182 Commits

Author	SHA1	Message	Date
iven	0b512a3d85	fix(industry): 三轮审计修复 — 3 HIGH + 4 MEDIUM 清零 ... H1: status 值不匹配 disabled→inactive + source 补 admin 映射 + valueEnum H2: experience.rs format_for_injection 添加 xml_escape H3: TriggerContext industry_keywords 接通全局缓存 M2: ID 自动生成移除中文字符保留 + 无 ASCII 时提示手动输入 M3: TS CreateIndustryRequest 添加 id? 字段 M4: ListIndustriesQuery 添加 deny_unknown_fields	2026-04-12 21:04:00 +08:00
iven	640df9937f	feat(knowledge): Phase D 统一搜索 + 种子知识冷启动 ... - search/recommend API 返回 UnifiedSearchResult (文档+结构化双通道) - POST /api/v1/knowledge/seed 种子知识冷启动 (幂等, admin权限) - seed_knowledge service: 按标题+行业查重, source=distillation - SearchRequest 扩展: search_structured/search_documents/industry_id	2026-04-12 20:46:43 +08:00
iven	f8c5a76ce6	fix(industry): 审计收尾 — MEDIUM + LOW 全部清零 ... M-1: Industries 创建弹窗添加 cold_start_template + pain_seed_categories M-3: industryStore console.warn → createLogger 结构化日志 B2: classify_with_industries 平局打破 + 归一化因子 3.0 文档化 S3: set_account_industries 验证移入事务内消除 TOCTOU T1: 4 个 SaaS 请求类型添加 deny_unknown_fields I3: store_trigger_experience Debug 格式 → signal_name 描述名 L-1: 删除 Accounts.tsx 死代码 editingIndustries L-3: Industries.tsx filters 类型补全 source 字段	2026-04-12 20:37:48 +08:00
iven	76f6011e0f	fix(industry): 二次审计修复 — 2 CRITICAL + 4 HIGH + 2 MEDIUM ... C-1: Industries.tsx 创建弹窗缺少 id 字段 → 添加 id 输入框 + 自动生成 C-2: Accounts.tsx handleSave 无 try/catch → 包装 + handleClose 统一关闭 V1: viking_commands Mutex 跨 await → 先 clone Arc 再释放 Mutex I1: intelligence_hooks 误导性"相关度" → 移除 access_count 伪分数 I2: pain point 摘要未 XML 转义 → xml_escape() 处理 S1: industry status 无枚举验证 → active/inactive 白名单 S2: create_industry id 无格式验证 → 正则 + 长度检查 H-3: Industries.tsx 编辑模态数据竞争 → data.id === industryId 守卫 H-4: Accounts.tsx useEffect 覆盖用户编辑 → editingId 守卫	2026-04-12 20:13:41 +08:00
iven	60062a8097	feat(knowledge): Phase B+C 文档提取器 + multipart 文件上传 ... - PDF 提取 (pdf-extract) + DOCX 提取 (zip+quick-xml) + Excel 解析 (calamine) - 统一格式路由 detect_format() → RAG 通道或结构化通道 - POST /api/v1/knowledge/upload multipart 文件上传 - PDF/DOCX/Markdown → RAG 管线，Excel → structured_rows JSONB - 结构化数据源 CRUD API (GET/DELETE /api/v1/structured/sources) - POST /api/v1/structured/query JSONB 关键词查询 - 修复 industry/service.rs SaasError::Database 类型不匹配	2026-04-12 19:25:24 +08:00
iven	fbc8c9fdde	fix(industry): 审计修复 — 4 CRITICAL + 5 HIGH 全部解决 ... C1: SaaS industry/service.rs SQL 注入风险 → 参数化查询 ($N 绑定) C2: INDUSTRY_CONFIGS 死链 → Kernel 共享 Arc 接通 ButlerRouter C3: IndustryListItem 缺 keywords_count → SQL 查询 + 类型补全 C4: set_account_industries 非事务性 → batch 验证 + 事务 DELETE+INSERT H8: Accounts.tsx mutate 竞态 → mutateAsync 顺序等待 H9: XML 注入未转义 → xml_escape() 辅助函数 H10: update_industry 覆盖 source → 保留原始值 H11: 面包屑缺少 /industries → 添加行业配置映射	2026-04-12 19:06:19 +08:00
iven	c3593d3438	feat(knowledge): Phase A 知识库可见性隔离 + 结构化数据源 + 蒸馏Worker ... - knowledge_items 增加 visibility(public/private) + account_id 字段 - 新建 structured_sources + structured_rows 表 (Excel JSONB 行级存储) - 结构化数据源 CRUD API (5 路由: list/get/rows/delete/query) - 安全查询: JSONB GIN 索引 + 可见性过滤 + 行数限制 - 蒸馏 Worker: 复用 Provider Key Pool 调 DeepSeek/Qwen API - L0 质量过滤: 长度/隐私检测 - create_item 增加 is_admin 参数控制可见性默认值 - generate_embedding: extract_keywords_from_text 改为 pub 复用 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-12 18:36:05 +08:00
iven	b357916d97	feat(intelligence): Phase 5 主动行为激活 — 注入格式 + 跨会话连续性 + 触发持久化 ... Task 5.1+5.4: ButlerRouter/experience 注入格式升级为 <butler-context> XML fencing - butler_router: [路由上下文] → <butler-context><routing>...</routing></butler-context> - experience: [过往经验] → <butler-context><experience>...</experience></butler-context> - 统一 system-note 提示，引导 LLM 自然运用上下文 Task 5.2: 跨会话连续性 — pre_conversation_hook 注入活跃痛点 + 相关经验 - 从 VikingStorage 检索相关记忆(相似度>=0.3) - 从 pain_aggregator 获取 High severity 痛点(top 3) Task 5.3: 触发信号持久化 — post_conversation_hook 将触发信号存入 VikingStorage - store_trigger_experience(): 模板提取，零 LLM 成本 - 为未来 LLM 深度反思积累数据基础	2026-04-12 18:31:37 +08:00
iven	29fbfbec59	feat(intelligence): Phase 2 学习循环基础 — 触发信号 + 经验行业维度 ... - 新增 triggers.rs: 5 种触发信号（痛点确认/正反馈/复杂工具链/用户纠正/行业模式） - ExperienceStore 增加 industry_context + source_trigger 字段 - experience.rs format_for_injection 支持行业标签 - intelligence_hooks.rs 集成触发信号评估 - 17 个测试全通过 (7 trigger + 10 experience)	2026-04-12 15:52:29 +08:00
iven	5d1050bf6f	feat(industry): Phase 1 行业配置基础 — 数据模型 + 四行业内置配置 + ButlerRouter 动态关键词 ... - 新增 SaaS industry 模块 (types/service/handlers/mod/builtin) - 4 行业内置配置: healthcare/education/garment/ecommerce - 数据库迁移: industries + account_industries 表 - 8 个 API 端点 (CRUD + 用户行业关联) - ButlerRouter 改造: 支持 IndustryKeywordConfig 动态注入 - 12 个测试全通过 (含动态行业分类测试)	2026-04-12 15:42:35 +08:00
iven	5599cefc41	feat(saas): 接通 embedding 模型管理全栈 ... 数据库 migration 已有 is_embedding/model_type 列但全栈未使用。 打通 4 层: ModelRow → ModelInfo/CRUD → CachedModel → Admin 前端。 relay/models 端点也返回 is_embedding 字段，前端可按类型过滤。	2026-04-12 08:10:50 +08:00
iven	9e0aa496cd	fix(runtime): 修复 Skill/MCP 调用链路3个断点 ... 1. Anthropic Driver ToolResult 格式修复 — ContentBlock 添加 ToolResult 变体, tool_call_id 不再被丢弃, 按 Anthropic API 规范发送 tool_result 格式 2. 前端 callMcpTool 参数名对齐 — serviceName/toolName/args 改为 service_name/tool_name/arguments, 后端支持 service_name 精确路由 3. MCP 工具桥接到 ToolRegistry — McpToolAdapter 添加 service_name/clone, 新建 McpToolWrapper 实现 Tool trait, Kernel 添加 mcp_adapters 共享状态, McpManagerState 与 Kernel 共享同一 Arc<RwLock<Vec>>, MCP 服务启停时 自动同步工具列表到 LLM 可见的 ToolRegistry	2026-04-11 16:20:38 +08:00
iven	d50d1ab882	feat(kernel): agent_get 返回值扩展 UserProfile 字段 ... - AgentInfo 增加 user_profile: Option<Value> (serde default) - SqliteStorage 增加 pool() getter - agent_get 命令查询 UserProfileStore 填充 user_profile - 前端 AgentInfo 类型同步更新 复用已有 UserProfileStore，不新增 Tauri 命令。	2026-04-11 12:51:27 +08:00
iven	25a4d4e9d5	fix(saas): 新用户 llm_routing 默认改为 relay 使 SaaS token pool 成为主路径 ... - handlers.rs: SQL INSERT 和 LoginResponse 中 'local' → 'relay' - 新增 migration: ALTER llm_routing SET DEFAULT 'relay' - 符合管家式服务理念：用户无需配置 API Key，SaaS 自动中转	2026-04-11 02:05:27 +08:00
iven	1e675947d5	feat(butler): upgrade ButlerRouter to semantic skill routing ... Replace keyword-only ButlerRouter with SemanticSkillRouter (TF-IDF). 75 skills now participate in intent classification instead of 4 hardcoded domains. - Expose ButlerRouterBackend trait + RoutingHint as pub - Add with_router() constructor for injecting custom backends - Add SemanticRouterAdapter in kernel layer (bridges skills ↔ runtime) - Enhance context injection with skill-level match info	2026-04-10 21:24:30 +08:00
iven	88cac9557b	fix(saas): P0-2/P0-3 — usage endpoint + refresh token type mismatch ... P0-2: GET /usage 500 "text >= timestamptz" — usage_records.created_at is TEXT in actual DB despite migration declaring TIMESTAMPTZ. Fixed by using dynamic SQL with ::timestamptz explicit casts for all date comparisons, avoiding sqlx NULL-without-type-OID binding issues. P0-3: POST /auth/refresh 500 — refresh_tokens.expires_at/used_at are TEXT columns. Added ::timestamptz cast to SQL queries in auth handlers and cleanup worker.	2026-04-10 16:25:52 +08:00
iven	b0e6654944	fix: P0-01/P1-01/P1-03 — account lockout, token revocation, optional display_name ... - P0-01: Account lockout now enforced via SQL-level comparison (locked_until > NOW()) instead of broken RFC3339 text parsing - P1-01: Logout handler accepts JSON body with optional refresh_token, revokes ALL refresh tokens for the account (not just current) - P1-03: Provider display_name is now optional, falls back to name All 6 smoke tests pass (S1-S6).	2026-04-10 12:13:53 +08:00
iven	99262efca4	test: execute 30 smoke tests + fix P0 CSS break + BREAKS.md report ... Layer 1 break detection results (21/30 pass, 63%): - SaaS API: 5/5 pass (S3 skip no LLM key) - Admin V2: 5/6 pass (A6 flaky auth guard) - Desktop Chat: 3/6 pass (D1 no chat response in browser; D2/D3 skip non-Tauri) - Desktop Feature: 6/6 pass - Cross-System: 2/6 pass (4 blocked by login rate limit 429) Bugs found: - P0-01: Account lockout not enforced (locked_until set but not checked) - P1-01: Refresh token still valid after logout - P1-02: Desktop browser chat no response (stores not exposed) - P1-03: Provider API requires display_name (undocumented) Fixes applied: - desktop/src/index.css: @import -> @plugin for Tailwind v4 compatibility - Admin tests: correct credentials admin/admin123 from .env - Cross tests: correct dashboard endpoint /stats/dashboard	2026-04-10 11:26:13 +08:00
iven	2e70e1a3f8	test: add 30 smoke tests for break detection across SaaS/Admin/Desktop ... Layer 1 断裂探测矩阵: - S1-S6: SaaS API 端到端 (auth/lockout/relay/permissions/billing/knowledge) - A1-A6: Admin V2 连通性 (login/dashboard/CRUD/knowledge/roles/models) - D1-D6: Desktop 聊天流 (gateway/kernel/relay/cancel/offline/error) - F1-F6: Desktop 功能闭环 (agent/hands/pipeline/memory/butler/skills) - X1-X6: 跨系统闭环 (provider→desktop/disabled user/knowledge/stats/totp/billing) Also adds: admin-v2 Playwright config, updated spec doc with cross-reference Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-10 09:47:35 +08:00
iven	ffa137eff6	test(saas): add 8 model config extended tests — encryption, groups, quota ... - API Key encryption at rest: verify enc: prefix in DB for provider keys and main provider api_key - Key pool: toggle active/inactive + delete with DB state verification - Model Groups: full CRUD lifecycle + cascade delete + user permission - Quota enforcement: relay_requests exhaustion verified at DB level (middleware test infra issue noted — DB state confirmed correct) - Provider disable: model hidden from relay/models list after disable	2026-04-10 09:20:06 +08:00
iven	c37c7218c2	test(saas): add 36 security/validation/permission tests (184 total, 0 failures) ... New test files: - auth_security_test.rs (12): account lockout DB state, lockout reset, password version invalidation, disabled account, refresh token revocation, boundary validation (username/password), role enforcement, TOTP 2FA flow - account_security_test.rs (9): role management, privilege escalation prevention, account disable/enable, cross-account access control, operation logs - relay_validation_test.rs (8): input validation (missing fields, empty messages, invalid roles), disabled provider, model listing, task isolation - permission_matrix_test.rs (7): super_admin full access, user allowed/ forbidden endpoints, public endpoints, unauthenticated rejection, API token lifecycle Discovered: account lockout runtime check broken — handlers.rs:213 parse_from_rfc3339 fails on PostgreSQL TIMESTAMPTZ::TEXT format, silently skipping lockout. DB state is correct but login not rejected.	2026-04-10 08:11:02 +08:00
iven	ba586e5aa7	fix: BUG-009/010/011 — DataMasking, cancel button, SQL casts ... BUG-009 (P1): Add frontend DataMasking in saas-relay-client.ts - Masks ID cards, phones, emails, money, company names before relay - Unmasks tokens in AI response so user sees original data - Mirrors Rust DataMasking middleware patterns BUG-010 (P3): Send button transforms to Stop during streaming - Shows square icon when isStreaming, calls cancelStream() - Normal arrow icon when idle, calls handleSend() BUG-011 (P2): Add ::timestamptz casts for old TEXT timestamp columns - account/handlers.rs: dashboard stats query - telemetry/service.rs: reported_at comparisons - workers/aggregate_usage.rs: usage aggregation query	2026-04-09 23:45:19 +08:00
iven	bf728c34f3	fix: saasStore require() bug + health check pool formula + DEV error details ... - saasStore.ts: replace require('./chat/conversationStore') with await import() to fix ReferenceError in Vite ESM environment (P1) - main.rs: fix health check pool usage formula from max_connections - num_idle to pool.size() - num_idle, preventing false "degraded" status (P1) - error.rs: show detailed error messages in ZCLAW_SAAS_DEV=true mode - Update bug tracker with BUG-003 through BUG-007	2026-04-09 22:23:05 +08:00
iven	bd6cf8e05f	fix(saas): add ::bigint cast to all SUM() aggregates for PG NUMERIC compat ... PostgreSQL SUM() on bigint returns NUMERIC, causing sqlx decode errors when Rust expects i64/Option<i64>. Root cause: key_pool.rs select_best_key() token_count SUM was missing ::bigint, causing DATABASE_ERROR on every relay request. Fixed in 4 files: - relay/key_pool.rs: SUM(token_count) — root cause of relay failure - relay/service.rs: SUM(remaining_rpm) in sort_candidates_by_quota - account/handlers.rs: SUM(input/output_tokens) in dashboard stats - workers/aggregate_usage.rs: SUM(input/output_tokens) in aggregation	2026-04-09 22:16:27 +08:00
iven	a081a97678	fix(relay): audit fixes — abort signal, model selector guard, SSE CRLF, SQL format ... Addresses findings from deep code audit: H-1: Pass abortController.signal to saasClient.chatCompletion() so user-cancelled streams actually abort the HTTP connection (was only stopping the read loop, leaving server-side SSE connection open). H-2: ModelSelector now shows only when (!isTauriRuntime() || isLoggedIn). Prevents decorative model list in Tauri local kernel mode where model selection has no effect (violates CLAUDE.md §5.2). M-1: Normalize CRLF to LF before SSE event boundary parsing (\n\n). Prevents buffer overflow when behind nginx/CDN with CRLF line endings. M-2: SQL window_minute comparison uses to_char(NOW()-interval, format) instead of (NOW()-interval)::TEXT, matching the stored format exactly. M-3: sort_candidates_by_quota uses same sliding 60s window as select_best_key. LOW: Fix misleading invalidate_cache doc comment.	2026-04-09 19:51:34 +08:00
iven	e6eb97dcaa	perf(relay): full-chain optimization — key pool, model sync, SSE stream ... Phase 1 (Key Pool correctness): - RPM: fixed-minute window → sliding 60s aggregation (prevents 2x burst) - Remove fallback-to-provider-key bypass when all keys rate-limited - SSE semaphore: 16→64 permits, cleanup delay 60s→5s - Default 429 cooldown: 5min→60s (better for Coding Plan quotas) - Expire old key_usage_window rows on record Phase 2 (Frontend model sync): - currentModel empty-string fallback to glm-4-flash-250414 in relay client - Merge duplicate listModels() calls in connectionStore SaaS path - Show ModelSelector in Tauri mode when models available - Clear currentModel on SaaS logout Phase 3 (Relay performance): - Key Pool: DashMap in-memory cache (TTL 5s) for select_best_key - Cache invalidation on 429 marking Phase 4 (SSE stream): - AbortController integration for user-cancelled streams - SSE parsing: split by event boundaries (\n\n) instead of per-line - streamStore cancelStream adapts to 0-arg and 1-arg cancel fns	2026-04-09 19:34:02 +08:00
iven	4b15ead8e7	feat(hermes): implement intelligence pipeline — 4 chunks, 684 tests passing ... Hermes Intelligence Pipeline closes breakpoints in ZCLAW's existing intelligence components with 4 self-contained modules: Chunk 1 — Self-improvement Loop: - ExperienceStore (zclaw-growth): FTS5+TF-IDF wrapper with scope prefix - ExperienceExtractor (desktop/intelligence): template-based extraction from successful proposals with implicit keyword detection Chunk 2 — User Modeling: - UserProfileStore (zclaw-memory): SQLite-backed structured profiles with industry/role/expertise/comm_style/recent_topics/pain_points - UserProfiler (desktop/intelligence): fact classification by category (Preference/Knowledge/Behavior) with profile summary formatting Chunk 3 — NL Cron Chinese Time Parser: - NlScheduleParser (zclaw-runtime): 6 pattern matchers for Chinese time expressions (每天/每周/工作日/间隔/每月/一次性) producing cron expressions - Period-aware hour adjustment (下午3点→15, 晚上8点→20) - Schedule intent detection + task description extraction Chunk 4 — Trajectory Compression: - TrajectoryStore (zclaw-memory): trajectory_events + compressed_trajectories - TrajectoryRecorderMiddleware (zclaw-runtime/middleware): priority 650, async non-blocking event recording via tokio::spawn - TrajectoryCompressor (desktop/intelligence): dedup, request classification, satisfaction detection, execution chain JSON Schema migrations: v2→v3 (user_profiles), v3→v4 (trajectory tables)	2026-04-09 17:47:43 +08:00
iven	0883bb28ff	fix: validation hardening — agent import prompt limit, relay retry tracking, heartbeat validation ... - agent_import: add system_prompt length validation (max 50K chars) to prevent excessive token consumption from imported configs - relay retry_task: wrap JoinHandle to log abort on server shutdown - device_heartbeat: validate device_id length (1-64 chars) matching register endpoint constraints	2026-04-09 17:24:36 +08:00
iven	3f2acb49fb	fix: pre-release audit fixes — Twitter OAuth, DataMasking perf, Prompt versioning ... - Twitter like/retweet: return explicit unavailable error instead of sending doomed Bearer token requests (would 403 on Twitter API v2) - DataMasking: pre-compile regex patterns with LazyLock (was compiling 6 patterns on every mask() call) - Prompt version: fix get_version handler ignoring version path param, add service::get_version_by_number for correct per-version retrieval	2026-04-09 16:43:24 +08:00
iven	646d8c21af	fix(butler): wire verification gaps — pain storage init, cold start, UI mode switches ... - Call init_pain_storage() in Tauri .setup() so pain persistence activates on boot - Integrate useColdStart hook into FirstConversationPrompt for auto-greeting - Add UI mode toggle section to Settings/General (already had imports) - Add "简洁" mode switch-back button to TopBar in professional layout - Update SemanticSkillRouter @reserved annotation to reflect active status	2026-04-09 10:38:49 +08:00
iven	ffaee49d67	feat(middleware): add butler router for semantic skill routing ... New ButlerRouterMiddleware (priority 80) intercepts user messages, classifies intent using keyword-based domain detection, and injects routing context into the system prompt. Supports healthcare, data report, policy compliance, and meeting coordination domains. - New: butler_router.rs — keyword classifier + MiddlewareContext injection - Registered in Kernel::create_middleware_chain() at priority 80 - 9 tests passing (classification + middleware integration)	2026-04-09 09:26:48 +08:00
iven	adcce0d70c	fix: 4 pre-release bug fixes — identity override, model config, agent sync, auto-identity ... P1: identity.rs get_identity() returns empty soul/instructions for agents without explicit identity files. This prevents the default ZCLAW personality from overriding agent_config.system_prompt. New get_identity_or_default() method added for the DEFAULT agent. P2: messaging.rs now uses agent_config.model.model when available, falling back to global Kernel config. This allows per-agent model selection. P2: agentStore.ts loadClones retries up to 3 times (300ms interval) when getClient() returns null, handling the coordinator initialization race. P2: agent_create Tauri command auto-populates identity files (soul + instructions) from creation parameters, ensuring build_system_prompt() has content for new agents. Also fixes conversationStore upsertActiveConversation to persist generated conversation IDs, preventing duplicate entries on new conversations.	2026-04-08 21:47:46 +08:00
iven	de2d3e3a11	fix(runtime): add 30s timeout to tool execution in AgentLoop ... Tool execution (ShellExec, WebFetch, etc.) had no timeout, causing the entire streaming response to hang indefinitely when a tool fails or stalls. Now wraps execute_tool calls in tokio::time::timeout(30s) with a graceful error message on timeout.	2026-04-08 20:44:52 +08:00
iven	ade534d1ce	feat: 添加MCP调试插件并优化流式超时处理 ... refactor(relay): 将Provider Key管理路由移至model_config模块 fix(saas): 修复demo_keys与provider_keys的匹配逻辑 perf(runtime): 将流式响应超时从60秒延长至180秒以适配思考型模型 docs: 新增模块化审计和上线前功能测试方案文档 chore: 添加tauri-plugin-mcp依赖及相关配置	2026-04-08 13:39:06 +08:00
iven	eab9b5fdcc	fix(saas): WorkerDispatcher registration race — consumer starts after all workers registered ... Root cause: start_consumer() was called in new() before any register() calls, so the consumer's cloned HashMap was always empty. Workers like log_operation and record_usage were never found, causing "Unknown worker" errors. - Add WorkerDispatcher::start() method to be called after all register()s - Update main.rs to call dispatcher.start() after 7 workers registered	2026-04-08 08:33:54 +08:00
iven	f9303ae0c3	fix(saas): SQL type cast fixes for E2E relay flow ... - key_pool.rs: cast cooldown_until to timestamptz for comparison with NOW() - key_pool.rs: cast request_count to bigint (INT4→INT8) for sqlx decoding - service.rs: cast cooldown_until to timestamptz in quota sort query - scheduler.rs: cast last_seen_at to timestamptz in device cleanup - totp.rs: use DateTime<Utc> instead of rfc3339 string for updated_at	2026-04-07 22:24:19 +08:00
iven	ab0e11a719	fix(saas): Phase 5 regression fixes — SQL type casts + test data corrections ... - Fix usage_stats SQL: add ::timestamptz cast for Option<String> params - Fix usage_stats SQL: add ::bigint cast for COALESCE(SUM(...)) - Fix telemetry INSERT: add ::timestamptz cast for reported_at column - Fix config_analysis_empty test: seed data makes total_items > 0 - Fix key_pool_crud test: key_value must be >= 20 chars - Fix SkillManifest test helpers: add missing tools field All 1048 tests pass: 580 Rust + 138 SaaS + 330 Desktop Vitest	2026-04-07 19:21:45 +08:00
iven	7de486bfca	test(saas): Phase 1 integration tests — billing + scheduled_task + knowledge (68 tests) ... - Fix TIMESTAMPTZ decode errors: add ::TEXT cast to all SELECT queries where Row structs use String for TIMESTAMPTZ columns (~22 locations) - Fix Axum 0.7 route params: {id} → :id in billing/knowledge/scheduled_task routes - Fix JSONB bind: scheduled_task INSERT uses ::jsonb cast for input_payload - Add billing_test.rs (14 tests): plans, subscription, usage, payments, invoices - Add scheduled_task_test.rs (12 tests): CRUD, validation, isolation - Add knowledge_test.rs (20 tests): categories, items, versions, search, analytics, permissions - Fix auth test regression: 6 tests were failing due to TIMESTAMPTZ type mismatch Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-07 14:25:34 +08:00
iven	a5b887051d	fix: butler audit critical fixes — pain detection, proposal trigger, URI + data flow ... 5 fixes from focused audit: - Connect analyze_for_pain_signals() to post_conversation_hook (pain points now auto-created) - Add "generate solution" button in InsightsSection for high-confidence pain points (>=0.7) - Fix Memory URI mismatch: viking://agents/ → viking://agent/ (singular) - Remove duplicate .then() chain in useButlerInsights (was destructuring undefined) - Update stale director.rs doc comment (multi-agent now enabled by default)	2026-04-07 10:23:54 +08:00
iven	e1f3a9719e	feat(multi-agent): enable Director + butler delegation (Chunk 4) ... - Enable multi-agent feature by default in desktop build - Add butler delegation logic: task decomposition, expert assignment - Add ExpertTask, DelegationResult, butler_delegate() to Director - Add butler_delegate_task Tauri command bridging Director to frontend - 13 Director tests passing (6 original + 7 new butler tests) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-07 09:21:49 +08:00
iven	8aed363fc8	feat(middleware): add DataMaskingMiddleware — sensitive entity protection (Chunk 3) ... Priority 90 — runs before Compaction@100 and Memory@150. Detects and replaces company names, money amounts, phone numbers, emails, and ID card numbers with deterministic tokens (__ENTITY_N__). External callers can restore originals via DataMasker::unmask().	2026-04-07 08:01:05 +08:00
iven	6d896a5a57	test(growth): add extractor e2e tests — extract → store → find round-trip ... Task 1.1 verification: OpenViking Extractor chain is confirmed working. - Tauri commands registered ✅ - Frontend triggers after each conversation ✅ - Rust extractor with LLM + rule-based fallback ✅ - SqliteStorage persistence verified via 3 new e2e tests All 78 tests in zclaw-growth pass with no regressions.	2026-04-07 02:59:15 +08:00
iven	2fd6d08899	fix: SaaS Admin + Tauri 一致性审查修复 ... - 删除 webhook 死代码模块 (4 文件 + worker，未注册未挂载) - 删除孤立组件 StatusTag.tsx (从未被导入) - authStore 权限模型补全 (scheduler/knowledge/billing 6+ permission key) - authStore 硬编码 logout URL 改为 env 变量 - 清理未使用 service 方法 (agent-templates/billing/roles) - Logs.tsx 代码重复消除 (本地常量 → @/constants/status) - TRUTH.md 数字校准 (Tauri 177→183, SaaS API 131→130)	2026-04-07 01:53:54 +08:00
iven	02c69bb3cf	fix: subagent unique ID matching + AgentState serialization + pre-existing TS errors ... - S-3: Thread task_id (UUID) through all 6 layers (LoopEvent → StreamChatEvent → kernel-types → gateway-client → streamStore) so subtasks are matched by ID, not description string - AgentState: Add #[serde(rename_all = "lowercase")] to fix PascalCase serialization ("Running" → "running"), update frontend matcher - S-1: Remove unused onClose prop from ArtifactPanel + ChatArea call site - Fix hooks/index.ts: remove orphaned useAutomationEvents re-exports (module deleted) - Fix types/index.ts: remove orphaned automation type/value re-exports (module deleted) - Fix ChatArea.tsx: framer-motion 12 + React 19 type compat — use createElement + explicit any return type to avoid unknown-in-JSX-child error Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-06 22:30:16 +08:00
iven	bbbcd7725b	fix: deep audit round 2 — non-streaming mode config + ClarificationCard + settings restructure ... HIGH fixes: - H-NS-1: Non-streaming agent_chat now builds ChatModeConfig and calls send_message_with_chat_mode(), matching the streaming path - H-FE-1: ClarificationCard component renders structured clarification questions with type badge, question text, and numbered options - H-SEM-1: SemanticSkillRouter annotated as @reserved (Phase 3 wiring) MEDIUM fixes: - M-SETTINGS-1: Settings menu restructured with "高级" section separator; skills/audit/tasks/heartbeat/semantic-memory grouped under advanced - M-MAN-1: LoopEvent→StreamChatEvent mapping completeness checklist added as documentation comment in agent_chat_stream loop - M-ORPH-1: Deleted orphaned Automation/ and SkillMarket/ files, plus transitively orphaned types, hooks, and adapters	2026-04-06 18:12:35 +08:00
iven	6a13fff9ec	fix(runtime): deep audit fixes — clarification loop termination + callback alignment ... CRITICAL: - ask_clarification now terminates Agent Loop in both run() and run_streaming() paths, preventing the LLM from continuing after requesting user clarification HIGH: - SaaS relay now forwards plan_mode and subagent_enabled to backend - GatewayClient.chatStream now supports onThinkingDelta, onSubtaskStatus, and token-bearing onComplete — aligned with kernel-types StreamCallbacks - ZclawStreamEvent type extended with thinking_delta, subtask_status variants and input_tokens/output_tokens fields for token tracking via Gateway path	2026-04-06 16:50:48 +08:00
iven	9339b64bae	fix: audit findings — test compilation, artifact pipeline, typo ... - C-1: Add event_sender: None to ToolContext in file_write.rs and file_read.rs test helper functions (compilation fix) - I-1: file_write tool now echoes content preview in output JSON, enabling streamStore.ts artifact auto-creation pipeline to work - S-2: Fix typo "LLM 锥应错误" → "LLM 响应错误" in loop_runner.rs	2026-04-06 15:15:17 +08:00
iven	14c3c963c2	feat: ask_clarification tool + clarification system prompt + progressive skill loading fix ... - New ask_clarification tool (crates/zclaw-runtime/src/tool/builtin/ask_clarification.rs) with 5 clarification types: missing_info, ambiguous_requirement, approach_choice, risk_confirmation, suggestion - Registered as built-in tool in builtin.rs - Added clarification system prompt instructions to messaging.rs system prompt - Fixed messaging.rs skill injection: when SkillIndexMiddleware is active, only inject usage instructions (not full skill list), avoiding duplicate injection - Fixed pre-existing unicode arrow character causing string literal parse error Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-06 13:19:10 +08:00
iven	c3ab7985d2	refactor(skills): progressive skill loading — avoid duplicate injection ... When SkillIndexMiddleware is active, build_system_prompt_with_skills no longer injects the full categorized skill list. Instead it only adds usage instructions, while the middleware handles the lightweight index. This reduces ~2000 tokens per request for the 75-skill system.	2026-04-06 13:11:49 +08:00
iven	9871c254be	feat: sub-agent streaming progress — TaskTool emits real-time status events ... - Rust: LoopEvent::SubtaskStatus variant added to loop_runner.rs - Rust: ToolContext.event_sender field for streaming tool progress - Rust: TaskTool emits started/running/completed/failed via event_sender - Rust: StreamChatEvent::SubtaskStatus mapped in Tauri chat command - TS: StreamEventSubtaskStatus type + onSubtaskStatus callback added - TS: kernel-chat.ts handles subtaskStatus event from Tauri - TS: streamStore.ts wires callback, maps backend→frontend status, updates assistant message subtasks array in real-time	2026-04-06 13:05:37 +08:00