Commit Graph

35 Commits

Author SHA1 Message Date
copilot-swe-agent[bot] 5cee68fc9c Add rate limiting to auth/verify endpoint (CodeQL fix)
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/3f62bf2e-92bd-44b5-b05e-b7bfe6772a4d
2026-03-25 09:55:27 +00:00
copilot-swe-agent[bot] cf362126cf Fix dashboard symlink route + add auth rate limiting
- Add dashboard → docs/dashboard symlink in deploy workflow
- Add rate limiting to auth/team-login endpoint (CodeQL fix)

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/3f62bf2e-92bd-44b5-b05e-b7bfe6772a4d
2026-03-25 09:53:14 +00:00
copilot-swe-agent[bot] fba4088d7a Phase 1-3: UI responsive, model router, team auth
Phase 1: Login card max-width 460→600px, CSS variables, responsive.css
Phase 2: backend/api-server/services/model-router.js
Phase 3: backend/api-server/routes/auth.js + docs/js/auth.js

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/3f62bf2e-92bd-44b5-b05e-b7bfe6772a4d
2026-03-25 09:47:52 +00:00
copilot-swe-agent[bot] 4f8e16f5cd feat: implement S7/S8/S9 SkyEye thought-logic review + evolution + full-member identity
S7: Mandatory pre-execution SkyEye review for ALL instructions (cannot be disabled)
- 4 review dimensions: decision pattern, logical coherence, expression, intent
- 3 outcomes: pass / suspect (suspend) / reject
- Registered as global middleware in server.js

S8: SkyEye evolution - auto-accumulates from all agent runtime logic
- Per-person behavior history (200 records each)
- Pattern summarization: methods, paths, active hours

S9: Full-member thought-logic identity verification
- Per-person identity maturity model with cold-start threshold (10 actions)
- Cold-start members auto-suspended for manual confirmation
- Self-reinforcing: more participation = stronger identity model

Config: skyeye-policy.json v2.0.0, server.js v5.0.0

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/6ee737eb-684b-44b8-aeaa-f73eb7c6f9c2
2026-03-25 09:18:52 +00:00
copilot-swe-agent[bot] 0a63716226 feat: implement S6 personal channel full autonomy rule
S6 Rule: Developers have full autonomy within their own channels.
- Add isChannelSelfDeploy() in autonomy-engine.js (single source of truth)
- Add channel self-deploy bypass in approval.js POST /request
- Add channelAutonomyRule S6 config in autonomy-rules.json
- Own-channel deploys skip SkyEye/approver authorization
- Cross-channel/system changes still go through full S2 approval

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/6ee737eb-684b-44b8-aeaa-f73eb7c6f9c2
2026-03-25 09:04:51 +00:00
copilot-swe-agent[bot] 6fab64b1b9 feat: implement S5 冰朔直通部署规则 (direct-deploy bypass)
S5 Rule: When instructions come from 冰朔 (TCS-0002) or are signed by
trusted signers (AG-SY-01/TCS-0002/ICE-0002) with ZY- prefix,
deployment goes directly to production bypassing preview/SkyEye/approval.

- Add isDirectDeploySource() in autonomy-engine.js (single source of truth)
- Add direct-deploy bypass in approval.js POST /request endpoint
- Add directDeployRule config in autonomy-rules.json
- Add deploy audit log (deploy-YYYY-MM-DD.jsonl) for traceability
- Developer (Level 0-2) changes still follow full S2 approval flow
- Fix watchdog for-of destructuring to match codebase var style

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/6ee737eb-684b-44b8-aeaa-f73eb7c6f9c2
2026-03-25 08:54:40 +00:00
copilot-swe-agent[bot] 721974ca76 feat: implement Phase 8 + Phase 9 (S2/S3/S4 deployment approval + system autonomy)
Phase 8 - Dual-Environment Deploy Flow + SkyEye Final Review Authorization:
- Add backend/api-server/routes/approval.js: request/decide/status/list endpoints
- Add backend/api-server/config/approvers.json: 肥猫(DEV-002) + 桔子(DEV-010) config
- Add docs/js/approval-ui.js: frontend approval badge + panel + decision UI
- Add docs/css/approval.css: approval panel styles
- Update permissions.js: add approval:decide, approval:create, system:internal
- Update server.js to v4.0.0: register approval routes

Phase 9 - System Autonomy Framework:
- Add backend/api-server/config/autonomy-rules.json: dual-line architecture + deploy stages
- Add backend/api-server/services/autonomy-engine.js: compliance check + mode detection

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/6ee737eb-684b-44b8-aeaa-f73eb7c6f9c2
2026-03-25 08:48:50 +00:00
copilot-swe-agent[bot] ade9c8dfc3 fix: address code review feedback for execution protection layer
- Remove hardcoded '90+ processes' in cancel message (use generic wording)
- Extract LOCK_RELEASE_DELAY_MS constant in atomic-executor.js
- Use array destructuring in watchdog for-of loop
- Use role-based reference in checkpoint escalation message
- Ensure next() is called in blockCancellation when not intercepting

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/6ee737eb-684b-44b8-aeaa-f73eb7c6f9c2
2026-03-25 08:43:45 +00:00
copilot-swe-agent[bot] e0880deb46 feat: implement Phase 7 Execution Protection Layer (ZY-LANGDRIVE-S1)
L1 Frontend Isolation:
- docs/js/execution-guard.js: UI lock/unlock, execution replay polling, browser guard
- docs/css/execution-guard.css: Execution lock styles, progress bar, log entries

L2 API Execution Interception:
- backend/api-server/middleware/execution-lock.js: Execution context lock, cancel interception
- backend/api-server/routes/execution.js: Status query, cancel/delete rejection (403)

L3 Execution Atomicity:
- backend/api-server/services/checkpoint.js: Checkpoint system with rollback
- backend/api-server/services/atomic-executor.js: Atomic execution wrapper
- backend/api-server/services/execution-watchdog.js: 15min timeout, deadlock prevention

Integration:
- Updated server.js to v3.0.0: execution routes, cancellation middleware, watchdog startup

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/6ee737eb-684b-44b8-aeaa-f73eb7c6f9c2
2026-03-25 08:37:56 +00:00
copilot-swe-agent[bot] 5e8bb969a4 fix: address code review feedback for LANGDRIVE implementation
- Normalize module paths in deploy permission checks (trailing slash)
- Add devId format validation in PATCH /dev/:devId/status
- Fix onboarding resume logic (allow resuming incomplete sessions)
- Switch audit logging from sync to async file I/O
- Add hasModuleAccess helper for consistent module permission checks

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/a260ce18-279a-4490-af90-a90a7b1f46cd
2026-03-25 08:27:00 +00:00
copilot-swe-agent[bot] 38d8afef55 feat: implement language-driven OS capabilities (ZY-LANGDRIVE)
Phase 3 - Write Capability Layer:
- Add backend/api-server/routes/write.js with 10 write endpoints
- Extend services/github.js with triggerWorkflow + createFile
- Add middleware/audit.js for operation audit logging
- Rate limiting: 10 writes/min per developer

Phase 4 - Intent Router Engine:
- Add config/function-tools.json with 10 operation definitions
- Add middleware/intent-router.js for NL → API routing
- Add docs/js/intent-tools.js for frontend function calling

Phase 5 - Permission Sandbox System:
- Add config/permissions.js with 4-level model (L0-L3)
- Add middleware/auth.js (identity + permission check)
- Add middleware/sandbox.js (preview environment guard)

Phase 6 - Cognitive Guidance System:
- Add config/onboarding-script.json (5-round guided dialogue)
- Add routes/onboarding.js (onboarding API + tools endpoint)
- Add docs/js/onboarding.js + docs/css/onboarding.css (UI)

Update server.js to v2.0.0 with all new routes and middleware

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/a260ce18-279a-4490-af90-a90a7b1f46cd
2026-03-25 08:22:38 +00:00
copilot-swe-agent[bot] 726b05bc0b fix: address code review feedback - timer leaks, CORS, validation, cache TTL
- Fix timer leak in fetchNotionProfile/loadDatabaseCache with finally block
- Remove HTTP origin from CORS whitelist (HTTPS-only)
- Validate devId against DEV_REGISTRY instead of regex
- Fix cache TTL check to use >= instead of >
- Fix chat.js count queries to use page_size 100 instead of 1

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/a260ce18-279a-4490-af90-a90a7b1f46cd
2026-03-25 08:15:48 +00:00
copilot-swe-agent[bot] df21bae395 feat: implement dual-channel architecture (Channel A cache + Channel B backend)
- Add scripts/cache/sync-notion-cache.js for comprehensive Notion sync
- Add .github/workflows/sync-notion-cache.yml (every 6h + manual trigger)
- Add .github/workflows/deploy-backend.yml for ECS auto-deploy
- Add missing dev profiles: DEV-009.json, DEV-011.json, index.json
- Add .github/notion-cache/databases/ directory
- Add backend/api-server/ with Express server (port 3001)
  - Routes: health, dev, databases, chat, receipt
  - Services: notion, github, cache
  - Config: database ID mappings
  - PM2 ecosystem config
- Update docs/index.html with dual-channel fallback:
  - Channel B (realtime) → Channel A (cache) degradation
  - loadDatabaseCache() for agent-registry, syslog-recent
  - Enhanced system prompt with data source indicators

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/a260ce18-279a-4490-af90-a90a7b1f46cd
2026-03-25 08:10:58 +00:00
liuxunxun7-max 6a79778ee2 M-MEMORY-环节1:分类搜索+配额管理+自动清理+接口文档 2026-03-18 10:52:38 +08:00
liuxunxun7-max e5152e9dc3 feat(m-memory): 环节0+1 文件存储API+元数据管理+分类搜索+配额 2026-03-18 09:30:31 +08:00
copilot-swe-agent[bot] 7e633c70ab 🌉 Address code review: extract URL constant, localize fallback, improve variable naming
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-16 15:25:17 +00:00
copilot-swe-agent[bot] 40c12c75a3 🌉 BRIDGE-DEPLOY: 全链路桥接系统部署 — 脚本8个 · Workflow3个 · 飞书路由1个
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-16 15:23:32 +00:00
copilot-swe-agent[bot] 45b3f62d51 fix: add error codes to push-broadcast error responses
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-14 18:29:29 +00:00
copilot-swe-agent[bot] fec940188e feat: add /webhook/push-broadcast POST route for Pipeline C feishu broadcast
- Add push-broadcast handler in backend/routes/feishu-bot.js with token
  validation, request parsing, and Feishu IM API message delivery
- Wire /webhook/push-broadcast in backend/server.js via route forwarding
- Add nginx /webhook/ proxy_pass config in nginx-api-proxy.conf
- Update health check to report push_broadcast feature status

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-14 18:28:28 +00:00
copilot-swe-agent[bot] 9fb8197042 refactor: extract shared feishu alert script + fix error messages + code review fixes
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-11 17:25:53 +00:00
copilot-swe-agent[bot] d0cc67953b feat: Phase 4 — AI对话引擎 + 多轮上下文 + 协作数据采集 + 失败告警 + 幂等性
Phase 4A: backend/feishu-bot/ai-chat.js — DeepSeek/通义千问 AI 模型接入
Phase 4A: backend/feishu-bot/context-manager.js — 多轮对话上下文管理
Phase 4B: push-broadcast.yml — 飞书群新广播通知
Phase 4C: backend/feishu-bot/collaboration-logger.js — 协作数据采集
Phase 4C: scripts/save-collaboration-log.js — persona-brain-db 数据对齐导出
Phase 4D: 三条链路 workflow 失败告警 → 飞书通知
Phase 4D: receive-syslog.js — 幂等性保护(相同 SYSLOG 不重复创建工单)

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-11 17:22:57 +00:00
copilot-swe-agent[bot] 6d1c3e02eb fix: address code review — env var for GitHub repo, date dedup in receive-syslog
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-11 17:17:14 +00:00
copilot-swe-agent[bot] ceb61cbac8 feat: M-BRIDGE 飞书集成 — 三条链路脚本 + 飞书机器人回传桥
- sync-login-entry.yml + .js: Notion 登录入口 → 飞书文档A (全量替换)
- push-broadcast.yml + .js: Notion 广播 → 飞书文档B (追加到顶部)
- receive-syslog.yml + .js: SYSLOG 回传 → 存入仓库 + Notion 收件箱 + 霜砚工单
- feishu-bot.js: 飞书机器人事件回调处理 (SYSLOG 回传桥)
- syslog/ 目录创建

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-11 17:12:52 +00:00
飞毛嘴帅气爱 2193d6d640 BC-M-BRIDGE-001-FM 九连胜达成:环节0-2全量验收通过,实现M-BRIDGE中继桥接服务核心功能,20项验收标准100%达标 2026-03-11 22:39:13 +08:00
飞毛嘴帅气爱 3358796316 BC-M-BRIDGE-001-FM 环节0完成:初始化Node.js项目,搭建Express3020端口基础服务,实现根路径身份接口和请求日志中间件,创建config.json统一配置和README.md模块文档 2026-03-11 22:39:13 +08:00
copilot-swe-agent[bot] 4b8d8908bc feat: 后端 Notion 开发者同步 API + 前端自动同步集成
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-08 14:52:26 +00:00
飞毛嘴帅气爱 04020060c8 M14-环节5: config统一配置+README+回归测试 2026-03-08 18:07:43 +08:00
飞毛嘴帅气爱 21310c4792 M14-环节4: 热身历史持久化+查询API 2026-03-08 17:56:28 +08:00
飞毛嘴帅气爱 e7050eaf35 M14-环节4: 热身历史持久化+查询API 2026-03-08 17:49:26 +08:00
飞毛嘴帅气爱 e63fd67bca M14-环节3: 飞书Webhook通知接入 2026-03-08 17:47:12 +08:00
liuxunxun7-max 99a992f613 M18-环节3:巡检数据持久化+历史查询API 2026-03-08 16:08:26 +08:00
淑婷陈 e53f0d23df Step 4: HLI接口目录结构完成 + 挂载/hli路由 2026-03-07 16:29:19 +08:00
淑婷陈 8958f14577 Step 3: 冷启动热身接口完成 2026-03-07 16:23:48 +08:00
淑婷陈 5749122cd1 Step 2: API Fallback 自动切换机制完成 2026-03-07 16:05:10 +08:00
淑婷陈 a48c7b96b4 页妈妈上传后端中间层代码 2026-03-07 14:36:04 +08:00