
environment variable template with security defaults, Nginx reverse
proxy with SSE/WebSocket support and HTTPS, and comprehensive
Chinese-language production deployment documentation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add migration to add last_used_at TIMESTAMPTZ column to provider_keys
- Update select_best_key() SQL to sort by last_used_at ASC NULLS FIRST
- Update record_key_usage() to set last_used_at = NOW() on each use
- Bump SCHEMA_VERSION to 10
- Add llm_routing to all list_accounts/get_account SQL queries and JSON responses
- Add llm_routing to UpdateAccountRequest with COALESCE update
- Add llm_routing to AccountPublic struct in auth types
- Wire llm_routing into register (default 'local'), login, and me handlers
- Add llm_routing field to AccountRow, AccountAuthRow, AccountLoginRow model structs
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add AgentTemplateAvailable/AgentTemplateFull types and fetchAvailableTemplates/fetchTemplateFull API methods to saas-client
- Add llm_routing field to SaaSAccountInfo for admin-configured routing priority
- Add availableTemplates state and fetchAvailableTemplates action to saasStore with background fetch on login
- Add admin llm_routing priority check in connectionStore connect() to force relay or local mode
- Add createFromTemplate action to agentStore with SOUL.md persistence
- Add Step 0 template selection to AgentOnboardingWizard with grid layout for template browsing
- Add llm_routing field (relay/local) to AccountPublic type and Accounts page table + edit modal
- Upgrade Providers Key Pool from read-only to full CRUD with add/toggle/delete mutations
- Extend AgentTemplate type with soul_content, scenarios, welcome_message, quick_commands,
personality, communication_style, emoji, version, source_id fields
- Add AgentTemplateAvailable lightweight interface
- Add emoji column and extended form fields (emoji, personality, soul_content, welcome_message,
communication_style, source_id) to Agent Templates page
- Add getFull method to agent-templates service
- Fix misplaced useState import in Accounts.tsx
- Add 9 extended fields to AgentTemplateInfo: soul_content, scenarios,
welcome_message, quick_commands, personality, communication_style,
emoji, version, source_id
- Refactor service.rs to use sqlx::Row (manual column extraction) to
avoid the 16-element tuple FromRow limit
- Add /api/v1/agent-templates/available (lightweight public listing)
and /api/v1/agent-templates/:id/full endpoints
- Add 24h key_usage_window cleanup task in scheduler
- Update seed data with extended fields for all 5 existing templates
plus new Medical Assistant template (healthcare category)
