142 Commits

Author	SHA1	Message	Date
iven	f33de62ee8	fix(desktop): add tauri-plugin-mcp setupPluginListeners() for dev debugging ... The tauri-plugin-mcp was registered in Rust but the frontend never called setupPluginListeners(), causing all DOM-related MCP operations (execute_js, query_page, type_text) to timeout. This fix enables proper dev debugging via tauri-mcp tools.	2026-04-05 15:49:12 +08:00
iven	aef4e01499	feat(desktop): add WebMCP debugging tools for structured AI agent access ... Register 15 structured tools via navigator.modelContext (Chrome 146+) for direct state queries without DOM scraping. Reduces token consumption ~67% vs DevTools MCP snapshot-based debugging. Dev mode only. Tools: get_zclaw_state, check_connection, send_message, cancel_stream, get_streaming_state, list_conversations, get_current_conversation, switch_conversation, get_token_usage, get_offline_queue, get_saas_account, get_available_models, get_current_agent, list_agents, get_console_errors Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-05 09:57:32 +08:00
iven	af0acff2aa	fix(desktop): QA 驱动的 6 项缺陷修复 ... P0-C1: SecureStorage 解密失败上限 — 添加 per-key 失败计数器， 超过 2 次自动清除过期加密数据，阻断无限重试循环 P0-C2: Bootstrap 空指针防护 — connectionStore 中 relayModels[0]?.id 添加 null guard，抛出用户友好错误 P1-H1: 侧边栏对话列表去重 — ConversationList 添加按 ID 去重逻辑， 保留最新版本后按 updatedAt 排序 P1-H2: 搜索框过滤生效 — Sidebar 传递 searchQuery 给 ConversationList， 支持按标题和消息内容过滤 P1-H3: 模型选择器 fallback — 当 SaaS 和 config 均无模型时， 提供 6 个默认模型（GLM/GPT/DeepSeek/Qwen/Claude） P1-H4: 详情面板错误友好化 — RightPanel 中 JS 错误替换为 '连接状态获取失败，请重新连接' Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-05 07:57:53 +08:00
iven	3b0ab1a7b7	fix(types): Desktop type safety hardening (TYPE-01) ... - Unify ConnectionState: kernel-types.ts now canonical source with 'handshaking', gateway-types.ts re-exports - PromptTemplateInfo source/status → union literals - PromptVariable.type → union literal - CreateRoleRequest id/permissions → optional - PropertyPanel: replace 13 as any with typed accessor pattern - chatStore: window cast via as unknown as Record	2026-04-05 01:30:29 +08:00
iven	82842c4258	fix(frontend): initializeStores dedup + retryAllMessages guard + as any cleanup ... - index.ts: add _storesInitialized guard to prevent triple initialization - offlineStore.ts: add isRetrying mutex for retryAllMessages concurrency - PropertyPanel.tsx: replace 13x (data as any) with typed d accessor - chatStore.ts: replace window as any with Record<string, unknown> - kernel-*.ts: replace prototype as any with Record<string, unknown> - gateway-heartbeat.ts: delete dead code (9 as any, zero imports)	2026-04-05 01:06:48 +08:00
iven	f846f3d632	fix(tauri): update @reserved annotations + remove dead SaaS client methods ... - Update 9 @reserved → @connected for commands with frontend consumers: zclaw_status, zclaw_start, zclaw_stop, zclaw_restart, zclaw_doctor, viking_add_with_metadata, viking_store_with_summaries, trigger_execute, scheduled_task_create - Remove 10 dead SaaS client methods with zero callers: healthCheck, listDevices (saas-client.ts) getRelayTask, getUsage/relay (saas-relay.ts) listPrompts, getPrompt, listPromptVersions, getPromptVersion (saas-prompt.ts) getPlan, getUsage/billing (saas-billing.ts) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-05 00:22:45 +08:00
iven	1fec8cfbc1	fix(arch): unify TS/Rust types + classroom persistence registration + approval audit ... - M11-03: Register ClassroomPersistence via Tauri .setup() hook with in-memory fallback. Previously missing — classroom commands would crash at runtime. - M3-02: Document BrowserHand as schema validator + TypeScript delegation passthrough (dual-path architecture explicitly documented). - M4-04: Add defense-in-depth audit logging in execute_hand() and execute_hand_with_source() when needs_approval hands bypass approval gate. - TYPE-01: Add #[serde(rename_all = "camelCase")] to Rust AgentInfo. Add missing fields to TS AgentInfo (messageCount, createdAt, updatedAt). Fix KernelStatus TS interface to match Rust KernelStatusResponse (baseUrl/model instead of defaultProvider/defaultModel). - SEC2-P1-01: Document EXTRACTION_DRIVER OnceCell as legacy path; Kernel struct field is the active path. - TriggerSource: Add #[derive(PartialEq)] for approval audit comparisons.	2026-04-04 21:09:02 +08:00
iven	619bad30cb	fix(security): Gemini API key header + Mutex safety + Agent validation ... M1-01: Move Gemini API key from URL query param to x-goog-api-key header, preventing key leakage in logs/proxy/telemetry (matches Anthropic/OpenAI pattern) M1-03/M1-04: Replace Mutex .unwrap() with .unwrap_or_else(|e| e.into_inner()) in MemoryMiddleware and LoopGuardMiddleware — recovers from poison instead of panicking async runtime M2-08: Add input validation to agent_create — reject empty names, out-of-range temperature (0-2), and zero max_tokens M11-06: Replace Date.now() message ID with crypto.randomUUID() to prevent collisions in classroom chat	2026-04-04 19:15:50 +08:00
iven	985644dd9a	fix(memory): FTS5 full-text search + browser hand autonomy gate ... M4-05: Replace LIKE-only search with FTS5-first strategy: - Add memories_fts virtual table (unicode61 tokenizer) - FTS5 MATCH primary path with CJK LIKE fallback - Sync FTS index on store() M3-03: Add autonomy approval check to browserHandStore: - executeTemplate: check canAutoExecute before running - executeScript: check approval gate for JS execution	2026-04-04 18:52:02 +08:00
iven	59f660b93b	fix(hands): add max_concurrent + timeout_secs fields + hand timeout enforcement ... M3-04/M3-05 audit fixes: - HandConfig: add max_concurrent (u32) and timeout_secs (u64) with serde defaults - Kernel execute_hand: enforce timeout via tokio::time::timeout, cancel on expiry - All 9 hand implementations: add max_concurrent: 0, timeout_secs: 0 - Agent createClone: pass soul field through to kernel - Fix duplicate soul block in agent_create command	2026-04-04 18:41:15 +08:00
iven	a644988ca3	fix(desktop): ConfigMigrationWizard PUT 使用 config item ID 替代布尔值 ... M7-02: exists 是 boolean，不能用作 URL 路径参数。 改为使用 saasConfigs.find() 获取完整对象， 用 existing.id 作为 PUT 路径参数。	2026-04-04 18:27:31 +08:00
iven	6d1f2d108a	fix(audit): P1 心跳自启动 + refreshToken body + 类型修复 ... 审计修复 Batch 2 (M4-03/M7-04/M11-01): M4-03: 心跳引擎自动启动 - chat.rs auto-init 块: engine 创建后立即 start() - 通过 engines.get() 获取引用避免 move 后使用 M7-04: refreshToken 发送 body 修复 - SaaSClient 新增 refreshTokenValue 存储 refresh_token - refreshToken() 发送 { refresh_token } body - SaaSRefreshResponse 新增 refresh_token 字段 - login/register 自动存储 refresh_token - 添加 getRefreshToken/setRefreshToken 访问器 M11-01: blocking_lock 死锁修复 (已存在) - 确认 try_lock + Result 匹配模式已正确	2026-04-04 18:26:10 +08:00
iven	05762261be	fix(audit): P0 反思引擎 LLM 接入 + P1 hand run_id/skill triggers/pipeline v2 ... 审计修复 Batch 1 (M4-02/M3-01/M5-01/M6-02): P0 M4-02: reflection_reflect 从 KernelState 获取 LLM driver - 新增 kernel_state 参数，从 kernel.driver() 获取驱动 - 自动路径(post_conversation_hook)已正常，手动 Tauri 命令路径已修复 P1 M3-01: hand_execute 返回 run_id 给前端 - HandResult 新增 run_id 字段 - execute_hand 结果包含 run_id.to_string() P1 M5-01: skill-discovery 使用后端 triggers 字段 - BackendSkillInfo 新增 triggers 字段 - convertFromBackend 优先使用 triggers，fallback tags P1 M6-02: pipeline_list 支持 v2 YAML 格式 - scan_pipelines_with_paths 增加 v2 fallback 解析 - 新增 pipeline_v2_to_info 转换函数 - discovery.rs 导入 parse_pipeline_v2_yaml 注: M4-01 双数据库问题已在之前批次修复 M6-01 route_intent 已确认注册，审计结论过时	2026-04-04 18:11:21 +08:00
iven	a6902c28f5	: ChatArea TS2322 workaround + SubscriptionPanel component ... The ChatArea.tsx toolSteps/subtasks rendering uses helper functions to avoid TypeScript strict mode && chain producing unknown type in JSX children. Add SubscriptionPanel component for subscription status display in SaaS billing section.	2026-04-04 13:39:11 +08:00
iven	9f8b0ba375	fix(desktop): fix ChatArea TSx type narrowing for toolSteps and subtasks ... unknown→ unknown ReactNode error	2026-04-04 12:39:45 +08:00
iven	894c0d7b15	feat(desktop): pipeline result preview + industry templates + onboarding auto-trigger ... Sprint 2: 产品体验打磨 + 行业模板 - Create PipelineResultPreview component with tab-based output switching - Connect workflow/hand messages to PresentationContainer in ChatArea - Add auto-trigger first Hand after onboarding (industry-specific queries) - Seed 3 industry agent templates (education, healthcare, design-shantou) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-04 10:48:47 +08:00
iven	eac1d9449e	feat(desktop): add billing frontend — plans, subscription, payment flow ... Sprint 1: Desktop 计费闭环 - Add 7 billing types to saas-types.ts (BillingPlan, Subscription, UsageQuota, etc.) - Add 6 billing API methods to saas-billing.ts (listPlans, getSubscription, createPayment, etc.) - Extend saas-client.ts with interface merging for billing methods - Extend saasStore with billing state/actions (plans, subscription, payment polling) - Create PricingPage component with plan cards, usage bars, and checkout modal - Add billing page entry in SettingsLayout (CreditCard icon + route) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-04 10:48:33 +08:00
iven	be0a78a523	feat(saas): add model groups for cross-provider failover ... Model Groups provide logical model names that map to multiple physical models across providers, with automatic failover when one provider's key pool is exhausted. Backend: - New model_groups + model_group_members tables with FK constraints - Full CRUD API (7 endpoints) with admin-only write permissions - Cache layer: DashMap-backed CachedModelGroup with load_from_db - Relay integration: ModelResolution enum for Direct/Group routing - Cross-provider failover: sort_candidates_by_quota + OnceLock cache - Relay failure path: record failure usage + relay_dequeue (fixes queue counter leak that caused connection pool exhaustion) - add_group_member: validate model_id exists before insert Frontend: - saas-relay-client: accept getModel() callback for dynamic model selection - connectionStore: prefer conversationStore.currentModel over first available Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-04 09:56:21 +08:00
iven	769bfdf5d6	fix(desktop): 修复 10 个 agent 对话测试发现的缺陷 ... - BUG-001+002 P0: 模型选择器合并 SaaS 可用模型列表 - BUG-003 P1: 修复 relay 错误消息重复显示 - BUG-005 P1: 设置页面显示实际连接模式和地址 - BUG-006 P2: 统一 UI 语言为中文 - BUG-009 P3: 错误时隐藏建议按钮 - BUG-010 P3: 密码切换按钮添加 aria-label Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-04 01:31:28 +08:00
iven	912f117ea3	feat(desktop): wire MCP client to settings UI ... - MCPServices.tsx now calls real Tauri commands (start/stop/list) instead of only toggling config flags - Show running service count, discovered tools per service - Expand/collapse tool list for each running MCP service - Extended QuickConfig mcpServices type with command/args/env/cwd - Config change persists enabled state, MCP start/stop happens live	2026-04-04 01:30:13 +08:00
iven	276ec3ca94	chore(desktop): remove dead active-learning frontend code ... Zero imports across codebase — never wired to any UI or Tauri command. Rust Growth crate handles memory/summary generation instead.	2026-04-04 00:38:13 +08:00
iven	1c99e5f3a3	fix(browser): stability enhancements + MCP frontend client ... S7 Browser Hand: - Remove dead code: browser/actions.rs (314 lines of unused BrowserAction/ActionResult types) - Fix browser_scrape_page: log failed selector matches instead of silently swallowing errors - Fix element_to_info: document known limitation for always-None location/size fields - Fix browserHandStore: reuse activeSessionId in executeScript/takeScreenshot/executeTemplate instead of creating orphan Browser sessions - Add Browser.connect(sessionId) method for session reuse MCP Frontend: - Add desktop/src/lib/mcp-client.ts (77 lines) — typed client for MCP Tauri commands (startMcpService, stopMcpService, listMcpServices, callMcpTool) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-03 22:16:12 +08:00
iven	264dc75b2c	fix(production-readiness): audit fixes — duplicate useState + route mismatch + stale @reserved ... - ChatArea.tsx: remove duplicate useState(searchOpen) declaration on line 70 - scheduled_task/mod.rs: fix route from /api/scheduler/tasks to /api/v1/scheduler/tasks (matches admin-v2 service baseURL pattern and all other modules) - scheduled_task/handlers.rs: remove @reserved annotations (now has Admin V2 frontend) - scheduled_task/handlers.rs: update doc comments with correct /api/v1/ paths	2026-04-03 21:41:30 +08:00
iven	4281ce35b4	fix(saas): remove hardcoded model fallback — dynamic from available models ... - service.rs: template model passed as-is (Option<String>), no hardcoded fallback - saas-types.ts: AgentConfigFromTemplate.model → string | null - agentStore.ts: when model is null, resolve from saasStore.availableModels[0] - AgentOnboardingWizard.tsx: restore full file (was corrupted), apply assignTemplate try/catch fix	2026-04-03 21:38:15 +08:00
iven	2ceeeaba3d	fix(production-readiness): 3-batch production readiness cleanup — 12 tasks ... Batch 1 — User-facing fixes: - B1-1: Pipeline verified end-to-end (14 Rust commands, 8 frontend invoke, fully connected) - B1-2: MessageSearch restored to ChatArea with search button in DeerFlow header - B1-3: Viking cleanup — removed 5 orphan invokes (no Rust impl), added addWithMetadata + storeWithSummaries methods + summary generation UI - B1-4: api-fallbacks transparency — added _isFallback markers + console.warn to all 6 fallback functions Batch 2 — System health: - B2-1: Document drift calibration — TRUTH.md/README.md numbers verified and updated - B2-2: @reserved annotations on 15 SaaS handler functions with no frontend callers - B2-3: Scheduled Task Admin V2 — new service + page + route + sidebar navigation - B2-4: TRUTH.md Pipeline/Viking/ScheduledTask records corrected Batch 3 — Long-term quality: - B3-1: hand_run_status/hand_run_list verified as fully implemented (not stubs) - B3-2: Identity snapshot rollback UI added to RightPanel - B3-3: P2 code quality — 4 fixes (TODO comments, fire-and-forget notes, design notes, table name validation), 2 verified N/A, 1 upstream - B3-4: Config PATCH→PUT alignment (admin-v2 config.ts matched to SaaS backend)	2026-04-03 21:34:56 +08:00
iven	22b967d2a6	docs(features): v0.10.1/v0.10.2 数字校准 + 行业模板文档更新 ... - README.md: SKILL 76→75, Tauri 命令 175→171, SaaS API 58→131, Workers 5→7, 数据表 25→34, Admin 11→13 页面 - 00-saas-overview.md: Agent Template 新增 5 个端点文档、种子数据表、端到端数据流图 - roadmap.md: 同步最新数字 - fix(saasStore): toTopRequired → totpRequired 拼写修复	2026-04-03 21:29:44 +08:00
iven	edecd4c81f	fix(saas): deep audit round industry template system - critical fixes ... C1: Use backend createAgentFromTemplate API + tools forwarding C3: seed source='builtin' instead of 'custom' C4: immutable clone data handling (return fresh from store) + spread) H3: assignTemplate error propagation (try/catch) H4: input validation for name/fields H5: assign_template account existence check H6: remove dead route get_full_template H7: model fallback gpt-4o-mini (hardcoded constant) H8: logout clears template state H9: console.warn -> structured logger C2: restoreSession fetches assignedTemplate	2026-04-03 19:45:25 +08:00
iven	0857a1f608	feat(desktop): wire template welcome_message + quick_commands to chat UI ... - Add welcomeMessage/quickCommands fields to Clone interface - Persist template welcome/quick data via updateClone after creation - FirstConversationPrompt: prefer template-provided welcome message over dynamically generated one - FirstConversationPrompt: render template quick_commands as chips instead of hardcoded QUICK_ACTIONS when available - Tighten assign/unassign template endpoint permissions from model:read to relay:use (self-service operation for all authenticated users)	2026-04-03 15:20:15 +08:00
iven	1048901665	fix(saas): industry template audit fixes + pgvector optional + relay timeout ... - Fix seed template tools to match actual runtime tool names (file_read/file_write/shell_exec/web_fetch) - Persist system_prompt/temperature/max_tokens via identity system in agentStore.createFromTemplate() - Fire-and-forget assignTemplate() in AgentOnboardingWizard - Fix saas-relay-client unused variable warning - Make pgvector extension optional in knowledge_base migration - Increase StreamBridge timeout from 30s to 90s for thinking models	2026-04-03 15:10:13 +08:00
iven	ea00c32c08	feat(saas): industry agent template assignment system ... Phase 1-8 of industry-agent-delivery plan: - DB migration: accounts.assigned_template_id (ON DELETE SET NULL) - SaaS API: 4 new endpoints (assign/get/unassign/create-agent) - Service layer: assign_template_to_account, get_assigned_template, unassign_template, create_agent_from_template) - Types: AssignTemplateRequest, AgentConfigFromTemplate (capabilities merged into tools) - Frontend SaaS Client: assignTemplate, getAssignedTemplate, unassignTemplate, createAgentFromTemplate - saasStore: assignedTemplate state + login auto-fetch + actions - saas-relay-client: fix unused import and saasUrl reference error - connectionStore: fix relayModel undefined error - capabilities default to glm-4-flash - Route registration: new template assignment routes Cospec and handlers consolidated Build: cargo check --workspace PASS, tsc --noEmit Pass	2026-04-03 13:31:58 +08:00
iven	5b1b747810	fix(desktop): prevent transformCallback crash in browser mode ... Root cause: ChatArea.tsx called listen() from @tauri-apps/api/event directly on component mount without checking isTauriRuntime(). When accessed from a regular browser (not Tauri WebView), window.__TAURI_INTERNALS__ is undefined, causing "Cannot read properties of undefined (reading 'transformCallback')". Solution: - Created lib/safe-tauri.ts with safe wrappers (safeInvoke, safeListen, safeListenEvent, requireInvoke) that gracefully degrade when Tauri IPC is unavailable - Replaced direct listen() call in ChatArea.tsx with safeListenEvent()	2026-04-03 13:00:36 +08:00
iven	564c7ca28f	fix(desktop): guard invoke calls with isTauriRuntime check ... Step 5 (embedding config) and Step 5b (summary driver) in App.tsx bootstrap called invoke() without checking if Tauri IPC is available. When accessing http://localhost:1420/ in a regular browser, this caused "Cannot read properties of undefined (reading 'transformCallback')". Also added __TAURI_INTERNALS__ guard in saasStore kernel config sync.	2026-04-03 12:46:14 +08:00
iven	5c74e74f2a	fix(desktop): component cleanup + dead code removal + DeerFlow ai-elements ... - ChatArea: DeerFlow ai-elements annotations for accessibility - Conversation: remove unused Context, simplify message rendering - Delete dead modules: audit-logger.ts, gateway-reconnect.ts - Replace console.log with structured logger across components - Add idb dependency for IndexedDB persistence - Fix kernel-skills type safety improvements	2026-04-03 00:28:58 +08:00
iven	0a04b260a4	refactor(desktop): ChatStore structured split + IDB persistence + stream cancel ... Split monolithic chatStore.ts (908 lines) into 4 focused stores: - chatStore.ts: facade layer, owns messages[], backward-compatible selectors - conversationStore.ts: conversation CRUD, agent switching, IndexedDB persistence - streamStore.ts: streaming orchestration, chat mode, suggestions - messageStore.ts: token tracking Key fixes from 3-round deep audit: - C1: Fix Rust serde camelCase vs TS snake_case mismatch (toolStart/toolEnd/iterationStart) - C2: Fix IDB async rehydration race with persist.hasHydrated() subscribe - C3: Add sessionKey to partialize to survive page refresh - H3: Fix IDB migration retry on failure (don't set migrated=true in catch) - M3: Fix ToolCallStep deduplication (toolStart creates, toolEnd updates) - M-NEW-2: Clear sessionKey on cancelStream Also adds: - Rust backend stream cancellation via AtomicBool + cancel_stream command - IndexedDB storage adapter with one-time localStorage migration - HMR cleanup for cross-store subscriptions	2026-04-03 00:24:16 +08:00
iven	da438ad868	fix(billing): resolve all audit findings — CSRF, float precision, TOCTOU, error sanitization ... - Add CSRF token protection for mock payment (SHA256 + constant-time verify) - Replace f64 currency conversion with pure integer string parsing (parse_yuan_to_cents) - Move subscription check inside transaction to prevent TOCTOU race - Rewrite increment_usage to use atomic SQL (account_id+period_start WHERE) - Add trade_no format validation in payment callback - Sanitize error messages to prevent sensitive data leakage - Use i32::try_from for WeChat amount conversion (prevent truncation) - Replace window.__ZCLAW_STATS_SYNC_INTERVAL__ with useRef pattern - Replace eprintln/println with tracing macros in lifecycle - Remove unused variable in scheduler - Remove duplicate sha2 and unused hmac from Cargo.toml	2026-04-02 20:04:43 +08:00
iven	28299807b6	fix(desktop): DeerFlow UI — ChatArea refactor + ai-elements + dead CSS cleanup ... ChatArea retry button uses setInput instead of direct sendToGateway, fix bootstrap spinner stuck for non-logged-in users, remove dead CSS (aurora-title/sidebar-open/quick-action-chips), add ai components (ReasoningBlock/StreamingText/ChatMode/ModelSelector/TaskProgress), add ClassroomPlayer + ResizableChatLayout + artifact panel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 19:24:44 +08:00
iven	837abec48a	feat(billing): add usage increment API + wire hand/pipeline execution tracking ... Server side: - POST /api/v1/billing/usage/increment endpoint with dimension whitelist (hand_executions, pipeline_runs, relay_requests) and count validation (1-100) - Returns updated usage quota after increment Desktop side: - New saas-billing.ts mixin with incrementUsageDimension() and reportUsageFireAndForget() (non-blocking, safe for finally blocks) - handStore.triggerHand: reports hand_executions after successful run - PipelinesPanel.handleRunComplete: reports pipeline_runs on completion - SaaSClient type declarations for new billing methods Billing pipeline now covers all three dimensions: relay_requests → relay handler (server-side, real-time) hand_executions → handStore (client-side, fire-and-forget) pipeline_runs → PipelinesPanel (client-side, fire-and-forget)	2026-04-02 02:02:59 +08:00
iven	8263b236fd	refactor(desktop): wire PipelineResultPreview into PipelinesPanel ... Replace the inline ResultModal with the full-featured PipelineResultPreview component. This gives users JSON/Markdown/ Classroom mode switching, file download cards, and classroom export support instead of the previous basic PresentationContainer wrapper. Remove unused ResultModal component and PresentationContainer import. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 01:32:58 +08:00
iven	a851a2854f	feat(desktop): update quick action prompts for education/healthcare/design industries ... Tailor first-conversation prompts to the three target user groups: - Education: AI tool comparison, digital transformation research - Healthcare: administrative optimization proposal - Design/Shantou: toy industry export trend analysis Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-01 23:21:06 +08:00
iven	73ff5e8c5e	feat(desktop): DeerFlow visual redesign + stream hang fix + intelligence client ... DeerFlow frontend visual overhaul: - Card-style input box (white rounded card, textarea top, actions bottom) - Dropdown mode selector (闪速/思考/Pro/Ultra with icons+descriptions) - Colored quick-action chips (小惊喜/写作/研究/收集/学习) - Minimal top bar (title + token count + export) - Warm gray color system (#faf9f6 bg, #f5f4f1 sidebar, #e8e6e1 border) - DeerFlow-style sidebar (新对话/对话/智能体 nav) - Reasoning block, tool call chain, task progress visualization - Streaming text, model selector, suggestion chips components - Resizable artifact panel with drag handle - Virtualized message list for 100+ messages Bug fixes: - Stream hang: GatewayClient onclose code 1000 now calls onComplete - WebView2 textarea border: CSS !important override for UA styles - Gateway stream event handling (response/phase/tool_call types) Intelligence client: - Unified client with fallback drivers (compactor/heartbeat/identity/memory/reflection) - Gateway API types and type conversions	2026-04-01 22:03:07 +08:00
iven	7d4d2b999b	fix: unify logger names in kernel-hands, replace console.error in gateway-api ... - Fix inconsistent 'KernelClient' logger name to 'KernelHands' in listApprovals - Replace console.error with logger.error in gateway-api triggerHand - No functional changes, only logging consistency improvements	2026-03-31 16:29:39 +08:00
iven	f23f6c5f91	refactor(desktop): remove deprecated gatewayStore.ts facade ... - Remove gatewayStore.ts (358-line backward-compat facade) that no components import from - All consumers already use domain-specific stores directly (connectionStore, agentStore, handStore, etc.) - Update store/index.ts comment to remove useGatewayStore reference	2026-03-31 16:21:28 +08:00
iven	97698f54b2	fix(desktop): validate adminRouting with type-safe parsing and logged warnings ... - Add type guard (typeof parsed === 'object' && 'llm_routing' in parsed) before accessing llm_routing - Replace silent catch with log.warn for parse failures - Add 8 unit tests covering valid/invalid/null/malformed inputs	2026-03-31 16:17:29 +08:00
iven	6cae768401	fix(desktop): session persistence — refresh/login/context/empty-content 4-bug fix ... 1. App.tsx: add restoreSession() call on startup to prevent redirect to login page after refresh (isRestoring guard + BootstrapScreen) 2. CloneManager: call syncAgents() after loadClones() to restore currentAgent and conversation history on app load 3. zclaw-memory: add get_or_create_session() so frontend session UUID is persisted directly — kernel no longer creates mismatched IDs 4. openai.rs: assistant message content must be non-empty for Kimi/Qwen APIs — replace empty content with meaningful placeholders Also includes admin-v2 ModelServices unified page (merge providers + models + API keys into expandable row layout)	2026-03-31 13:38:59 +08:00
iven	3e5d64484e	fix(relay): fix llm_routing read path bug and add User-Agent header for Coding Plan ... 1. connectionStore.ts: storedAccount.account.llm_routing → storedAccount.llm_routing - saveSaaSSession stores SaaSAccountInfo directly, not { account: SaaSAccountInfo } - This bug caused admin llm_routing config to never take effect 2. relay/service.rs: add User-Agent: claude-code/1.0 header - Kimi Coding Plan requires recognized coding agent User-Agent - Default reqwest UA is rejected with 403 3. Docs: add llm_routing routing mode explanation and troubleshooting entries	2026-03-31 12:02:32 +08:00
iven	f79560a911	refactor(desktop): split kernel_commands/pipeline_commands into modules, add SaaS client libs and gateway modules ... Split monolithic kernel_commands.rs (2185 lines) and pipeline_commands.rs (1391 lines) into focused sub-modules under kernel_commands/ and pipeline_commands/ directories. Add gateway module (commands, config, io, runtime), health_check, and 15 new TypeScript client libraries for SaaS relay, auth, admin, telemetry, and kernel sub-systems (a2a, agent, chat, hands, skills, triggers). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-31 11:12:47 +08:00
iven	1d9283f335	fix: P0+P1 security and quality fixes ... P0-1: Token refresh race condition — reject all pending requests on refresh failure P0-2: Remove X-Forwarded-For trust in rate limiting — use only ConnectInfo IP P1-3: Template grid reactive — use useSaaSStore() hook instead of getState() P1-4: Agent Template detail modal — show emoji, personality, soul_content, welcome_message, communication_style, source_id, scenarios, version P1-5: adminRouting parse validation — type-safe llm_routing extraction from localStorage P1-6: Remove unused @ant-design/charts dependency P1-extra: Type addKeyMutation data parameter (replace any) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-31 09:17:04 +08:00
iven	c9b9c5231b	feat(desktop): integrate SaaS llm_routing, template API, and onboarding template selection ... - Add AgentTemplateAvailable/AgentTemplateFull types and fetchAvailableTemplates/fetchTemplateFull API methods to saas-client - Add llm_routing field to SaaSAccountInfo for admin-configured routing priority - Add availableTemplates state and fetchAvailableTemplates action to saasStore with background fetch on login - Add admin llm_routing priority check in connectionStore connect() to force relay or local mode - Add createFromTemplate action to agentStore with SOUL.md persistence - Add Step 0 template selection to AgentOnboardingWizard with grid layout for template browsing	2026-03-31 03:15:45 +08:00
iven	eb956d0dce	feat: 新增管理后台前端项目及安全加固 ... refactor(saas): 重构认证中间件与限流策略 - 登录限流调整为5次/分钟/IP - 注册限流调整为3次/小时/IP - GET请求不计入限流 fix(saas): 修复调度器时间戳处理 - 使用NOW()替代文本时间戳 - 兼容TEXT和TIMESTAMPTZ列类型 feat(saas): 实现环境变量插值 - 支持${ENV_VAR}语法解析 - 数据库密码支持环境变量注入 chore: 新增前端管理界面 - 基于React+Ant Design Pro - 包含路由守卫/错误边界 - 对接58个API端点 docs: 更新安全加固文档 - 新增密钥管理规范 - 记录P0安全项审计结果 - 补充TLS终止说明 test: 完善配置解析单元测试 - 新增环境变量插值测试用例	2026-03-31 00:11:33 +08:00
iven	ecd7f2e928	fix(desktop): console.log 清理 — 替换为结构化 logger ... 将 desktop/src 中 23 处 console.log 替换为 createLogger() 结构化日志: - 生产构建自动静默 debug/info 级别 - 保留 console.error 用于关键错误可见性 - 新增 dompurify 依赖修复 XSS 防护引入缺失 涉及文件: App.tsx, offlineStore.ts, autonomy-manager.ts, gateway-auth.ts, llm-service.ts, request-helper.ts, security-index.ts, skill-discovery.ts, use-onboarding.ts 等 16 个文件	2026-03-30 16:22:16 +08:00