iven
c3996573aa
refactor: 移除 Team 和 Swarm 协作功能
...
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
功能论证结论:Team(团队)和 Swarm(协作)为零后端支持的
纯前端 localStorage 空壳,Pipeline 系统已完全覆盖其全部能力。
删除 16 个文件,约 7,950 行代码:
- 5 个组件:TeamCollaborationView, TeamOrchestrator, TeamList, DevQALoop, SwarmDashboard
- 1 个 Store:teamStore.ts
- 3 个 Client/库:team-client.ts, useTeamEvents.ts, agent-swarm.ts
- 1 个类型文件:team.ts
- 4 个测试文件
- 1 个文档(归档 swarm-coordination.md)
修改 4 个文件:
- Sidebar.tsx:移除"团队"和"协作"导航项
- App.tsx:移除 team/swarm 视图路由
- types/index.ts:移除 team 类型导出
- chatStore.ts:移除 dispatchSwarmTask 方法
更新 CHANGELOG.md 和功能文档 README.md
2026-03-26 20:27:19 +08:00
iven
3ff08faa56
release(v0.2.0): streaming, MCP protocol, Browser Hand, security enhancements
...
## Major Features
### Streaming Response System
- Implement LlmDriver trait with `stream()` method returning async Stream
- Add SSE parsing for Anthropic and OpenAI API streaming
- Integrate Tauri event system for frontend streaming (`stream:chunk` events)
- Add StreamChunk types: Delta, ToolStart, ToolEnd, Complete, Error
### MCP Protocol Implementation
- Add MCP JSON-RPC 2.0 types (mcp_types.rs)
- Implement stdio-based MCP transport (mcp_transport.rs)
- Support tool discovery, execution, and resource operations
### Browser Hand Implementation
- Complete browser automation with Playwright-style actions
- Support Navigate, Click, Type, Scrape, Screenshot, Wait actions
- Add educational Hands: Whiteboard, Slideshow, Speech, Quiz
### Security Enhancements
- Implement command whitelist/blacklist for shell_exec tool
- Add SSRF protection with private IP blocking
- Create security.toml configuration file
## Test Improvements
- Fix test import paths (security-utils, setup)
- Fix vi.mock hoisting issues with vi.hoisted()
- Update test expectations for validateUrl and sanitizeFilename
- Add getUnsupportedLocalGatewayStatus mock
## Documentation Updates
- Update architecture documentation
- Improve configuration reference
- Add quick-start guide updates
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-24 03:24:24 +08:00
iven
185763868a
feat: production readiness improvements
...
## Error Handling
- Add GlobalErrorBoundary with error classification and recovery
- Add custom error types (SecurityError, ConnectionError, TimeoutError)
- Fix ErrorAlert component syntax errors
## Offline Mode
- Add offlineStore for offline state management
- Implement message queue with localStorage persistence
- Add exponential backoff reconnection (1s→60s)
- Add OfflineIndicator component with status display
- Queue messages when offline, auto-retry on reconnect
## Security Hardening
- Add AES-256-GCM encryption for chat history storage
- Add secure API key storage with OS keychain integration
- Add security audit logging system
- Add XSS prevention and input validation utilities
- Add rate limiting and token generation helpers
## CI/CD (Gitea Actions)
- Add .gitea/workflows/ci.yml for continuous integration
- Add .gitea/workflows/release.yml for release automation
- Support Windows Tauri build and release
## UI Components
- Add LoadingSpinner, LoadingOverlay, LoadingDots components
- Add MessageSkeleton, ConversationListSkeleton skeletons
- Add EmptyMessages, EmptyConversations empty states
- Integrate loading states in ChatArea and ConversationList
## E2E Tests
- Fix WebSocket mock for streaming response tests
- Fix approval endpoint route matching
- Add store state exposure for testing
- All 19 core-features tests now passing
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-22 00:03:22 +08:00
iven
ce562e8bfc
feat: complete Phase 1-3 architecture optimization
...
Phase 1 - Security:
- Add AES-GCM encryption for localStorage fallback
- Enforce WSS protocol for non-localhost WebSocket connections
- Add URL sanitization to prevent XSS in markdown links
Phase 2 - Domain Reorganization:
- Create Intelligence Domain with Valtio store and caching
- Add unified intelligence-client for Rust backend integration
- Migrate from legacy agent-memory, heartbeat, reflection modules
Phase 3 - Core Optimization:
- Add virtual scrolling for ChatArea with react-window
- Implement LRU cache with TTL for intelligence operations
- Add message virtualization utilities
Additional:
- Add OpenFang compatibility test suite
- Update E2E test fixtures
- Add audit logging infrastructure
- Update project documentation and plans
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-21 22:11:50 +08:00
iven
32c9f93a7b
feat(security): enforce WSS for non-localhost connections
...
- Add SecurityError class for clear error handling
- Add validateWebSocketSecurity function
- Block ws:// connections to non-localhost hosts
- Add unit tests for security validation logic
Security: Prevents man-in-the-middle attacks on remote connections
by requiring WSS protocol for all non-localhost WebSocket connections.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-21 17:27:56 +08:00
iven
d266a1435f
feat(security): add AES-GCM encryption for localStorage fallback
...
- Encrypt credentials before storing in localStorage when OS keyring unavailable
- Decrypt on retrieval with automatic fallback
- Backward compatible with existing unencrypted data (migration on next set)
- Add comprehensive unit tests (11 test cases)
Security: Credentials are now encrypted using AES-GCM when
OS keyring is unavailable, preventing plaintext exposure.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-21 17:13:50 +08:00
iven
a199434e08
test(crypto): add generateMasterKey test coverage
...
- Add test for base64 string output
- Add test for 32-byte key length
- Add test for uniqueness
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-21 17:07:08 +08:00
iven
f070d9151e
feat(crypto): add AES-GCM encryption utilities
...
- Add arrayToBase64/base64ToArray conversion functions
- Add deriveKey for PBKDF2 key derivation
- Add encrypt/decrypt using AES-GCM
- Add generateMasterKey for random key generation
- Update setup.ts to use real Web Crypto API instead of mock
- Add comprehensive unit tests for all crypto functions
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-21 17:05:15 +08:00
iven
3e81bd3e50
feat(ui): Phase 8 UI/UX optimization and system documentation update
...
## Sidebar Enhancement
- Change tabs to icon + small label layout for better space utilization
- Add Teams tab with team collaboration entry point
## Settings Page Improvements
- Connect theme toggle to gatewayStore.saveQuickConfig for persistence
- Remove OpenFang backend download section, simplify UI
- Add time range filter to UsageStats (7d/30d/all)
- Add stat cards with icons (sessions, messages, input/output tokens)
- Add token usage overview bar chart
- Add 8 ZCLAW system skill definitions with categories
## Bug Fixes
- Fix ChannelList duplicate content with deduplication logic
- Integrate CreateTriggerModal in TriggersPanel
- Add independent SecurityStatusPanel with 12 default enabled layers
- Change workflow view to use SchedulerPanel as unified entry
## New Components
- CreateTriggerModal: Event trigger creation modal
- HandApprovalModal: Hand approval workflow dialog
- HandParamsForm: Enhanced Hand parameter form
- SecurityLayersPanel: 16-layer security status display
## Architecture
- Add TOML config parsing support (toml-utils.ts, config-parser.ts)
- Add request timeout and retry mechanism (request-helper.ts)
- Add secure token storage (secure-storage.ts, secure_storage.rs)
## Tests
- Add unit tests for config-parser, toml-utils, request-helper
- Add team-client and teamStore tests
## Documentation
- Update SYSTEM_ANALYSIS.md with Phase 8 completion
- UI completion: 100% (30/30 components)
- API coverage: 93% (63/68 endpoints)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-15 14:12:11 +08:00
