Chiguyong
0979612a35
fix(portal/bitable): 统一行内编辑器与飞书风格交互,验证全部字段类型
...
- BitableGrid: 统一 edit slot,按字段类型分发 Text/Select/Date 编辑器
- SelectCellEditor: 点击单元格直接展开下拉,下拉宽度不小于列宽
- DateCellEditor/TextCellEditor: 行内编辑,Enter/失焦自动保存
- 新增 editValueCache 解决 multiselect 编辑后值丢失
- 新增 confirmEdit provide,供子编辑器显式关闭编辑状态
- 调试脚本支持 label/value 分离的 select 选项断言
- 验证通过:text、select、number、date、multiselect、readonly 系统字段
2026-07-07 22:39:02 +08:00
Chiguyong
c429851c97
docs: 沉淀 PEP 562 re-export 架构模式 + 方案文档
...
ce-compound (Full mode) 沉淀本次架构修复经验:
- docs/solutions/architecture-patterns/circular-import-pep562-lazy-reexport.md
knowledge track 文档,覆盖 Context/Guidance/Why This Matters/When to Apply/
Examples,记录 PEP 562 模块级 __getattr__ 延迟 re-export 打破循环依赖的
模式、一次性缓存机制、27 调用方兼容性保护、__module__ 取舍。
同时提交:
- docs/plans/2026-07-06-003-fix-architecture-smell-and-test-gaps-plan.md
ce-plan 产出的方案文档(4 个 Implementation Units)
- docs/solutions/logic-errors/gate-without-caller-silently-disables-feature.md
之前会话沉淀的 gate-without-caller 经验
2026-07-06 23:51:20 +08:00
Chiguyong
584592005a
chore: 添加 uv.lock 锁文件 + 异步生成器死锁解决方案文档
...
Deploy to Production / deploy (push) Waiting to run
Details
Test / backend-test (push) Waiting to run
Details
Test / frontend-unit (push) Waiting to run
Details
Test / api-e2e (push) Waiting to run
Details
Test / frontend-e2e (push) Waiting to run
Details
- uv.lock: uv 包管理器锁文件,保证可复现构建
- docs/solutions/runtime-errors/async-generator-yield-before-await-deadlock.md:
记录 ReActEngine autonomy pause 死锁问题的根因与修复方案
- components.d.ts: 新增 AutonomyPausedCard 组件类型声明(自动生成)
- .gitignore: 添加 .agentkit-data/ 忽略本地运行时数据
2026-07-06 20:40:33 +08:00
Chiguyong
8714056c46
Merge PR: fix(iq): 补齐 PR #27 的 5 个实现缺口 + 2 个 P2 residuals
Deploy to Production / deploy (push) Waiting to run
Details
Test / backend-test (push) Waiting to run
Details
Test / frontend-unit (push) Waiting to run
Details
Test / api-e2e (push) Waiting to run
Details
Test / frontend-e2e (push) Waiting to run
Details
2026-07-06 20:38:12 +08:00
Chiguyong
5e29f35b6c
Merge PR: fix(bitable): 修复表格头部与数据行之间的幽灵空白
2026-07-06 20:37:49 +08:00
Chiguyong
bcfa4fb5f6
fix(iq): 补齐 PR #27 的 5 个实现缺口 + 2 个 P2 residuals
...
F1: 前端 autonomy_paused 事件处理
- 新增 AutonomyPausedCard.vue 组件(reason + progress + resume 按钮)
- chatStore/chatStream 接收 autonomy_paused 事件并渲染暂停卡片
- ChatView 集成暂停卡片显示
F2: cleanup_expired 定时调用
- episodic.py 的 prompt_reflection 记录 30 天过期清理接入
F3: SharedWorkspace.lock() TOCTOU 防护
- _phase_executor.py 并行子任务写入用 lock() 防护
- shared_workspace.py 补充锁实现
F4: retrieve_prompt_reflection KTD5 门控
- react.py/reflexion.py 按 verify 二次失败/循环检测条件门控
F5: configs/agentkit.yaml.example 配置示例
- 包含 dangerous_tools 配置示例
F6: resume Future 注册顺序消除竞态
F7: 用户拒绝危险工具不计入 _consecutive_failures
测试:112 个单元测试全部通过
2026-07-06 20:31:50 +08:00
Chiguyong
729047433d
feat(bitable): Twenty 风格工具栏、视图切换器与视图配置
...
- BitableFileDetailView 重构顶部工具栏:视图切换器、记录数徽章、新建记录/筛选/排序/选项
- ViewSwitcher 从标签页改为下拉菜单
- bitable store 新增 createRecord 方法
- ViewConfigPanel 支持 initialTab 从按钮直达对应配置页
- 新增 DateDisplay 组件与 bitable-grid-guidelines UX 规范
2026-07-06 18:43:49 +08:00
Chiguyong
af2de993d8
docs(solutions): document board chat_stream first-chunk hang fix
...
Captures the private board streaming hang regression (commit 36b0296 )
and its fix (commits ed1e289 , 0daa4d2 , d0fe661 ). Key learnings:
- All `async for chunk in stream` calls need first-chunk timeout
(DashScope/DeepSeek via LiteLLM occasionally never emit first chunk)
- Mid-stream break must not trigger full-content re-broadcast
(return partial content instead of double-broadcasting)
- Diagnostic pattern: monkey-patch + per-stage timeout to locate hang
Track: bug
Category: runtime-errors
Overlap: low (related streaming docs exist but different root cause)
2026-07-06 15:55:37 +08:00
Fischer
8fc6bb0395
feat(iq): Agent IQ Boost — parallel sub-agents + autonomy + prompt self-tuning ( #27 )
...
Deploy to Production / deploy (push) Waiting to run
Details
Test / backend-test (push) Waiting to run
Details
Test / frontend-unit (push) Waiting to run
Details
Test / api-e2e (push) Waiting to run
Details
Test / frontend-e2e (push) Waiting to run
Details
Implements U1-U7 across 3 IQ-boost dimensions (R1-R15). 137 unit tests pass, ruff clean. Review fixes: P0 deadlock, P1 gate/tracking/filter, P2 score semantics.
2026-07-06 15:13:29 +08:00
Chiguyong
9fe1810497
docs(plan): add agent-iq-boost implementation-ready plan (R1-R15, U1-U7)
2026-07-06 13:12:34 +08:00
Chiguyong
fae76b7cca
merge: resolve conflict with origin/main (PR #24/#25)
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
Conflict in src/agentkit/bitable/service.py delete_view():
- Adopted main's MAINT-2 fix (delete_view_if_not_last atomic op + race check)
- Worktree's simpler version replaced by main's race-safe implementation
No conflict markers remain. 277 tests pass, ruff clean.
2026-07-06 13:04:53 +08:00
Chiguyong
6d5a34ada2
feat(bitable): formula relations v2 — U1-U8 + review fixes
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
Implements bitable v2: formula engine expansion (10->64 functions),
cross-table formula references, relation CRUD (1:1/1:N/N:N + bidirectional),
lookup/rollup fields, cross-table dependency graph, automation engine
(3 triggers + 5 actions + retry + webhook), and REST API + BitableTool actions.
Implementation units:
- U1: Schema V3 migration (junction table, automations, cross_table_deps)
- U2: Formula functions 10->64 (datetime/text/logical/aggregate/lookup)
- U3: Cross-table formula {rel.target} syntax (parser 3-tuple, engine resolve)
- U4: Relation CRUD + bidirectional + self-reference
- U5: Lookup & Rollup field types with recalc worker routing
- U6: Cross-table dependency graph + recalc trigger
- U7: Automation engine (asyncio queue, 3x retry, execution logs)
- U8: REST API (11 endpoints) + BitableTool (17 actions)
Review fixes applied (ce-code-review mode:agent):
- P1: SSRF guard on outbound webhook (reuse _assert_safe_host from ingestion)
- P1: Bidirectional relation removal now cleans reverse field (symmetric with add)
- P2: Ownership check on target_table_id in relation field creation (IDOR fix)
- P2: Typed AutomationUpdate Pydantic model (prevents table_id injection)
- P3: Tracked automation fire-and-forget tasks (error visibility)
- P3: Public FormulaEngine.get_cross_table_mapping (remove private attr access)
Tests: 267 passed, 153 skipped (PG). Ruff clean.
Deferred: generate_formula/generate_automation LLM actions, frontend components.
2026-07-06 12:57:07 +08:00
Chiguyong
04ad5966d0
fix(enterprise): ce-debug P3 residual batch — SEC-2 OIDC 验签 + STAND-3 SCIM /scim/v2 + MIG-2 schema 迁移
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
13 项 P3 residual findings 全部清零:
安全/合规
- SEC-2: OIDC id_token 用 JWKS 验签 + IDToken claims_cls 校验 iss/aud/exp(fail-closed,无 jwks_uri 时拒绝回退)
- STAND-3: SCIM router 改挂 /scim/v2(RFC 7644 标准路径)+ 修复双重前缀 bug(router 内部 prefix 移除,由挂载点控制)
- API-12/14: SCIM PATCH 严格性 — 不支持的 op/path 返回 400 noTarget + path==None 时遍历 value keys
性能/可观测
- PERF-6/7: gateway cache metric 修正 — None usage 早退 + 仅对 anthropic/claude model 记录 cache hit/miss
部署/运维
- DEPLOY-8: key-rotation-runbook 拆分 Slot 10(Redis)/Slot 11(PostgreSQL)
- DEPLOY-9: Helm chart 支持 image.digest pinning(@sha256:<digest> 覆盖 tag)
迁移/维护
- MIG-2: auth DB schema 迁移注册表(_SCHEMA_MIGRATIONS dict + _run_schema_migrations 按 version 差值执行)
- MAINT-2: bitable delete_view 三态错误信息(不存在 vs 最后一视图 vs 并发竞争)
- MAINT-3: chatStream 提取 findStreamingSynthesisMilestone helper(去重 team_synthesis_chunk/team_synthesis 谓词)
- MAINT-4 + STAND-2: 前端测试 token 正则 helper + replace 加 g 标志(移除所有 :root 块)
验证:ruff check + format(P3 文件全过)| pytest 526 passed(calendar webhook SSRF 失败为 pre-existing)| helm lint 通过
2026-07-06 12:18:42 +08:00
Chiguyong
cb278bb5f0
fix(enterprise): ce-debug batch — PERF-1 PII filter + DEPLOY-1/2/4/5 + SCIM RFC 7643/7644
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
修复 ce-code-review 发现的全部 P1/P2 residual findings:
P1:
- PERF-1: PII 脱敏接入 gateway chat()/chat_stream() 生产路径
(env AGENTKIT_PII_FILTER_ENABLED=true 启用,fail-closed)
- API-1/2/5/6/7/9/11/13 + STAND-1 + SEC-3: SCIM router 全面重写
- API-1: totalResults 用 SELECT COUNT(*) 返回全量总数
- API-2: 异常处理器转 RFC 7644 错误格式(scope 到 /scim/v2)
- API-5: create_user 写 user_idp_links(idp_name='scim')
- API-6: POST /Users 返回 Location 头
- API-7: PATCH userName UNIQUE 冲突 → 409
- API-9: 不支持的 filter → 400 invalidFilter
- API-11: displayName=None
- API-13: filter 大小写不敏感
- STAND-1: dict[str, Any] → dict[str, object]
- SEC-3: active true→false 写审计(延后到事务提交后避免 SQLite 锁竞争)
- API-4: _sso_issue_token_pair 用 secrets.token_urlsafe(32) 生成真实 refresh_token
(移除 __pending_sso__ 占位符 + 后续 UPDATE 的非原子两步写入)
- API-8: _sso_issue_token_pair 增加 provider_type/provider_name 参数
- API-10: deprovision_user/change_user_role 加 response_model
- DEPLOY-1: install.sh + docs 用 instance 标签选择器替代硬编码 fullname
- DEPLOY-2: 11 处 Redis 客户端构造显式传入 REDIS_PASSWORD env var
P2:
- DEPLOY-4: 移除 agentkit deployment 中死 env POSTGRES_PASSWORD
(应用通过 DATABASE_URL Slot 3 内嵌密码连接,不读此 env)
- DEPLOY-5: OTel token 格式改为 Authorization=Bearer <token>
(符合 OTEL_EXPORTER_OTLP_HEADERS key=value 规范)
测试:
- ruff check + format 全部通过
- pytest tests/unit/test_scim_router.py 9 passed
- pytest tests/unit/test_llm_gateway.py + test_handoff.py + test_event_queue_integration.py 70 passed, 5 skipped
- helm lint + helm template 验证 POSTGRES_PASSWORD env 已移除
2026-07-06 11:41:06 +08:00
Chiguyong
444667e2f0
docs(review): record residual review findings
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
2026-07-06 10:40:06 +08:00
Chiguyong
3cf29f4633
fix(enterprise): ce-code-review P1 fixes — SSO is_active + span leak + Helm chart integration
...
Stage 5c applied safe P1/P2/P3 fixes from multi-agent code review:
- SEC-1 (P1, security): SSO 登录绕过 is_active 检查 — _sso_issue_token_pair
入口加显式校验,与本地 login(auth.py:377)一致。已停用用户无法再通过
IDP 回调拿 JWT,封堵 R1b deprovisioning 绕过。
- PERF-2/3 (P2, reliability): gateway chat() span 泄漏 + 异常未记录 — try 块
扩展到覆盖整个 span 生命周期(含 cache 设置),新增 except 分支调用
record_exception + set_status(ERROR),失败调用在 trace 中不再显示为成功。
- API-3 (P1, test isolation): SCIM router 使用 import-time 捕获的
DEFAULT_AUTH_DB_PATH — 改为 resolve_auth_db_path() 在调用时读取 env var,
让测试 monkeypatch.setenv 可见。
- MAINT-1 (P3, dead code): 删除 BitableRepository.delete_view(被
delete_view_if_not_last 取代,无生产调用方,仅 docs 残留引用)。
- PERF-4/5 (P3, performance): pii_filter._record_pii_metrics 的 from import
提升至模块顶部 + except: pass 改为 logger.debug 记录失败原因。
- DEPLOY-3 (P1, chart integration): ConfigMap 不可达 — deployment.yaml
args 增加 --config /etc/agentkit/agentkit.yaml,让应用能加载 chart 渲染
的非密配置。
- DEPLOY-6/7 (P3, doc/chart consistency): values.yaml 注释残留旧 slot 名
redisPgPasswords → redisPassword;slot 计数 10 → 11(5 处 chart + 3 处
deployment docs 同步修正)。
Verification:
- ruff check + format clean (7 modified .py files)
- pytest tests/unit/{auth,bitable} + test_{pii_filter,oidc_provider,
saml_provider,scim_router,auth_audit,telemetry,prompt_cache_layers}.py
→ 336 passed, 145 skipped
- helm lint + helm template 验证 secret key 一致性
Residual findings (deferred to follow-up):
- PERF-1: PII filter 未接入 gateway 生产路径(manual, 需配置接入决策)
- API-1/2/4/5: SCIM RFC 7644 合规性(totalResults/error format/Location
header/SSO 预配联动)— manual, 需设计决策
- DEPLOY-1/2/4: Helm chart ↔ app 集成断裂(部署名引用/Redis 鉴权/PG 密码双源)
— manual, 需 app+chart 联动修改
2026-07-06 08:36:59 +08:00
Chiguyong
86bce129a4
refactor(enterprise): simplify U1-U6 — fix span leak, dedup helpers, stdlib parsing
...
lfg Step 3 (ce-simplify-code) — 16 files, -89 net lines.
P1 fixes (functional):
- audit.py / scim/router.py: fix OTel span leak — start_span() returned a
context manager but was used as a plain object, so spans never ended
and never exported. Wrap in `with`.
- helm chart: split combined `redisPgPasswords` slot (single JSON key)
into `redisPassword` + `postgresPassword` slots — the combined `key`
field was dead config never referenced by any template; deployment.yaml
hardcoded `redis-password`/`postgres-password` keys were inconsistent
with values.yaml schema.
P2 dedup (reuse):
- Promote `resolve_auth_db_path()` to models.py (canonical); remove 3
duplicate `_resolve_db_path` defs in oidc.py / saml.py / audit.py.
- Reuse `_now_iso` from models.py; remove 5 duplicates across audit /
oidc / saml / scim / local providers.
- Reuse `_row_to_user` from local.py in oidc.py / saml.py (verbatim
copies removed).
- pii_filter._redact: collapse redundant `finditer` + `sub` (2 regex
passes + 2x sha256 per match on hot path) into a single `sub` with a
callback that collects matches and computes hashes once.
P3 simplifications:
- RoleChangeRequest.role: `str` + manual `if not in (...)` → `Literal`
(Pydantic validates automatically).
- Extract `_record_pii_metrics(status, redacted_count)` helper to dedup
3 nearly-identical OTel metric emission blocks.
- Extract `LLMGateway._record_prompt_cache_metric(usage, model)` to dedup
non-stream + stream cache hit/miss counters; switch to use the
`TokenUsage.cache_hit` property (previously added but unused).
- middleware: split `WHITELIST_PATHS` + `PREFIX_MATCH_PATHS` (redundant
cross-reference) into `WHITELIST_PATHS` (exact) + `PREFIX_WHITELIST_PATHS`
(prefix) — single source of truth per kind.
- OIDC token exchange: replace f-string form body with `urlencode` to
correctly escape `&` / `=` in code / redirect_uri.
- auth.py OIDC redirect route: replace hand-rolled `url.split("state=")`
with `urlparse + parse_qs`.
- PII module docstring: clarify that `PIIMatch.original` is in-memory
only (must not be logged / persisted) — the previous "仅 hash, 不含
原文" wording was misleading.
Skipped findings (false-positive or not worth):
- OIDC/SAML `_find_or_create_user` JIT 60-line dedup — high blast
radius across SQL + transaction boundaries; defers to dedicated refactor.
- SAML `_extract_host` hand-rolled split — already has ponytail comment;
stdlib `urlparse` swap is behavior-equivalent for current inputs but
changes OneLogin `http_host` field semantics; conservative keep.
- gateway.py department-quota / usage-record sequential await —
concurrency gain unclear when dept count is typically ≤2.
Verification:
- ruff check (scoped to 12 touched files) clean
- ruff format (1 file reformatted)
- pytest (PII + OIDC + SAML + SCIM + audit + bitable + team_orchestrator):
265 passed, 145 skipped (PG/Docker), 0 failures
- helm lint clean; helm template renders correctly for both
sealed-secrets + external-secrets backends
2026-07-06 08:02:40 +08:00
Chiguyong
de02ac8a92
docs(compliance): U6 — 等保三级文档准备(6 维度 + 控制点清单)
...
U6 启动等保三级认证文档编写,按 GB/T 22239-2019 6 维度组织:
00-overview — 总览:认证目标、范围、AgentKit 架构摘要、各维度状态。
01-physical — 物理安全:客户机房部署假设。
02-network — 网络安全:Ingress TLS + NetworkPolicy + OTel mTLS。
03-host — 主机安全:非 root 容器 + distroless + 漏洞扫描。
04-application — 应用安全:SSO 多 IDP + RBAC 3 级 + 6 层终端安全 + OTel 审计。
05-data — 数据安全:PII 脱敏 + 国密 P1 参考 + PG 备份。
06-management — 管理安全:密钥轮换 runbook + break-glass 告警。
control-points.yaml — 控制点清单 + AgentKit 实现映射(已实现/P0/P1/待评估)。
2026-07-06 07:32:30 +08:00
Chiguyong
af9cb9496c
feat(deploy): U5 — K8s Helm Chart + Sealed Secrets + 离线安装包
...
U5 产出政企生产级 K8s 部署 artifacts:
Helm Chart — deploy/helm/agentkit/ 含 Chart.yaml + values.yaml +
8 个 templates(deployment/service/ingress/configmap/sealed-secret/
external-secret/serviceaccount/_helpers)。
values.yaml 显式列出 10 个 secret slot(KTD-4):JWT 签名密钥 /
API Key / DB 凭据 / IDP 签名证书 / 第三方 API Key / TLS 服务器证书 /
mTLS 客户端证书 / KMS-HSM PIN / OTel exporter token / Redis-PG 密码。
Sealed Secrets + External Secrets Operator 双模板,禁用 plain
Kubernetes Secret + Git 提交。serviceaccount 配置 projected token
注入支持 KMS/HSM workload identity。
离线安装包 — build-images.sh 构建镜像 tarball +
package-chart.sh 打包 chart tarball + install.sh 离线安装,
覆盖原生 K8s 1.28+ / Helm 3.x。
运维文档 — k8s-install.md 部署指南 + key-rotation-runbook.md
密钥轮换 runbook(10 slot)+ secret-inventory.md 密钥清单。
2026-07-06 07:21:41 +08:00
Fischer
8633f60831
feat: complex-task-quality-loop (R1-R12) — 11 P1 blockers fixed ( #22 )
...
Deploy to Production / deploy (push) Waiting to run
Details
Test / backend-test (push) Waiting to run
Details
Test / frontend-unit (push) Waiting to run
Details
Test / api-e2e (push) Waiting to run
Details
Test / frontend-e2e (push) Waiting to run
Details
Merge feat/complex-task-quality-loop into main.
Includes U1-U9/R1-R12 implementation + 11 P1 blocker fixes from ce-code-review.
P1 fixes: trace_outcome propagation, portal execute_stream routing, network_block reentrancy, spec review gate wiring, max_reflections threading, phase budgets, plan aggregation, failure status mapping, evolution drain timeout, portal spec_review_reply, spec_review persistence.
2026-07-05 22:31:21 +08:00
chiguyong
826b766af0
docs(solutions): record bitable agent tool parity patterns + final review findings
...
Add docs/solutions/architecture-patterns/bitable-agent-tool-parity-patterns.md
capturing three architecture patterns from U6 (R15a):
- Dual-sync action registration (KTD10): handlers dict + input_schema.enum
- 404-before-403 ownership check (KTD9): prevent existence leak via DELETE
- 409 last-view protection: prevent invalid zero-view table state
Update residual findings with DR-4 (TOCTOU race in delete_view) and DR-5
(_update_field silent type drop) surfaced in final pre-merge ce-code-review
pass. Both P2, neither blocks merge. Documented in the solutions doc under
Known Limitations with concrete fix paths.
2026-07-04 01:04:46 +08:00
chiguyong
0f4a418408
docs(review): record residual review findings for feat/bitable-enhancement
2026-07-04 00:29:02 +08:00
chiguyong
7c900ce280
docs: add complex-task-quality-loop plan and requirements documents
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
Adds the brainstorm requirements and implementation plan that drove the
9-unit quality-loop feature (R1-R12). Also gitignores local worktree
directories.
2026-07-03 22:54:11 +08:00
chiguyong
96ccca3d87
docs(bitable-p0): add implementation plan for P0 UX polish + agent parity
...
ce-plan Deep plan (6 Implementation Units, 3 delivery phases):
- Phase 1: U1 R5 design token system + vxe-table dependency declaration
- Phase 2: U2-U5 R1-R4 frontend UX (inline field config, record drawer,
view type switcher, grouping + conditional formatting)
- Phase 3: U6 R15a BitableTool 4 new actions + DELETE /views endpoint
11 KTDs covering: CSS token layer, vxe-table ghost dependency fix,
inline field configurator (hybrid vxe-table slot + custom component),
record detail drawer (single column 480/640px), view type dropdown
with disabled states, grouping + conditional format in View.config
with backend Pydantic validation, BitableTool action registration
(handlers dict + input_schema enum), X-Internal-Token ownership
semantics, 3-phase delivery with config schema freeze for parallel U6.
Phase 5.3 headless ce-doc-review (5 reviewers, 14 findings):
- Applied 2 safe_auto (U6 verification method, U5→U6 dependency)
- Applied 2 gated_auto (input_schema enum step, color_token→color_key)
- Applied 5 P1 manual fixes (backend config validation, X-Internal-Token
ownership, grouping+CF combo state, LoadingState/ErrorState justification,
R3/R4 backend assumption verification)
- 8 P2/P3 manual findings appended to Open Questions
Origin: docs/brainstorms/2026-07-03-bitable-comparative-evaluation-requirements.md
2026-07-03 13:49:57 +08:00
chiguyong
f8927d1749
docs(bitable-eval): apply ce-doc-review best-judgment fixes (20 gated_auto + 12 manual)
...
ce-doc-review(7 reviewers, 39 raw findings → 32 actionable + 3 FYI 经合成管道),
用户选择"自动用最佳判断处理"路径。本提交应用全部 20 个 gated_auto 修复,并把
12 个 manual findings 追加到 Outstanding Questions 的 From 2026-07-03 review 子节。
主要修复:
- 修正 BitableTool 动作清单:实际为 create_table/import_excel/import_database/
collect_api/upsert_records/query_records(原文 4/6 错),消除 R15a 范围误判
- R15a 从 B 线提升至 P0(4 reviewers 独立标记的优先级矛盾——B 线"non-blocking"
与"agent 对等最高优先级子项"自相矛盾)
- G23 闭合路径标注(R15c 路径 (a)/(b))
- 默认字段类型未来 user/datetime 标注(Inventory + G6)
- R3 后端依赖标注(POST /views schema 扩展)
- 视图删除端点补 P0 验收标准(R15a 验收 + 前端 deleteView 方法)
- vxe-table 幽灵依赖标注(package.json 未声明,靠主仓 hoisting)
- create_field 动作标注为必需(R8 17 新类型需 agent 能批量建字段)
- R15 测试映射拆分为 R15a/R15b/R15c 三行
- R8 验收矩阵补 PII/XSS/auto-number 写保护列 + schema V3 迁移成本估算
- R15c 安全要求补 SSRF/认证/凭据加密 + 端点访问控制
- 横切验收标准补 WCAG AA 可访问性 + 空状态要求
- R8 矩阵范围标注(覆盖 P1,非 P0)
Open Questions 新增 12 个 manual findings(ce-plan 阶段决策):
- user 字段用户模型
- C 先行优先级策略的实证依据
- 并发编辑 UX 策略
- 加载/错误状态统一模式
- 条件格式规则构建器 UX 形态
- 分组交互细节
- 响应式断点定义
- R2 记录详情抽屉宽度
- vxe-table 容量上限评估
- R13 仪表盘图表库 buy-vs-build
- 禁用态视图类型路线图
- schema V3 双向关联回滚策略
文件:docs/brainstorms/2026-07-03-bitable-comparative-evaluation-requirements.md
(107 insertions, 31 deletions)
2026-07-03 13:32:07 +08:00
chiguyong
e9821a3b7f
docs(bitable): add comparative evaluation requirements with ce-code-review P1 fixes
...
新增三向对比评估需求文档(agentkit bitable vs Twenty vs 飞书),并应用 ce-code-review
产出的全部 P1 缺口修复(共 9 项):
- P1-1: R8 字段类型计数对齐 16+1=17(KD6 与 R8 同步)
- P1-2: 新增 R8 字段类型验收矩阵(17 行表,含 V2->V3 迁移列)
- P1-3: KTD7 引用具体文件 formula/parser.py 替代裸引用
- P1-4: R-ID 命名空间冲突,加日期前缀 2026-06-29-R1..R5
- P1-5: created-time 统一为 datetime(通用类型 + 默认字段使用 datetime)
- P1-6: 新增 P0 验收标准段落(R1-R5 Given/When/Then)
- P1-7: 新增测试策略段落 + 测试文件映射表(R1-R5、R8、R15)
- P1-8: R15 拆解为 R15a/R15b/R15c + 新增 Agent 对等评估方法段落
- P1-9: R4 补充后端扩展(group_by/conditional_formatting schema)+ agent 对等说明
同时包含 2 项 gated_auto 修复:
- 组件计数 14 -> 15
- 移除文档中的全部 emoji,替换为 [OK]
ce-code-review run-id: 20260703-123134-c7c2b2ea
2026-07-03 12:59:41 +08:00
Fischer
00b2dad36e
feat(compressor): CJK-aware token estimation + linear compress flow ( #21 )
...
Deploy to Production / deploy (push) Waiting to run
Details
Test / backend-test (push) Waiting to run
Details
Test / frontend-unit (push) Waiting to run
Details
Test / api-e2e (push) Waiting to run
Details
Test / frontend-e2e (push) Waiting to run
Details
Squash merge PR #21 : CJK-aware token estimation + linear compress flow + solution doc
2026-07-03 09:40:28 +08:00
Fischer
2296d0b209
refactor: remove all emoji from source code ( #20 )
...
Deploy to Production / deploy (push) Waiting to run
Details
Test / backend-test (push) Waiting to run
Details
Test / frontend-unit (push) Waiting to run
Details
Test / api-e2e (push) Waiting to run
Details
Test / frontend-e2e (push) Waiting to run
Details
Replace emoji/glyph characters with Ant Design Vue Outlined icons (frontend), text labels with ANSI colors (CLI/shell), and ASCII art (docstrings). Add pre-commit guard (scripts/check-no-emoji.sh) and style guide to prevent regression.
Closes: docs/plans/2026-07-02-001-refactor-remove-all-emoji-plan.md
2026-07-03 02:46:40 +08:00
chiguyong
e04e2868c3
docs(compound): message bubble empty-content and card-type exclusion pattern
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
Documents the G1 (:empty never matches Vue root), F4-A (card-bearing type
exclusion via messageType prop + Set), and pure-function extraction pattern
for testability without @vue/test-utils.
2026-07-03 01:58:00 +08:00
chiguyong
981a794a54
docs(plan): private-board restrictions + scheme B bubbles plan ready
...
Plan document finalized after 4 rounds of ce-doc-review:
- F4-A exclusion list extended from 5 to 9 card-bearing types
- Verified root class names for all 9 card components
- Corrected chrome description (2 full chrome + 7 partial chrome)
- Added U1 modal focus restoration note (WAI-ARIA)
- Documented R4-DA1/R4-A3/R4-A4 as Open Questions for implementation
2026-07-03 01:14:37 +08:00
chiguyong
53347ed1fe
test(u6): add L4 real-LLM smoke test for ReAct tool-use prompt
...
Manual smoke test verifying U4 L0 prompt rule rearrangement under real
LLM calls (bailian-coding/qwen3.7-plus). 5 probe queries covering
external_info / realtime_data / multi_step / realtime_simple / no_tool.
Results:
- Probe #1 external_info: PASS (8 web_search calls, 99.9s)
- Probe #2 realtime_data: ERROR (120s timeout, not LLM refusal)
- Probe #3 multi_step: PASS (8 web_search calls, 62.6s)
- Probe #4 realtime_data_simple: PASS (3 web_search calls, 23.8s)
- Probe #5 no_tool_escape_hatch: PASS (0 tool calls, direct answer, 4.2s)
Verdict: 3/4 tool-call pass (>=3/4 threshold) + 1/1 direct pass
Bug 2 status upgraded to 'L4 verified'.
Plan Progress table updated: U6 done, U7 done.
2026-07-02 22:08:45 +08:00
chiguyong
96f459c27d
docs: add brainstorm/plan decision artifacts + plan progress update
...
Add ce-brainstorm requirements doc and ce-plan plan doc for private board restrictions and scheme B bubbles (decision artifacts). Update 2026-07-02-002 plan with U6/U7 progress table. Add .compound-engineering/config.local.example.yaml from ce-setup. gitignore tmp_*.html and delete_old_cluster.sh.
2026-07-02 21:27:20 +08:00
chiguyong
7376005868
fix: 修复 transient state 重置口径 + ReAct 工具调用规则
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
Bug 1: chatStore 三个 action 重置 boardState/debateState/collaborationState
- createConversation: 新增三态重置(原缺失,旧私董会状态泄漏到新会话)
- selectConversation: 统一为条件重置(prevConvId !== id),避免 force-reload 误清空
- deleteConversation: 补全 collaborationState 重置
- 附带:selectConversation 中 board_speech/board_summary 消息缺失
expert_avatar/expert_color 时从 boardState.experts 兜底补全
Bug 2: ReAct _build_tool_use_prompt L0 规则调整
- 新增规则 1:涉及外部信息/实时数据/多步骤分析/不确定事实时必须使用工具
- 原规则 3 降为规则 4,收窄为仅在确实无需工具时可直接回答
- base_prompt 与工具描述不动(L1/L2 拆为独立 plan)
测试:5 前端 transient-state reset matrix + 6 后端 prompt rules 断言
Plan: docs/plans/2026-07-02-002-fix-transient-state-reset-and-react-tool-guidance-plan.md
2026-07-02 20:51:57 +08:00
chiguyong
36b0296730
fix: 私董会数据持久化修复 + emoji 移除计划
...
- 修复 board_started/expert_speech/round_summary/board_concluded 事件持久化
- 添加 is_board 标记到会话列表和详情接口
- 实现 restoreBoardStateFromMessages 从持久化消息恢复 boardState
- 添加 ChatSidebar 私董会徽章
- 添加 emoji 移除计划文档 (docs/plans/2026-07-02-001)
2026-07-02 01:07:12 +08:00
chiguyong
fe93b0f2a4
docs: compound streaming-event-contract-residuals learning
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
Knowledge sedimentation for PR #14's 4 residual findings (1 P1 + 3 P2)
from ce-code-review of feat/ui-ue-enhancement. ce-compound Full mode run.
Created:
- docs/solutions/integration-issues/streaming-event-contract-residuals.md
Bug-track doc covering the 4-fix cluster: expert_step payload alignment,
execute_stream CancellationToken registration, team_synthesis orphan
milestone cleanup, synthesis_id dedup. Includes code examples, root cause
analysis, and prevention strategies (streaming contract testing,
cancellation registration checklist, terminal event symmetry, milestone
identifier pattern).
Updated:
- AGENTS.md: WebSocket Chat 协议 section expanded with streaming event
types (expert_step/expert_result_chunk/team_synthesis_chunk), synthesis_id
dedup contract, and execute_stream cancellation contract.
- CONCEPTS.md: Added "Streaming Milestone" entry to Expert Orchestration
cluster — the UI pattern for streaming progress indicators that transition
through streaming → completed|error states, including orphan failure mode
and synthesis_id matching semantics.
Overlap with existing docs/solutions/runtime-errors/streaming-event-whitelist-and-accumulation.md
is MODERATE (same area, different specific bugs). Flagged for potential
consolidation via ce-compound-refresh.
2026-07-01 13:53:10 +08:00
chiguyong
4866a16109
docs: compound streaming-event-whitelist-and-accumulation learning
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
Captures the ReAct streaming contract bug + WS event whitelist governance
from PR #13's review fixes. Three intertwined runtime issues documented:
1. P0: final_answer double-accumulated token content (logic_error)
2. P0: _VALID_TEAM_EVENT_TYPES whitelist missing 3 new streaming event types
3. P2: except (RuntimeError, TimeoutError, ConnectionError) too narrow for
LLMProviderError/ConfigValidationError in async generator
Adds ReAct Streaming Contract entry to CONCEPTS.md — defines the protocol
execute_stream() yields (token events with incremental content, then one
final_answer event with the concatenated full text). Consumers must pick
one accumulation strategy, cannot mix both without doubled output.
2026-07-01 13:15:01 +08:00
chiguyong
f872a3fac6
feat: UI/UE enhancement — streaming, sticky header, hover actions, calendar tokens
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
U1 ThinkingBlock: streaming cursor + auto-collapse to summary bar
U2 StickyModeHeader: new component replacing ExpertTeamView + BoardStatusView
U3 Backend _phase_executor: execute_stream() with token/thinking/final_answer forwarding
U4 Frontend chatStream: expert_result_chunk/team_synthesis_chunk token accumulation
U5 AssistantText: routing tag hover fade-in
U6 UserBubble: hover actions (copy/delete/refill)
U7 CalendarGrid: token-based color redesign
Review fixes (ce-code-review):
- P0: _VALID_TEAM_EVENT_TYPES whitelist adds 3 new streaming event types
- P0: final_answer no longer double-accumulates token content
- P2: exception handling expanded to except Exception for LLMProviderError etc.
Simplification (ce-simplify-code):
- _synthesizer.py: O(n²) concat -> list+join, _concat_results extraction
- config_driven.py: 4 duplicate _handle_*_stream -> _wrap_sync_as_stream
- chatStream.ts: 5x [...messages].reverse().find() -> findLastMessage helper
Tests: pytest 13/13, vitest 126/127 (1 baseline), typecheck pass, ruff clean
2026-07-01 12:51:45 +08:00
chiguyong
975b7c4e57
docs: compound any-and-except-exception-governance convention
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
Record the strategies established during PR #8-#11 (1214+ tech debt
governance) for Any replacement priority, except Exception classification,
framework boundary preservation, and intentional-design retention.
2026-07-01 08:16:02 +08:00
chiguyong
03b1e3d751
docs: add systematic tech debt cleanup plan (U1-U5)
2026-06-30 14:27:47 +08:00
chiguyong
a872a459a6
docs: add PLAN_EXEC concepts + commit Wave 4 plan
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
CONCEPTS.md: new PLAN_EXEC section (Phase State Machine, PhasePolicy, Phase Violation, AdvancePhaseTool, _build_phase_engine).
docs/plans/: commit the Wave 4 plan document (was untracked).
2026-06-30 12:46:24 +08:00
Fischer
2b8a7d8909
feat(agent): Wave 3 strategic coupling (G5/G6) ( #6 )
Deploy to Production / deploy (push) Waiting to run
Details
Test / backend-test (push) Waiting to run
Details
Test / frontend-unit (push) Waiting to run
Details
Test / api-e2e (push) Waiting to run
Details
Test / frontend-e2e (push) Waiting to run
Details
2026-06-30 09:17:19 +08:00
Fischer
a2dcde01b8
feat(agent): Wave 2 medium coupling (G4/G7/G9) ( #5 )
Deploy to Production / deploy (push) Waiting to run
Details
Test / backend-test (push) Waiting to run
Details
Test / frontend-unit (push) Waiting to run
Details
Test / api-e2e (push) Waiting to run
Details
Test / frontend-e2e (push) Waiting to run
Details
2026-06-30 09:09:33 +08:00
chiguyong
2747bb4e64
chore(prior): malformed tool call handling, auth whitelist, dev scripts, wave1 plan
2026-06-29 20:25:03 +08:00
chiguyong
a6e1bf5884
feat(bitable): 多维表格文件层 + 默认字段 + 表内字段操作 + ce-code-review 修复 (Stage 1)
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
实现多维表格 UI 完整性 Stage 1(U1-U6),补齐飞书/twenty 对齐缺失的文件层、
默认字段与表内字段操作能力,并修复 ce-code-review 走查发现的 P0/P1 级问题。
后端(U1-U2):
- 新增 BitableFile 实体(models/db/repository/service/routes),三级层级:文件→数据表→字段/记录
- Schema V2 迁移:bitable_files 表 + tables.file_id 列,幂等(IF NOT EXISTS),保留 V1 孤儿表
- 新建数据表自动创建 5 个默认字段(标题/状态/日期/创建人/创建时间)
- agent-owned 字段在 create_record 时自动填充(按 type+owner 匹配,传 actor_user_id)
- 7 个文件 REST 端点 + IDOR ownership 检查(404-before-403,internal token 旁路)
前端(U3-U5):
- 文件列表页(FileCard 网格 + 新建/重命名/删除)+ 文件详情页(侧栏表格列表 + vxe-table 网格)
- Vue Router 嵌套路由 /bitable → /bitable/:fileId → /bitable/:fileId/:tableId
- 列头菜单(编辑/隐藏/删除字段)+ 末尾 + 列新增字段
- select/multiselect 字段自定义单元格编辑器 + Tag 展示
- Pinia store 扩展 file 状态与动作,深链直访回退 getFile,fileId 切换 watch
测试(U6):
- 文件 CRUD(12 例)+ 默认字段(10 例)单元测试
- 3 个 E2E spec(视图加载、文件流、字段操作),后端不可用时优雅跳过
ce-code-review 修复(P0/P1):
- P0 路由冲突:GET /files/{file_id} 遮蔽下载端点 → 下载改 /uploads/{filename}
- P0 IDOR:update/delete field/record/view 五端点补 ownership 检查
- P1 is_initialized property 缺失致二次初始化崩溃
- P1 直接 URL 导航失效(files 数组为空)→ selectFile 回退 getFile
- P1 fileId 切换不重载 → 增加 watch
- P1 轮询丢弃最终公式值(wasCalculating 守卫)+ 复用视图 filters
- P1 测试断言 200→201;test_db 无 URL 用例解除 postgres 标记得以执行
- P2 _check_table_ownership 403→404;输入长度校验;upload field-table 一致性校验
- P2 multiselect 浅比较 → 深比较;E2E bitable-view 补 waitForServer 守卫
验证:ruff check 通过;pytest 91 passed/116 skipped;vue-tsc --noEmit 通过。
2026-06-29 04:07:45 +08:00
chiguyong
5c15238a5a
fix(calendar): 修复 agent 创建日历事件后 UI 不刷新 + 文档化三根因三部曲
...
Test / backend-test (pull_request) Has been cancelled
Details
Test / frontend-unit (pull_request) Has been cancelled
Details
Test / api-e2e (pull_request) Has been cancelled
Details
Test / frontend-e2e (pull_request) Has been cancelled
Details
代码修复 (ce-debug):
- CalendarService.create_event 注入 notify_callback,成功后广播 calendar_event_created WS 消息
- app.py 调整 _calendar_ws_sender 闭包定义顺序,注入 CalendarService(与 ReminderScheduler 共享)
- tauri-auth.ts keychain fallback 修复(localStorage 始终作为备份)
- 新增 2 个广播回归测试
文档 (ce-compound + ce-compound-refresh):
- 新增 docs/solutions/ui-bugs/calendar-agent-create-no-refresh.md(第三根因:WS 广播缺失)
- 更新 calendar-capability-and-ui-fixes.md:刷新 test count + 加 Related Issues 前向引用
- 更新 jwt-secret-dev-mode-user-id-mismatch.md:扩展 e2e bullet + 加第三个根因引用
- CONCEPTS.md 新增 Service Broadcast Callback 条目 (Real-Time Fan-Out 节)
测试:
- 新增 E2E 测试套件 (admin/auth-persistence/bitable/calendar/conversation/documents/evolution/settings/skills)
- 新增 tests/e2e/test_api_coverage.py
- CI: .gitea/.github workflows/test.yml
2026-06-29 02:20:33 +08:00
chiguyong
c9ce15fa4b
fix(code-review): 修复走查发现的 13 High + Medium 安全/可靠性问题
...
代码修复(8 High + 9 Medium):
- portal.py — C1 IDOR 文档 / C2 类型修复 / C3 WS 连接上限 16 / C4 ws_user_id 早初始化 / M silent swallow 日志化
- auth/middleware.py — C5 WS sid 补齐
- calendar_tool.py — C6 偏移量 ±43200 双向校验 + reminder_channels 类型/白名单校验
- sqlite_conversation_store.py — C7 DELETE 事务回滚
- chat.ts (Pinia) — C8 deleteConversation 清理 pending 缓存
- app.py — M except: pass → logger.debug(exc_info=True)
- Scene6Error.vue — M onUnmounted 清理 setTimeout
- DocumentsTab.vue — M Invalid Date 守卫
- ChatSidebar/RightPanel/TopNav.vue — M aria-label 无障碍标签
- SystemMonitorPanel.vue — M v-else 兜底 + active 边框色 + tablist 键盘导航
- CalendarDrawer.vue — M overflow-y: auto
- CalendarGrid.vue — M ResizeObserver 反馈循环防护
- SkillsTab.vue — M onMounted 始终 fetchSkills
文档修复(5 High + 6 Medium):
- portal-platform-security-reliability-fixes.md — D2 测试路径 / D3 Root Cause+Impact 章节 / D4 severity: mixed / 标题中文化 / 12 处绝对路径转相对 / P2 #12 数字口径
- AGENTS.md — D5 路由表 22→28 / 专家模板 5→15 / LiteLLM U15 迁移 / 配置查找 fallback
- README.md — 8 处端口 8000→8001
新增测试:
- tests/unit/calendar/test_calendar_tool.py — ponytail 自检断言
验证:
- ruff check (5 文件) — All checks passed
- vue-tsc --noEmit — exit 0
- git stash baseline 验证 — portal 17 个 401 失败为预存在问题
已知限制(预存在):
- 17 个 portal 测试 401 失败 — 需另起 ce-debug 调查
- README.md 7 处 CostAwareRouter 引用过时 — 文档同步另起任务
2026-06-28 15:06:41 +08:00
chiguyong
43e9025c6d
fix(calendar): 日历能力缺失修复 + UI 布局优化 + 会话404处理
...
P0: calendar_tool reminder_rules 未传入 create_event,提醒功能完全失效。P1: chat.ts deleteConversation 未清理 pending + 404 递归保护。P2: app.py 系统提示重复段落 + gui_mode F821 + SystemMonitorPanel flex 布局。P3: portal send_json 快照 + WS connected 清除 is_local + 移除死代码。验证: ruff+pytest 98passed+typecheck 通过。
2026-06-28 14:24:58 +08:00
chiguyong
31c65e01b8
fix(security): P0 安全加固 + 多实例部署一致性 (U1-U4 + U5c)
...
Deploy to Production / deploy (push) Has been cancelled
Details
U1: LLM gateway KB 缓存 fail-closed — 异常时默认禁用缓存防止 KB 数据泄漏
U2: MCP 危险工具黑名单过滤 — 6+1 端点覆盖,防止绕过 chat confirmation
U3: SecretsStore Redis 迁移 — 多 worker 共享凭证,内存降级保留开发模式
U4: channels webhook Redis 状态 — ZSET 滑动窗口限流 + nonce dedup + backpressure
U5c: ce-code-review 修复批次:
- P0: 统一 MCP 黑名单与 publisher.py 一致 (terminal_execute -> terminal, +file_read)
- P1: ZSET 限流 member 加 uuid 后缀避免同时间戳碰撞
- P1: SecretsStore redis 参数 Any -> aioredis.Redis | None (AGENTS.md 合规)
- P1: Redis client 添加 socket_timeout 防止单点故障请求挂死
测试: 171 scoped tests pass, ruff clean
2026-06-26 04:05:33 +08:00
chiguyong
75e9b58e46
docs(ce-compound): 记录 portal-platform 安全/可靠性修复批次
...
记录 ce-code-review 修复批次(commit 53faa60)的 10 个 P1/P2/P3 修复:
- P1: WeCom 重放、缓存跨用户泄漏、webhook 异常风暴、shutdown 泄漏
- P2: Feishu TTL、无界任务集、配额 N+1、冗余 SHA-256、未用参数
- P3: DIRECT_CHAT 去重
新增 docs/solutions/security-issues/portal-platform-security-reliability-fixes.md
CONCEPTS.md 补充 3 个领域术语:Per-User Cache Namespace、Webhook Signature Freshness、Webhook Backpressure
2026-06-26 01:47:57 +08:00
chiguyong
af96cb49bd
docs(plan): deepen portal platform evolution plan — KTD5/7/8/9 expanded, KTD11 added
2026-06-25 20:13:27 +08:00