130 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
OoO	6924c8ea8a	fix(ci): rebuild guard 容器名稱錯誤 momo-postgres → momo-db	2026-04-28 10:42:24 +08:00
OoO	b63af671f0	fix: add utils/ volume mount to scheduler + telegram-bot — logger_manager 全容器修復	2026-04-28 10:36:49 +08:00
OoO	7a0f4ef387	fix: add utils/ volume mount to momo-app — logger_manager 無法 import 根本修復	2026-04-28 10:34:15 +08:00
ogt	a97fe8cb3a	fix: url_for('dashboard') → url_for('index') — endpoint 名稱錯誤導致登入 500	2026-04-27 21:30:33 +08:00
ogt	4a648ea6bf	refactor: fix reverse dependencies — logger_manager→utils, dashboard_service extraction ... - Move SystemLogger implementation to utils/logger_manager.py (pure utility, no deps) - services/logger_manager.py becomes a backward-compat re-export shim - database/manager.py and database/vendor_manager.py now import from utils layer - Extract get_dashboard_stats() to services/dashboard_service.py - services/task_runner.py no longer imports from routes layer - routes/dashboard_routes.py get_dashboard_stats() delegates to service layer Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 21:28:23 +08:00
ogt	b9fe98f591	refactor: centralize config — HERMES_URL, SSH params, validate_critical_config() ... - config.py: add HERMES_URL (default 192.168.0.111:11434), SSH jump params, validate_critical_config() - services/hermes_analyst_service.py: remove hardcoded HERMES_URL, import from config - app.py: call validate_critical_config() on startup, log warnings for optional missing vars Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 21:27:47 +08:00
ogt	e611702bb9	refactor: unify 4 isolated SQLAlchemy Base instances to database.models.Base ... - database/import_models.py: 移除 ext.declarative.declarative_base，改用 from database.models import Base - database/notification_models.py: 同上 - database/ppt_reports.py: 移除 orm.declarative_base，改用共用 Base - database/vendor_models.py: 同上 - database/manager.py: 加入 4 個模型的 noqa import，確保 Base.metadata 完整管理所有資料表 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 21:27:20 +08:00
ogt	b0fbd063c8	fix: pchome_routes.py — permission_required 改用 role_required（auth.py 無此函數） ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 21:20:52 +08:00
ogt	3414d5bedd	fix(p1): resolve 014 migration conflict, remove orphan file, add healthchecks ... P1-14: rename migrations/014_code_fix_playbook.sql → 020_code_fix_playbook.sql to resolve duplicate 014 numbering with 014_telegram_users.sql P1-22: git rm telegram_ai_integration.py (root orphan) + remove its volume mount from docker-compose.yml telegram-bot service; services/ copy remains P1-23: add healthcheck to momo-scheduler and momo-telegram-bot containers; change VERSION:-latest to VERSION:-stable to prevent unvetted Watchtower pushes Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 21:15:40 +08:00
ogt	237d3af76f	fix: Phase 2 P0 全清零 — 14 項安全與功能修復完成 ... P0-06: google_drive_service.py — pickle.load() 改 JSON token（消除 RCE 風險） P0-07: bot_api_routes.py:30 — BOT_API_TOKEN 移除硬編碼預設值 clawdbot_momo_2026 P0-08: auto_import_index.html — showAlert innerHTML 改 createTextNode（XSS 修復） P0-09: abc_analysis_detail.html + dashboard.html + daily_sales.html — Jinja2 | e 轉義 P0-10: openclaw_bot_routes.py:2634 — vendor PPT 補 return ppt_path（廠商報告恢復） P0-11: telegram_bot_service.py:177-214 — cmd_start/cmd_help 補 try/except P0-12: app.py:689-712 — 10 個 Blueprint 補齊 register（消滅 404 路由） P0-13: auto_heal_service.py — 實作 _write_heal_log()，AIOps 稽核閉環補完 P0-14: monitoring/prometheus.yml — 取消 alert_rules comment；新增 alert_rules.yml Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 21:11:52 +08:00
ogt	f59b23f969	security: P0 修復 S1-S5 — 移除所有硬編碼密碼與 SQL Injection 漏洞 ... S1: config.py — LOGIN_PASSWORD 移除硬編碼預設值 0936223270，改 fail-fast S2: config.py — SECRET_KEY 移除弱預設值，無值或預設值時 sys.exit(1) S3: services/user_service.py — create_initial_admin 改讀 INITIAL_ADMIN_PASSWORD env S4: app.py — 匯入流程 table_name 正規表達式白名單驗證，date_list 格式驗證 S5: database/manager.py — ALLOWED_SALES_TABLES frozenset 白名單，日期改參數化查詢 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 20:34:15 +08:00
ogt	b3a7909b2b	fix: add try/except guards to all unprotected Telegram handler functions ... - Replace 2 silent `except Exception: pass` with logger.warning in handle_callback - Wrap _handle_await_callback, _handle_main_menu_callback with top-level try/except (query.answer on error) - Wrap _handle_complex_ai_response, _handle_simple_ai_response, _enhanced_keyword_matching, _process_await_input with top-level try/except (update.message.reply_text on error) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 19:47:49 +08:00
ogt	b4d208d34a	fix: replace raise with warning in nemotron/hermes + fix hardcoded host in footprint ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 19:46:04 +08:00
ogt	ac56139e74	fix: translate _get_query_suggestions to zh-TW + add missing promo_range await prompt ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 19:45:52 +08:00
ogt	c8ceec1f5f	fix: expand rule engine keywords to catch brand/strategy/investment queries ... '品牌','廠商','加碼','投資','策略','建議','市場','機會','成長', '預測','比較','推薦','最佳' now trigger complex routing → Gemini Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-26 20:23:12 +08:00
ogt	388260666e	perf: reduce Hermes timeout 25s→10s — Gemini handles main response ... Hermes on 111 GPU takes 17s+ due to concurrent load. Intent classification is just routing hint; Gemini/NVIDIA NIM does actual heavy analysis. 10s timeout → quick rule engine fallback → faster UX. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 11:09:24 +08:00
ogt	9d0e083504	fix: increase Hermes timeout 20s→25s (measured 17s from container to 111) ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 11:06:15 +08:00
ogt	05f2064346	fix: correct Gemini model name + use accessible NVIDIA NIM model ... gemini-2.5-flash-preview-05-20 → gemini-2.5-flash (correct API name) nvidia/llama-3.1-nemotron-ultra-253b-v1 → meta/llama-3.3-70b-instruct (nemotron-ultra requires premium account, llama-3.3-70b confirmed accessible) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 11:03:11 +08:00
ogt	c299abba5d	fix: restore Hermes to 111+hermes3 + add NVIDIA NIM auto-fallback for OpenClaw ... Hermes was wrongly redirected to 188 (CPU-only, 60s+ timeout). 111 has hermes3:latest with GPU acceleration (~10s response). OpenClaw now auto-detects: 1. Gemini (primary, when GEMINI_API_KEY set) 2. NVIDIA NIM nemotron-ultra (auto-fallback, NVIDIA_API_KEY already set) 3. Friendly error only when both are unavailable This implements the user-requested auto-failover pattern: always try primary first, silently fall back, restore automatically when primary recovers. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 10:31:00 +08:00
ogt	e9e0ddf54f	fix: json.dumps dict before psycopg2 insert + remove fatal raise in save_context ... save_context/_save_action_plan passed raw Python dicts as SQL bind params, causing psycopg2.ProgrammingError that propagated via raise and crashed the entire AI pipeline, forcing every natural language message to keyword fallback. Also increase Hermes intent timeout 15s→30s for qwen2.5 cold-start latency. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 10:12:20 +08:00
ogt	e4ad2432fd	fix: remove bogus SSHJumpExecutor re-export that broke telegram AI import chain ... SSHJumpExecutor class never existed in auto_heal_service.py. The dead import caused ImportError blocking telegram_ai_integration from loading, which broke all natural language conversation in the bot. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 09:47:31 +08:00
ogt	4ff291b596	fix: 修復 AI 對話無法使用 + 全面繁體中文化 ... - telegram_ai_integration.py 移至 services/ 解決 ModuleNotFoundError （momo-telegram-bot 只掛載 services/，根目錄檔案進不了容器） - import 路徑更新為 from services.telegram_ai_integration - 所有英文回覆字串改為繁體中文： · 歡迎訊息、fallback 訊息、錯誤提示 · _enhanced_keyword_matching 全英文段落 · _handle_complex_ai_response / _handle_simple_ai_response · Cancel 按鈕改「❌ 取消」、callback 改 menu:main Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 09:41:55 +08:00
ogt	d5c0feab5e	fix: Telegram bot 全功能修復 — 16個await按鈕/AI對話/模型遷移/DB schema ... ## Telegram Bot 功能修復 - 補全 16 個 await: 按鈕的 handler（日期選擇/目標設定/促銷追蹤等）， 新增 _handle_await_callback + _process_await_input 完整狀態機 - cmd: 按鈕加入 ⏳ 即時回饋 + try/except 防 BadRequest - handle_callback 加頂層 try/except 錯誤兜底 - 補 momo:cmd:suggestion + momo:menu:main callback handler - 修復 _enhanced_keyword_matching context NameError ## AI 模型遷移（hermes3@111 → qwen2.5@188） - hermes_analyst_service: URL 192.168.0.111→188, hermes3→qwen2.5:7b-instruct - code_review_pipeline: 改用 HERMES_URL/HERMES_MODEL 常數 - elephant_alpha_orchestrator / nemoton_dispatcher: registry/footprint 同步 - aider_heal_executor: OLLAMA_API_BASE fallback 改 188 - ai_routes: footprint display 字串改 qwen2.5:7b-instruct ## ElephantAlpha 404 修復 - elephant_service: openrouter→NVIDIA NIM, nvidia/llama-3.1-nemotron-ultra-253b-v1 - ai_provider: 模型 ID 同步更新 ## TELEGRAM_CHAT_ID 環境變數修正 - cicd_routes + aider_heal_executor: 優先讀 TELEGRAM_CHAT_IDS[0]， fallback TELEGRAM_CHAT_ID，修復通知靜默失敗 ## AI 對話 logging 改善 - telegram_ai_integration: Hermes 降級改 WARNING，OpenClaw 失敗加 exc_info - hermes_analyst_service: 連線失敗 log 加 host/model context ## DB Schema 修復 - migrations/019: action_plans 補齊全欄位，DROP NOT NULL action_type - autoheal_models: ActionPlan ORM 同步為超集 schema Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 03:30:14 +08:00
ogt	86d80d3f2a	fix: cd.yaml rsync 加 --ignore-errors || true，徹底防止 code 23 中斷部署 ... 雙重防護： 1. --ignore-errors：rsync 遇到 attr/type 錯誤繼續而非中止 2. || true：即使 rsync 以非 0 退出，整個 step 也不失敗 根本原因已修（templates/components symlink 在 188 恢復正確）， 這兩個 flag 作為永久安全閥，防止殘留 Docker run 歷史債再次卡死 CD。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 02:13:24 +08:00
ogt	c098152ea9	chore: verify rsync fix — templates/components symlink restored on 188 ... Root cause of code 23: templates/components was a real directory on 188 but git tracks it as a symlink (-> ../web/templates/components). rsync cannot replace a non-empty directory with a symlink without --force. Fixed on 188: rm -rf templates/components && ln -s ../web/templates/components. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 02:04:40 +08:00
ogt	5076a9e51d	fix: cd.yaml rsync code 23 — 排除 root 擁有的 alertmanager 目錄 ... 根本原因：rsync -t 嘗試更新 monitoring/alertmanager/ 時間戳， 但該目錄由 root 擁有，ollama 無寫入權，觸發 code 23。 新增排除規則： - --exclude='monitoring/alertmanager/' (root-owned, alertmanager.yml 不在 git) - --exclude='._*' (macOS 舊 rsync 遺留的資源 fork 檔案) 已同步修改 sync 與 rebuild 兩個 rsync 指令。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 01:51:01 +08:00
ogt	862ade2e20	chore: trigger CD re-run after phantom dir cleanup on 188 ... Root cause: Docker volume mount 歷史債在 188 留下 root-owned 空目錄 （vendor_routes.py / auto_import_routes.py 等），rsync type conflict code 23。 已手動 rm -rf，空提交觸發重新部署驗證。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 01:49:26 +08:00
ogt	5994084975	fix: run_scheduler _run_elephant_alpha_engine UnboundLocalError ... loop 變數在 import 失敗時未被賦值即進入 finally 導致 crash。 改為在 try 前初始化 loop = None，finally 加 None guard。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 01:45:21 +08:00
ogt	dc6597d36b	[V10.4-D] 環境變數修復：POSTGRES_PASSWORD 注入 + fail-fast 守衛 ... 修復 H7（排程器/Telegram Bot 容器中 POSTGRES_PASSWORD 為空）： - docker-compose.yml: 移除 scheduler/telegram-bot 的 \${POSTGRES_*} environment 插值行，僅保留 env_file: .env（與 188 主機已上線版本同步） - config.py: USE_POSTGRESQL=true 時，POSTGRES_PASSWORD 空值立即 raise ValueError， 避免無聲連線失敗（原本只在執行期出現 auth error） - .env.example: 新增 GEMINI_API_KEY / GEMINI_MODEL / OPENCLAW_MODEL， 附 Gemini 2.0 Flash EOL 2026-06-01 警告 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 01:43:43 +08:00
ogt	5ef4151fa5	[V10.4-C] 三 AI NLP 鏈修復：Hermes/NemoTron/OpenClaw 全線串通 ... 修復 P9-2 確認的自然語言對話完全失效問題： - services/ai_orchestrator.py: 4 處裸字串 SQL 全部包裝 text()，修復 SQLAlchemy 2.x ArgumentError - services/hermes_analyst_service.py: 新增 handle_l1() async 方法（Ollama hermes3 意圖分析 + rule-based fallback） asyncio.get_event_loop() → get_running_loop()（Py3.12+ 相容） - services/nemoton_dispatcher_service.py: 新增 handle_l2() async 方法（純 Python routing，不消耗 NIM 配額） - services/openclaw_strategist_service.py: 新增 generate_strategy_response()（Gemini 2.0 Flash，無 key 時優雅降級） - telegram_ai_integration.py: 整合 OpenClaw 為第三層（complexity >= 0.7 或 dispatch_to == "openclaw"） _format_*_response 全改為繁體中文 asyncio.get_event_loop() → get_running_loop() _extract_date_range "to" → "至" Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 01:43:20 +08:00
ogt	3f7fc0aba0	[V10.4-B] Telegram 按鈕安全強化：C2/C3/H4/H6 修復 ... 修復 P9-1 全景盤點所發現的四項高優先問題： - routes/openclaw_bot_routes.py: C3: ALLOWED_USERS/ALLOWED_GROUP 白名單 fail-closed，阻擋非授權 chat H4: _seen_update_ids 改用 deque(maxlen=500) LRU 防記憶體洩漏 - services/telegram_bot_service.py: C2: 新增 momo:bpa/bpr/eig 三個 callback 分支 + handler 實作 H6: callback 滑動視窗速率限制（30次/分鐘/用戶） - services/telegram_templates.py: 修正 decision_result / ops_action_result ImportError BLOCKER 新增 _now_taipei_hhmm / _html_escape 輔助函式 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 01:42:58 +08:00
ogt	fcac03379d	[V10.4-A] 加強 commit-quality Hook + P9 文件歸檔 ... 新增 Edit/Write/MultiEdit 事件攔截（原僅攔截 git commit Bash 指令）， 補齊 getenv fallback 模式偵測，防止 hardcoded Token 透過工具直寫入檔案。 - .claude/hooks/commit-quality.js: 改寫為 PreToolUse JSON 格式，覆蓋 Edit/Write/MultiEdit - .claude/settings.json: 新增 Edit|Write|MultiEdit|Bash matcher 註冊 - .claude/hooks/__test__/commit-quality.test.sh: 4 case 自動化測試 - docs/guides/DISK_EXPANSION_GUIDE.md: 磁碟擴充 SOP 歸檔 - docs/p9_completion_report_*.md: P9-1 + P9-2 Sprint 完成報告 - docs/refactor/callback_prefix_proposal.md: 308 按鈕回呼前綴分析（Method C） - docs/refactor/openclaw_bot_routes_split_plan.md: 5999 行神檔拆分計畫 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 01:42:40 +08:00
ogt	e9b2dabffd	[V10.3] Telegram Bot AI integration and Traditional Chinese fix | services/telegram_bot_service.py, telegram_ai_integration.py	2026-04-22 15:03:47 +08:00
ogt	87e40ebcf9	fix: resolve datetime variable scope error and duplicate alert notifications ... - Fix datetime variable scope issue in openclaw_bot_routes.py by removing redundant imports - Add notification_sent flag to prevent duplicate import failure alerts in scheduler.py - Add database configuration to .env.example to fix missing POSTGRES_PASSWORD setup - Create security fix guide for hardcoded database passwords in Kubernetes configs Resolves: - Presentation report export function abnormal (datetime NameError) - Import failure alert messages being sent repeatedly - Database connection password configuration issues	2026-04-22 14:32:34 +08:00
ogt	a96306fba2	Fix Telegram bot natural language communication issue ... - Install python-telegram-bot dependency - Start Telegram bot service successfully - Confirm correct group ID (MOMO PRO - small shrimp group) - Bot now running with all commands and button interface functional - Natural language processing restored with keyword matching Fixes issue where Telegram group could not communicate using natural language.	2026-04-22 14:27:50 +08:00
ogt	9c7b794a22	add drift-scanner cleanup notes	2026-04-22 14:27:50 +08:00
ogt	03c345d46d	fix: drift-scanner pods cleanup script and guide ... - add cleanup script for failed drift-scanner pods - add comprehensive fix guide with prevention strategies - resolve pod resource issues in K8s cluster	2026-04-22 11:14:48 +08:00
ogt	9793f7f5ed	fix(code-review): EA 決策改為 ADR-014 全自動修復策略 ... 任何 finding 一律觸發 AiderHeal 自動修復，安全網為 Git+Gitea CI/CD 回滾防線。 移除 HIGH 1-2 → 人工審查的錯誤門檻，fix_files 範圍擴展至所有有問題的檔案。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 09:54:20 +08:00
ogt	efd05a2f65	fix(bot): 修復 /bot/internal/cmd 呼叫未定義 verify_internal_token ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 09:46:07 +08:00
ogt	6852609cba	fix(db): 補建 ai_insights / action_plans 表 ... 這兩張表從未存在於生產 DB，導致： - Code Review 每次 _save_to_db() 靜默失敗 - get_history() 永遠返回空陣列 - /code-review/ 頁面歷史永遠空白 已直接在 production DB 執行 CREATE TABLE； 同步更新 docker/postgres/init/01-init.sql， 確保未來重建 DB 時自動建表。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 09:25:38 +08:00
ogt	1cc8190bfc	fix(code-review): 修復頁面空白的 race condition ... loadHistory() 完成後才是自動載入最新記錄的正確時機； 原本放在 poll() 的觸發點在 _historyData 還未填充時就已執行， 導致條件永遠不成立，頁面一直顯示佔位符。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 09:22:10 +08:00
ogt	28acdc19ae	fix(scheduler): 修復 Gunicorn 4 workers 重複發送排程通知 ... 根因：APScheduler 在 openclaw_bot_routes.py 透過 record_once 啟動， 但 record_once 只防止同一 process 內重複；Gunicorn --workers 4 有 4 個獨立 worker process，各自啟動一個 scheduler，導致早報/晚報/Excel 每次觸發都送出 4 份。 修復：start_scheduler() 改用 fcntl.LOCK_EX|LOCK_NB 搶佔 /tmp/openclaw_scheduler.lock， 只有搶到鎖的 worker 啟動排程，其餘 3 個 worker 靜默跳過。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 09:21:24 +08:00
ogt	b11789db77	fix(telegram+review): 修復 PPT 按鈕無反應 + Code Review 頁面空白 ... PPT 按鈕： - telegram_bot_service.py 新增 cmd:* handler，透過 Thread 轉發到 OpenClaw Flask 內部 API（/bot/internal/cmd） - openclaw_bot_routes.py 新增 /bot/internal/cmd 端點，背景執行 handle_cmd() Code Review 頁面： - get_history() 補回 findings / openclaw_report 欄位 - code_review.html history 項目可點擊，自動載入詳細內容 - poll() 無 active pipeline 時自動顯示最新歷史記錄 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 08:56:10 +08:00
ogt	5761aeb1ce	fix(cd): 修復 CD Pipeline 11 項安全/可靠性問題 ... 🔴 Critical: C1 commit message injection: 所有 ${{ }} 值改走 env: 區塊隔離，不直接嵌入 shell C2 SSH StrictHostKeyChecking: 改用 known_hosts 驗證，支援 SSH_HOST_KEY secret 🟠 High: H1 rsync excludes 對齊: Rebuild 模式補齊 .gitea/ .claude/ docs/ *.md 等 7 條 H2 --force-recreate: Rebuild 模式加入強制重建，防止靜默更新失敗 H3 健康檢查強化: 加入 SSH 驗三容器 Running 狀態（scheduler/telegram-bot） H4 緊急回滾: 部署失敗時自動嘗試 docker restart 三容器回復服務 H5 ADR-011 守衛: Rebuild 前確認 momo-postgres 存活才繼續 🟡 Medium: M1 .claude/ 加入 rsync excludes（不同步 hook 腳本至 188） M2 *.md 加入 rsync excludes（根目錄 markdown 不需同步） M3 workflow_dispatch 新增 force_rebuild boolean 輸入 M4 cancel-in-progress 已知風險記入檔頭注意事項 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 01:53:19 +08:00
ogt	b6fa303ab3	fix(cd): 新增 scripts/** 與 .claude/** 至 CI/CD 觸發路徑 ... 修正：scripts/ 與 .claude/ 變更不觸發 CD Pipeline 的異常 補上觸發規則後，review.md + tg_notify.sh 的變更也會進入 Actions Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 01:44:47 +08:00
ogt	4cdf0793a4	fix(review): 修復 /review 機制的 7 個審查問題 ... 必修: - 路由表新增 .sh → critic、.yaml/.yml → tool-expert 兩條規則 - refactor-specialist 改為並行（不取代 critic），確保 vuln-verifier 觸發條件正確 - Phase B 觸發條件從 'critic 含 🔴' 改為 '任一主審 Agent 含 🔴' 選修: - Stage 0 新增 >2000 行 diff 保護（降級為 --stat 摘要） - Stage 2.5 移除 '立即' 矛盾描述，改為 'Phase A 全回報後逐一發送' - tg_notify.sh: 新增 CHAT_IDS 解析後空值守衛 - tg_notify.sh: 改用 printf | --data-urlencode 'text@-' 支援多行訊息 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 01:39:39 +08:00
ogt	a45b61f326	feat(review): 新增 /review pre-commit code review slash command ... - .claude/commands/review.md: 整合 12 Agent 的 pre-commit review 指令 + 依 diff 類型路由：critic / db-expert / migration-engineer / tool-expert + Phase B 條件觸發 vuln-verifier（critic 發現 🔴 時） + ≥10 Python 檔案改派 refactor-specialist 主審 + 最終判決：BLOCKED / CAUTION / APPROVED - scripts/tg_notify.sh: Telegram 告警工具 + 7 個流程節點全部發送告警（啟動/每個 Agent 完成/最終判決） + 支援 info/warn/error 三級別 + jq/bash 雙備案解析 + token 未設定時 exit 0，不阻斷 review 流程 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 01:23:57 +08:00
ogt	0099543c05	fix(security): 全域健檢 — 40 項安全/Bug/品質修復 ... 🔴 Critical - auto_heal_service: 補 import re + sqlalchemy.text + 修正 orchestrator 變數名 + autoheal_playbook→playbooks 表名 + _alert_and_store cooldown 修復 - aider_heal_executor: shell injection 改 shell=False + list 參數 - docker-compose: DISABLE_LOGIN 改 env var + 移除密碼 fallback + POSTGRES_HOST 修正 - app.py: /api/backup /api/run_task 等 6 個管理 API 加 @login_required - config.py + pg_sync + e2e_test: 移除 wooo_pg_2026 hardcoded 密碼 fallback - pg_backup.sh: 移除 TELEGRAM_TOKEN= 中間變數，直接用 $TELEGRAM_BOT_TOKEN - migration 014: trigger_pattern→match_pattern + 補 error_type NOT NULL 欄位 🟡 High - telegram_bot_service: str(e) 改通用訊息 + session try/finally + 移除 pa:/pr: 舊 callback - run_scheduler: ElephantAlpha thread 死亡監控 + 自動重啟 + Telegram 告警 + agent_context 03:30 TTL 定時清理任務 - openclaw_learning_service: build_rag_context 兩路徑加 .limit(200) - hooks: commit-quality + momo-prod-guard 空 catch 改 stderr+exit(1) - scripts/code_review: auto_yes 預設改 false - db_backup_service: PGPASSWORD 透過 env dict 傳遞 📦 Migrations - 013_autoheal: 修正建表順序 playbooks→incidents（外鍵前向引用） - 018_add_missing_indexes: heal_logs/incidents 外鍵索引 + cleanup_expired_agent_context() 🟢 Infrastructure - requirements.txt: 加版本下界 Flask>=2.3 SQLAlchemy>=1.4 等 - cd.yaml: 新增 run_scheduler.py + run_telegram_bot.py 監聽路徑 - .gitignore: insert_playbook_local.py 加入忽略 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 01:12:23 +08:00
ogt	61a9c4c1e3	fix(hooks): 移除重複的 commit-quality.js 呼叫 ... 全域 ~/.claude/hooks/commit-quality.js 已透過 secrets.local.json 涵蓋 Telegram/Gemini/Gitea pattern，momo project 設定不需再執行一次 避免每次 commit 重複告警兩次 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-21 23:46:21 +08:00
ogt	a13683d655	refactor(claude): Phase B — momo CLAUDE.md 去重 + secrets.local.json ... - CLAUDE.md V12.0: 移除與全域重複的 P7/P9/P10、三紅線、委派表、PUA/Loop Mode 保留 momo 專屬：環境索引、容器架構、診斷指令、CI/CD、PPT 系統、安全架構 - 新增 .claude/hooks/secrets.local.json: Telegram/Gemini/Gitea token 偵測 pattern 由全域 commit-quality.js 自動載入，補充 momo 環境的專屬保護 - 新增 .claude/skills/telegram-bot-menu-restoration.py (已存在，補 track) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-21 23:13:18 +08:00