wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 6 Packages Projects Releases Wiki Activity
4,034 Commits 195 Branches 2 Tags
2f9d72b7afd18cd4ea76e32c1f33faa585602276
Commit Graph

5 Commits

Author SHA1 Message Date
Your Name
f71c2779a8 fix(web): redact public host targets 2026-06-13 02:01:13 +08:00
Your Name
56c8a41e5b fix(web): add cheap health probe endpoint
All checks were successful
CD Pipeline / tests (push) Successful in 1m30s
Details
Code Review / ai-code-review (push) Successful in 12s
Details
CD Pipeline / build-and-deploy (push) Successful in 4m34s
Details
CD Pipeline / post-deploy-checks (push) Successful in 1m32s
Details
2026-05-31 19:10:31 +08:00
Your Name
d0591c54b0 fix(security): 體健修復 — 7項 Critical/Major 安全問題全修
Some checks failed
CD Pipeline / build-and-deploy (push) Failing after 35s
Details 
## Critical 修復 (C1-C5)
- C1: git rm --cached 03-secrets.yaml(CHANGE_ME 模板不再追蹤)
- C2: git rm --cached awoooi.db + .gitignore 加 *.db(SQLite HARD_RULES 違規)
- C3: sentry-tunnel SENTRY_HOST 改為 process.env fallback
- C4: config.py DATABASE_URL 移除 changeme default,改為必填
- C5: run_migration.py 改為 os.environ["DATABASE_URL"]

## Major 修復 (M1-M4)
- M1: auto_repair /execute 加 CSRF 保護 + AutoRepairPanel.tsx 同步
- M2: drift /rollback /adopt 加 CSRF 保護(/internal/scan 保持無 CSRF)
- M3: terminal /intent 加 CSRF 保護 + terminal.store.ts 同步
- M4: live-dashboard HOST_IPS + host-grid VIP 改為 env var

## 其他
- 新增 apps/web/.env.example(6 個 env var 說明)
- K8s deployment-web 補入 3 個新 env var
- 整合測試:新增 aider_event_repository + ai_router_feedback 真實 DB 測試
- test_terminal.py CSRF dependency override 修復

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-22 01:27:39 +08:00
OG T
2e9ccf4a26 fix(lint): 清理所有 ESLint 警告 (61→0) 
- 修復未使用變數 (prefix with _)
- 修復 type-only imports
- 修復 react-hooks/exhaustive-deps (useMemo + 依賴補齊)
- 修復 no-explicit-any (eslint-disable 標記)
- 移除未使用的 imports

涉及組件:
- demo/page, layout, page (主頁面)
- ai/* (OpenClaw, HITL, ThinkingStream)
- approval/* (ApprovalCard, LiveApprovalPanel)
- dashboard/* (HostCard, LiveDashboard, ConnectionStatus)
- incident/* (DualStateIncidentCard, ThinkingTerminal)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-29 17:06:58 +08:00
OG T
b20987e7b6 feat(sentry): Implement Sentry Tunnel to avoid local network permission dialog 
- Add /api/sentry-tunnel API Route (Next.js)
- Update sentry.client.config.ts with tunnel option
- Re-enable NEXT_PUBLIC_SENTRY_DSN in CI/CD workflows

Resolves: #45 Sentry Tunnel
See: feedback_sentry_local_network.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-24 16:16:34 +08:00