16 Commits

Author	SHA1	Message	Date
iven	c048cb215f	docs: V13 系统性功能审计 — 6 项新发现 + TRUTH.md 数字校准 ... V13 审计聚焦 V12 后新增功能 (行业配置/Knowledge/Hermes/管家主动性): - 总体健康度 82/100 (V12: 76) - P1 新发现 3 项: TrajectoryRecorder 未注册/industryStore 孤立/桌面端无 Knowledge Search - P2 新发现 3 项: Webhook 孤儿表/Structured Data 无 Admin/PersistentMemoryStore 遗留 - 修正 V12 错误认知 5 项: Butler/MCP/Gateway/Presentation 已接通 - TRUTH.md 数字校准: Tauri 184→191, SaaS 122→136, @reserved 33→24	2026-04-12 23:33:13 +08:00
iven	d6b1f44119	feat(admin): add ConfigSync page + close ADMIN-01/02 (AUDIT_TRACKER) ... - ADMIN-01 FIXED: ConfigSync.tsx page with ProTable + pagination - config-sync service calling GET /config/sync-logs - route + nav item + breadcrumb - backend @reserved → @connected - ADMIN-02 FALSE_POSITIVE: Logs.tsx + logs service already exist	2026-04-05 01:40:38 +08:00
iven	745c2fd754	feat(saas): add down migrations for all incremental schema changes (AUD3-DB-01) ... - 16 down SQL files in migrations/down/ for each incremental migration - db::run_down_migrations() executes rollback files in reverse order - migrate_down CLI task: task=migrate_down timestamp=20260402 - Initial schema and seed data excluded (would be destructive)	2026-04-05 01:35:33 +08:00
iven	3b0ab1a7b7	fix(types): Desktop type safety hardening (TYPE-01) ... - Unify ConnectionState: kernel-types.ts now canonical source with 'handshaking', gateway-types.ts re-exports - PromptTemplateInfo source/status → union literals - PromptVariable.type → union literal - CreateRoleRequest id/permissions → optional - PropertyPanel: replace 13 as any with typed accessor pattern - chatStore: window cast via as unknown as Record	2026-04-05 01:30:29 +08:00
iven	36168d6978	docs(audit): sync AUD3-FE-05/06 table status to FIXED	2026-04-05 01:13:27 +08:00
iven	b84a503500	docs(audit): batch close 17 OPEN items + update TRUTH.md command counts ... Closed items (FALSE_POSITIVE): V11-P3-02/03/08, V11-P4-03/04/05, AUD3-FE-04/07/08, V11-P3-04/06, AUD3-CONC-03, DOC-03/04, V11-P4-01 Fixed: V11-P2-05, AUD3-FE-03, AUD3-FE-09, DOC-03 Documented: AUD3-API-02, V11-P4-02, SEC2-P3-01/02 TRUTH.md: 171→177 commands (160 @connected / 16 @reserved) CLAUDE.md: skills 76→75, unified counts	2026-04-05 01:07:08 +08:00
iven	13a40dbbf5	docs(audit): update tracker with DEAD-05 + V11-P2-05 progress ... - DEAD-05: 10 dead saas-client methods removed (PARTIALLY_FIXED) - V11-P2-05: 9 stale @reserved annotations corrected to @connected Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-05 00:23:45 +08:00
iven	26dc500b1b	docs(audit): batch close 15 P2/P3 items as FALSE_POSITIVE ... CLOSED items: - BREAK-02/03/04: FALSE_POSITIVE (already closed in changelog) - V11-P2-01: saas-admin.ts deleted - V11-P2-02: admin-v2 has roles service+page - V11-P2-04: ToolDefinition re-export, not duplicate - V11-P2-06: fetch_all sync-only, no LIMIT needed - V11-P3-02/03: function removed or feature-gated - V11-P3-05/DEAD-04: properly feature-gated - AUD3-CONC-02/DB-02: already covered by SEC2-P2-05/08 - EVAL-01: zclaw-channels removed - SEC-V9-02: comprehensive validation exists - DOC-01/02: tauri command count updated 175→171 Also fixed BREAK-02/03/04 table rows to match changelog status.	2026-04-04 23:52:33 +08:00
iven	37e77d0d5e	docs(audit): close P2/P3 items, FALSE_POSITIVE resolved ... - SEC-V9-02: relay input validation already comprehensive - AUDIT-01: audit-logger.ts already deleted in prior cleanup - G-07: provider_keys vs account_api_keys intentional architecture - V11-P2-03: gateway-storage sync methods already replaced - V11-P3-01: audit-logger.ts already deleted - V11-P3-07: secure-storage sync same as V11-P2-03 - Batch 7 commit hash corrected (1fec8cf)	2026-04-04 21:51:36 +08:00
iven	6c6fcb76b3	docs(audit): resolve 3 P1 architecture decisions ... - SEC2-P1-01 FactStore: FALSE_POSITIVE (trait already removed) - V11-P1-03 3 SQL tables: FALSE_POSITIVE (2 active via JOIN, 1 write-only downgrade to P3) - M4-04 deep approval: WONTFIX (4-layer defense-in-depth sufficient) - M11-02: FIXED (map_err added in prev commit)	2026-04-04 21:31:47 +08:00
iven	1fec8cfbc1	fix(arch): unify TS/Rust types + classroom persistence registration + approval audit ... - M11-03: Register ClassroomPersistence via Tauri .setup() hook with in-memory fallback. Previously missing — classroom commands would crash at runtime. - M3-02: Document BrowserHand as schema validator + TypeScript delegation passthrough (dual-path architecture explicitly documented). - M4-04: Add defense-in-depth audit logging in execute_hand() and execute_hand_with_source() when needs_approval hands bypass approval gate. - TYPE-01: Add #[serde(rename_all = "camelCase")] to Rust AgentInfo. Add missing fields to TS AgentInfo (messageCount, createdAt, updatedAt). Fix KernelStatus TS interface to match Rust KernelStatusResponse (baseUrl/model instead of defaultProvider/defaultModel). - SEC2-P1-01: Document EXTRACTION_DRIVER OnceCell as legacy path; Kernel struct field is the active path. - TriggerSource: Add #[derive(PartialEq)] for approval audit comparisons.	2026-04-04 21:09:02 +08:00
iven	8e56df74ec	docs: update audit tracker with V12 module audit fix progress	2026-04-04 19:28:11 +08:00
iven	305984c982	fix(saas): P2 code quality fixes + config PATCH/PUT alignment ... P2 code quality (SEC2-P2-01~10): - P2-04: Replace vague TODO with detailed Phase 2 design note in generate_embedding.rs - P2-05: Add NOTE(fire-and-forget) annotations to 4 long-running tokio::spawn in main.rs - P2-07: Add DESIGN NOTE to scheduler explaining sequential execution rationale - P2-08: Add compile-time table name whitelist + runtime char validation in db.rs - P2-02: Verified N/A (only zclaw-pipeline uses serde_yaml_bw, no inconsistency) - P2-06: Verified N/A (bind loop correctly matches 6-column placeholders) - P2-03: Remains OPEN (requires upstream sqlx release) Config HTTP method alignment (B3-4): - Fix admin-v2 config.ts: request.patch -> request.put to match backend .put() route - Fix backend handler doc comment: PATCH -> PUT - Add @reserved annotations to 6 config handlers without frontend callers	2026-04-03 21:32:17 +08:00
iven	8898bb399e	docs: audit reports + feature docs + skills + admin-v2 + config sync ... Update audit tracker, roadmap, architecture docs, add admin-v2 Roles page + Billing tests, sync CLAUDE.md, Cargo.toml, docker-compose.yml, add deep-research / frontend-design / chart-visualization skills Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 19:25:00 +08:00
iven	7de294375b	feat(auth): 添加异步密码哈希和验证函数 ... refactor(relay): 复用HTTP客户端和请求体序列化结果 feat(kernel): 添加获取单个审批记录的方法 fix(store): 改进SaaS连接错误分类和降级处理 docs: 更新审计文档和系统架构文档 refactor(prompt): 优化SQL查询参数化绑定 refactor(migration): 使用静态SQL和COALESCE更新配置项 feat(commands): 添加审批执行状态追踪和事件通知 chore: 更新启动脚本以支持Admin后台 fix(auth-guard): 优化授权状态管理和错误处理 refactor(db): 使用异步密码哈希函数 refactor(totp): 使用异步密码验证函数 style: 清理无用文件和注释 docs: 更新功能全景和审计文档 refactor(service): 优化HTTP客户端重用和请求处理 fix(connection): 改进SaaS不可用时的降级处理 refactor(handlers): 使用异步密码验证函数 chore: 更新依赖和工具链配置	2026-03-29 21:45:29 +08:00
iven	8b9d506893	refactor(saas): 架构重构 + 性能优化 — 借鉴 loco-rs 模式 ... Phase 0: 知识库 - docs/knowledge-base/loco-rs-patterns.md — loco-rs 10 个可借鉴模式研究 Phase 1: 数据层重构 - crates/zclaw-saas/src/models/ — 15 个 FromRow 类型化模型 - Login 3 次查询合并为 1 次 AccountLoginRow 查询 - 所有 service 文件从元组解构迁移到 FromRow 结构体 Phase 2: Worker + Scheduler 系统 - crates/zclaw-saas/src/workers/ — Worker trait + 5 个具体实现 - crates/zclaw-saas/src/scheduler.rs — TOML 声明式调度器 - crates/zclaw-saas/src/tasks/ — CLI 任务系统 Phase 3: 性能修复 - Relay N+1 查询 → 精准 SQL (relay/handlers.rs) - Config RwLock → AtomicU32 无锁 rate limit (state.rs, middleware.rs) - SSE std::sync::Mutex → tokio::sync::Mutex (relay/service.rs) - /auth/refresh 阻塞清理 → Scheduler 定期执行 Phase 4: 多环境配置 - config/saas-{development,production,test}.toml - ZCLAW_ENV 环境选择 + ZCLAW_SAAS_CONFIG 精确覆盖 - scheduler 配置集成到 TOML	2026-03-29 19:21:48 +08:00