9 Commits

Author	SHA1	Message	Date
iven	edd6dd5fc8	fix(audit): Batch 4-6 中间件注释 + 依赖迁移 + 安全加固 ... Batch 4: - kernel/mod.rs: 添加中间件注册顺序≠执行顺序注释 - EvolutionMiddleware 注册处标注 priority=78 Batch 5: - desktop/src-tauri/Cargo.toml: serde_yaml 0.9 (deprecated) → serde_yaml_bw 2.x Batch 6: - saas/main.rs: CORS 开发模式改为显式 localhost origins (修复 Any+credentials 违规) - docker-compose.yml: 移除默认弱密码 your_secure_password，改为必填校验 - director.rs: 用户输入添加 <user_input>/<user_request> 边界标记防注入 全量测试通过: 719 passed, 0 failed	2026-04-19 08:46:12 +08:00
iven	4329bae1ea	fix(audit): Batch 2 生产代码 unwrap 替换 (20 处) ... P0 修复: - viking_commands.rs: URI 路径构建 unwrap → ok_or_else 错误传播 - clip.rs: 临时文件路径 unwrap → ok_or_else (防 Windows 中文路径 panic) P1 修复: - personality_detector.rs: Mutex lock unwrap → unwrap_or_else 防中毒传播 - pptx.rs: HashMap.get unwrap → expect (来自 keys() 迭代) P2 修复: - 4 处 SystemTime.unwrap → expect("system clock is valid") - 4 处 dev_server URL.parse.unwrap → expect("hardcoded URL is valid") - 9 处 nl_schedule Regex.unwrap → expect("static regex is valid") - 5 处 data_masking Regex.unwrap → expect("static regex is valid") - 2 处 pipeline/state Regex.unwrap → expect("static regex is valid") 全量测试通过: 719 passed, 0 failed	2026-04-19 08:38:09 +08:00
iven	924ad5a6ec	fix(audit): Batch 0-1 文档校准 + let _ = 静默错误修复 ... Batch 0: - TRUTH.md 中间件层 14→15 (补 EvolutionMiddleware@78) - wiki/middleware.md 同步 15 层 + 优先级分类更新 - Store 数字确认 25 个 Batch 1: - approvals.rs: 3 处 map_err+let _ = 简化为 if let Err - director.rs: oneshot send 失败添加 debug 日志 - task.rs: 4 处子任务状态更新添加 debug 日志 - chat.rs: 流消息发送和事件 emit 添加 warn/debug 日志 - heartbeat.rs: 告警广播添加 debug 日志 + break 优化 全量测试通过: 719 passed, 0 failed	2026-04-19 08:30:33 +08:00
iven	f3fb5340b5	fix: 发布前审计 Batch 1 — Pipeline 内存泄漏/超时 + Director 死锁 + Rate Limit Worker ... Pipeline executor: - 添加 cleanup() 方法，MAX_COMPLETED_RUNS=100 上限淘汰旧记录 - 每步执行添加 tokio::time::timeout（使用 PipelineSpec.timeout_secs，默认 300s） - Delay ms 上限 60000，超出 warn 并截断 Director send_to_agent: - 重构为 oneshot::channel 响应模式，避免 inbox + pending_requests 锁竞争 - 添加 ensure_inbox_reader() 独立任务分发响应到对应 oneshot sender cleanup_rate_limit Worker: - 实现 Worker body: DELETE FROM rate_limit_events WHERE created_at < NOW() - INTERVAL '1 hour' 651 tests passed, 0 failed	2026-04-18 14:09:16 +08:00
iven	a5b887051d	fix: butler audit critical fixes — pain detection, proposal trigger, URI + data flow ... 5 fixes from focused audit: - Connect analyze_for_pain_signals() to post_conversation_hook (pain points now auto-created) - Add "generate solution" button in InsightsSection for high-confidence pain points (>=0.7) - Fix Memory URI mismatch: viking://agents/ → viking://agent/ (singular) - Remove duplicate .then() chain in useButlerInsights (was destructuring undefined) - Update stale director.rs doc comment (multi-agent now enabled by default)	2026-04-07 10:23:54 +08:00
iven	e1f3a9719e	feat(multi-agent): enable Director + butler delegation (Chunk 4) ... - Enable multi-agent feature by default in desktop build - Add butler delegation logic: task decomposition, expert assignment - Add ExpertTask, DelegationResult, butler_delegate() to Director - Add butler_delegate_task Tauri command bridging Director to frontend - 13 Director tests passing (6 original + 7 new butler tests) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-07 09:21:49 +08:00
iven	9af7b0dd46	fix(kernel): enable multi-agent compilation + A2A routing tests ... - director.rs: add missing CompletionRequest fields (thinking_enabled, reasoning_effort, plan_mode) for multi-agent feature gate - agents.rs: remove unused AgentState import behind multi-agent feature - lib.rs: replace ambiguous glob re-export with explicit director types, resolving AgentRole conflict between director and generation modules - a2a.rs: add 5 integration tests covering direct message delivery, broadcast routing, group messaging, agent unregistration, and expired message rejection (10 total A2A tests, all passing) - Verified: 537 workspace tests pass with multi-agent feature enabled Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-04 09:41:24 +08:00
iven	eb956d0dce	feat: 新增管理后台前端项目及安全加固 ... refactor(saas): 重构认证中间件与限流策略 - 登录限流调整为5次/分钟/IP - 注册限流调整为3次/小时/IP - GET请求不计入限流 fix(saas): 修复调度器时间戳处理 - 使用NOW()替代文本时间戳 - 兼容TEXT和TIMESTAMPTZ列类型 feat(saas): 实现环境变量插值 - 支持${ENV_VAR}语法解析 - 数据库密码支持环境变量注入 chore: 新增前端管理界面 - 基于React+Ant Design Pro - 包含路由守卫/错误边界 - 对接58个API端点 docs: 更新安全加固文档 - 新增密钥管理规范 - 记录P0安全项审计结果 - 补充TLS终止说明 test: 完善配置解析单元测试 - 新增环境变量插值测试用例	2026-03-31 00:11:33 +08:00
iven	3ff08faa56	release(v0.2.0): streaming, MCP protocol, Browser Hand, security enhancements ... ## Major Features ### Streaming Response System - Implement LlmDriver trait with `stream()` method returning async Stream - Add SSE parsing for Anthropic and OpenAI API streaming - Integrate Tauri event system for frontend streaming (`stream:chunk` events) - Add StreamChunk types: Delta, ToolStart, ToolEnd, Complete, Error ### MCP Protocol Implementation - Add MCP JSON-RPC 2.0 types (mcp_types.rs) - Implement stdio-based MCP transport (mcp_transport.rs) - Support tool discovery, execution, and resource operations ### Browser Hand Implementation - Complete browser automation with Playwright-style actions - Support Navigate, Click, Type, Scrape, Screenshot, Wait actions - Add educational Hands: Whiteboard, Slideshow, Speech, Quiz ### Security Enhancements - Implement command whitelist/blacklist for shell_exec tool - Add SSRF protection with private IP blocking - Create security.toml configuration file ## Test Improvements - Fix test import paths (security-utils, setup) - Fix vi.mock hoisting issues with vi.hoisted() - Update test expectations for validateUrl and sanitizeFilename - Add getUnsupportedLocalGatewayStatus mock ## Documentation Updates - Update architecture documentation - Improve configuration reference - Add quick-start guide updates Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-24 03:24:24 +08:00