iven
e10549a1b9
fix: 发布前审计 Batch 2 — Debug遮蔽 + unwrap + 静默吞错 + MCP锁 + 索引 + Config验证
...
安全:
- LlmConfig 自定义 Debug impl,api_key 显示为 "***REDACTED***"
- tsconfig.json 移除 ErrorBoundary.tsx 排除项(安全关键组件)
- billing/handlers.rs Response builder unwrap → map_err 错误传播
- classroom_commands/mod.rs db_path.parent().unwrap() → ok_or_else
静默吞错:
- approvals.rs 3处 warn→error(审批状态丢失是严重事件)
- events.rs publish() 添加 Event dropped debug 日志
- mcp_transport.rs eprintln→tracing::warn (僵尸进程风险)
- zclaw-growth sqlite.rs 4处迁移:区分 duplicate column name 与真实错误
MCP Transport:
- 合并 stdin+stdout 为单一 Mutex<TransportHandles>
- send_request write-then-read 原子化,防止并发响应错配
数据库:
- 新迁移 20260418000001: idx_rle_created_at + idx_billing_sub_plan + idx_ki_created_by
配置验证:
- SaaSConfig::load() 添加 jwt_expiration_hours>=1, max_connections>0, min<=max
2026-04-18 14:09:36 +08:00
iven
943afe3b6b
feat(protocols): MCP tool adapter + Tauri commands + initialize bug fix
...
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
S6 MCP Protocol:
- Fix McpTransport::initialize() — store actual server capabilities instead
of discarding them and storing empty ServerCapabilities::default()
- Add send_notification() method to McpTransport for JSON-RPC notifications
- Send notifications/initialized after MCP handshake (spec requirement)
- Add McpToolAdapter: bridges MCP server tools into the tool execution path
- Add McpServiceManager: lifecycle management for MCP server connections
- Add 4 Tauri commands: mcp_start_service, mcp_stop_service,
mcp_list_services, mcp_call_tool
- Register zclaw-protocols dependency in desktop Cargo.toml
New files:
- crates/zclaw-protocols/src/mcp_tool_adapter.rs (153 lines)
- desktop/src-tauri/src/kernel_commands/mcp.rs (145 lines)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-04-03 22:07:35 +08:00
iven
bf6d81f9c6
refactor: 清理未使用代码并添加未来功能标记
...
CI / Rust Check (push) Has been cancelled
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
style: 统一代码格式和注释风格
docs: 更新多个功能文档的完整度和状态
feat(runtime): 添加路径验证工具支持
fix(pipeline): 改进条件判断和变量解析逻辑
test(types): 为ID类型添加全面测试用例
chore: 更新依赖项和Cargo.lock文件
perf(mcp): 优化MCP协议传输和错误处理
2026-03-25 21:55:12 +08:00
iven
5a35243fd2
feat(protocols): implement MCP JSON-RPC transport layer
...
Add complete MCP protocol implementation:
- mcp_types.rs: JSON-RPC types, initialize, tools, resources, prompts
- mcp_transport.rs: Stdio-based transport with split mutexes for stdin/stdout
- McpServerConfig builders for npx/node/python MCP servers
- Full McpClient trait implementation for tools/resources/prompts
- Add McpError variant to ZclawError
Transport supports:
- Starting MCP server processes via Command
- JSON-RPC 2.0 request/response over stdio
- Length-prefixed message framing
- Tool listing and invocation
- Resource listing and reading
- Prompt listing and retrieval
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-24 02:00:10 +08:00
