zclaw_openfang

Author	SHA1	Message	Date
iven	f79560a911	refactor(desktop): split kernel_commands/pipeline_commands into modules, add SaaS client libs and gateway modules Split monolithic kernel_commands.rs (2185 lines) and pipeline_commands.rs (1391 lines) into focused sub-modules under kernel_commands/ and pipeline_commands/ directories. Add gateway module (commands, config, io, runtime), health_check, and 15 new TypeScript client libraries for SaaS relay, auth, admin, telemetry, and kernel sub-systems (a2a, agent, chat, hands, skills, triggers). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-31 11:12:47 +08:00
iven	eb956d0dce	feat: 新增管理后台前端项目及安全加固 Some checks failed CI / Lint & TypeCheck (push) Has been cancelled Details CI / Unit Tests (push) Has been cancelled Details CI / Build Frontend (push) Has been cancelled Details CI / Rust Check (push) Has been cancelled Details CI / Security Scan (push) Has been cancelled Details CI / E2E Tests (push) Has been cancelled Details refactor(saas): 重构认证中间件与限流策略 - 登录限流调整为5次/分钟/IP - 注册限流调整为3次/小时/IP - GET请求不计入限流 fix(saas): 修复调度器时间戳处理 - 使用NOW()替代文本时间戳 - 兼容TEXT和TIMESTAMPTZ列类型 feat(saas): 实现环境变量插值 - 支持${ENV_VAR}语法解析 - 数据库密码支持环境变量注入 chore: 新增前端管理界面 - 基于React+Ant Design Pro - 包含路由守卫/错误边界 - 对接58个API端点 docs: 更新安全加固文档 - 新增密钥管理规范 - 记录P0安全项审计结果 - 补充TLS终止说明 test: 完善配置解析单元测试 - 新增环境变量插值测试用例	2026-03-31 00:11:33 +08:00
iven	bc8c77e7fe	fix(security): P0 审计修复 — 6项关键安全/编译问题 F1: kernel.rs multi-agent 编译错误 — 重排 spawn_agent 中 A2A 注册顺序，在 config 被 registry.register() 消费前使用 F2: saas-config.toml 从 git 追踪中移除 — 包含数据库密码已进入版本历史 F3: config.rs 硬编码开发密钥改用 #[cfg(debug_assertions)] 编译时门控 — dev fallback 密钥不再进入 release 构建 F4: 公共认证端点添加 IP 速率限制 (20 RPM) — 防止暴力破解 F5: SSE relay 路由分离出全局 15s TimeoutLayer — 避免长流式响应被截断 F6: Provider API 密钥入库前 AES-256-GCM 加密 — 明文存储修复附带：完整审计报告 docs/superpowers/specs/2026-03-30-comprehensive-audit-report.md	2026-03-30 13:32:22 +08:00
iven	5fdf96c3f5	chore: 提交所有工作进度 — SaaS 后端增强、Admin UI、桌面端集成包含大量 SaaS 平台改进、Admin 管理后台更新、桌面端集成完善、文档同步、测试文件重构等内容。为 QA 测试准备干净工作树。	2026-03-29 10:46:41 +08:00
iven	b3a31ec48b	docs(saas): 添加 SaaS 后台系统设计规格涵盖四大核心模块的完整设计: - 账号权限管理 (JWT/Argon2/TOTP/权限模板) - 模型与 API 配置中心 (提供商/模型/密钥/使用量) - 模型请求中转服务 (队列/流式转发/速率限制) - 系统配置迁移分析 (迁移优先级/同步协议) 技术栈: Rust + Axum 后端 + React 管理后台目标: MVP <100 用户, 独立 SaaS 服务	2026-03-27 12:16:19 +08:00
iven	0d4fa96b82	refactor: 统一项目名称从OpenFang到ZCLAW Some checks failed CI / Lint & TypeCheck (push) Has been cancelled Details CI / Unit Tests (push) Has been cancelled Details CI / Build Frontend (push) Has been cancelled Details CI / Rust Check (push) Has been cancelled Details CI / Security Scan (push) Has been cancelled Details CI / E2E Tests (push) Has been cancelled Details 重构所有代码和文档中的项目名称，将OpenFang统一更新为ZCLAW。包括： - 配置文件中的项目名称 - 代码注释和文档引用 - 环境变量和路径 - 类型定义和接口名称 - 测试用例和模拟数据同时优化部分代码结构，移除未使用的模块，并更新相关依赖项。	2026-03-27 07:36:03 +08:00
iven	b7f3d94950	fix(presentation): 修复 presentation 模块类型错误和语法问题 Some checks failed CI / Lint & TypeCheck (push) Has been cancelled Details CI / Unit Tests (push) Has been cancelled Details CI / Build Frontend (push) Has been cancelled Details CI / Rust Check (push) Has been cancelled Details CI / Security Scan (push) Has been cancelled Details CI / E2E Tests (push) Has been cancelled Details - 创建 types.ts 定义完整的类型系统 - 重写 DocumentRenderer.tsx 修复语法错误 - 重写 QuizRenderer.tsx 修复语法错误 - 重写 PresentationContainer.tsx 添加类型守卫 - 重写 TypeSwitcher.tsx 修复类型引用 - 更新 index.ts 移除不存在的 ChartRenderer 导出审计结果: - 类型检查: 通过 - 单元测试: 222 passed - 构建: 成功	2026-03-26 17:19:28 +08:00
iven	4ba0a531aa	docs: add v0.2.0 release implementation plan Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-24 01:34:17 +08:00
iven	fb263a8ae2	docs: add v0.2.0 release plan design document Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-24 01:16:52 +08:00
iven	afb48f7b80	docs: add v0.2.0 release design spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-23 23:24:08 +08:00
iven	815c56326b	docs(phase3): add integration verification report - Track A: Chat virtual scrolling - PASS - Track B: Hands Worker isolation - SKIPPED (architecture already secure) - Track C: Intelligence cache - PASS (completed in Phase 2.5) All TypeScript compilation passed, all domain implementations verified. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-21 21:27:59 +08:00
iven	35b06f2e4a	docs(phase3): add core optimization implementation plan - Track A: Chat virtual scrolling with react-window - Track B: Hands Web Worker isolation for security - Track C: Intelligence caching (already completed) Plan includes: - File structure and task breakdown - Code examples for each component - Verification checklist - Integration requirements Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-21 20:03:13 +08:00
iven	e2fb79917b	docs(phase2): add Phase 2 domain reorganization changelog - Document completed tasks and file structure - Record technical decisions and architecture changes - Note verification results and next steps Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-21 19:53:07 +08:00
iven	7ffd5e1531	feat(domains): create domain-driven architecture for Phase 2 Chat Domain: - Add types.ts with Message, Conversation, Agent types - Add store.ts with Valtio-based state management - Add hooks.ts with useChatState, useMessages, etc. - Add index.ts for public API export Hands Domain: - Add types.ts with Hand, Trigger, Approval types - Add machine.ts with XState state machine - Add store.ts with Valtio-based state management - Add hooks.ts with useHands, useApprovalQueue, etc. Shared Module: - Add types.ts with Result, AsyncResult, PaginatedResponse - Add error-handling.ts with AppError, NetworkError, etc. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-21 19:47:48 +08:00
iven	60ddb0b1e9	fix(plan): address review feedback for Phase 1 plan - Fix mock path in setup.ts to use @ alias - Add Web Crypto polyfill for Node.js test environment - Use pnpm exec for vitest version check - Update Task 4.1 to note existing isLocalhost function - Add cross-platform notes for Windows users Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-21 16:42:38 +08:00
iven	5edb8e347f	docs(plan): add Phase 1 implementation plan Detailed plan for Security + Testing phase (2 weeks): - Task 1.1-1.2: Test framework setup (Vitest) - Task 2.1-2.2: Crypto utilities module - Task 3.1: Secure storage encryption enhancement - Task 4.1: WSS enforcement - Task 5.1: ChatStore unit tests - Task 6.1-6.4: Integration and verification Each task has bite-sized steps with exact commands and expected output. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-21 16:38:04 +08:00
iven	d1c200a243	docs(spec): revise architecture optimization spec based on review Fixes from code review: - Fix terminology: VZustand → Valtio - Add terminology table for clarity - Add existing code analysis section - Add migration mapping table - Remove incorrect Web Worker claims - Update Hands section to focus on XState - Update Intelligence cache to acknowledge existing impl - Add detailed task breakdown with estimates - Add performance measurement methods - Update dependency versions to specific versions - Add 2-week buffer to timeline Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-21 16:23:57 +08:00
iven	52c5e8a732	docs(spec): add architecture optimization design spec Comprehensive design for 14-week architecture overhaul: - VZustand for fine-grained reactivity - Web Worker isolation for security - XState for Hands state machine - Domain-driven directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-21 16:16:24 +08:00
iven	dfeb286591	docs(plan): add automation system redesign implementation plan Four phases: - P1: Fix core issues (param passing, store migration, WebSocket events) - P2: UI refactor (AutomationPanel, AutomationCard, filters) - P3: Advanced features (ScheduleEditor, batch operations) - P4: Workflow integration (ApprovalQueue, ExecutionResult) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-18 15:55:18 +08:00
iven	c856673936	docs(spec): update automation design with review feedback Key changes: - Extend existing stores instead of creating new automationStore - Use type adapter pattern instead of new type hierarchy - Add explicit HandParamsForm parameter passing fix - Add category mapping for 7 existing Hands Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-18 15:14:36 +08:00
iven	552efb513b	docs(spec): add automation system redesign specification Design for Hands/Workflow unified automation panel with: - Visual scheduler without cron syntax - Result stream integration into chat - Batch operations (trigger, approve, configure) - Real-time status via WebSocket - Offline queue and error recovery Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-18 15:10:55 +08:00
iven	74dbf42644	refactor(startup): simplify stack to Tauri-managed OpenFang + optional ChromeDriver - Remove OpenFang CLI dependency from startup scripts - OpenFang now bundled with Tauri and managed via gateway_start/gateway_status commands - Add bootstrap screen in App.tsx to auto-start local gateway before UI loads - Update Makefile: replace start-no-gateway with start-desktop-only - Fix gateway config endpoints: use /api/config instead of /api/config/quick - Add Playwright dependencies for future E2E testing	2026-03-17 14:08:03 +08:00
iven	69c874ed59	docs(spec): add Browser Hand UI design specification Design for browser automation UI component integrated into HandsPanel: - Dual trigger mechanism: frontend templates + agent scripts - Real-time status + screenshot preview - Complete template system (basic, scraping, automation) - Task runner with progress tracking Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-17 08:14:41 +08:00

23 Commits