ogt
|
b9fe98f591
|
refactor: centralize config — HERMES_URL, SSH params, validate_critical_config()
- config.py: add HERMES_URL (default 192.168.0.111:11434), SSH jump params, validate_critical_config()
- services/hermes_analyst_service.py: remove hardcoded HERMES_URL, import from config
- app.py: call validate_critical_config() on startup, log warnings for optional missing vars
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-04-27 21:27:47 +08:00 |
|
ogt
|
237d3af76f
|
fix: Phase 2 P0 全清零 — 14 項安全與功能修復完成
CD Pipeline / deploy (push) Failing after 2m59s
P0-06: google_drive_service.py — pickle.load() 改 JSON token(消除 RCE 風險)
P0-07: bot_api_routes.py:30 — BOT_API_TOKEN 移除硬編碼預設值 clawdbot_momo_2026
P0-08: auto_import_index.html — showAlert innerHTML 改 createTextNode(XSS 修復)
P0-09: abc_analysis_detail.html + dashboard.html + daily_sales.html — Jinja2 | e 轉義
P0-10: openclaw_bot_routes.py:2634 — vendor PPT 補 return ppt_path(廠商報告恢復)
P0-11: telegram_bot_service.py:177-214 — cmd_start/cmd_help 補 try/except
P0-12: app.py:689-712 — 10 個 Blueprint 補齊 register(消滅 404 路由)
P0-13: auto_heal_service.py — 實作 _write_heal_log(),AIOps 稽核閉環補完
P0-14: monitoring/prometheus.yml — 取消 alert_rules comment;新增 alert_rules.yml
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-04-27 21:11:52 +08:00 |
|
ogt
|
f59b23f969
|
security: P0 修復 S1-S5 — 移除所有硬編碼密碼與 SQL Injection 漏洞
S1: config.py — LOGIN_PASSWORD 移除硬編碼預設值 0936223270,改 fail-fast
S2: config.py — SECRET_KEY 移除弱預設值,無值或預設值時 sys.exit(1)
S3: services/user_service.py — create_initial_admin 改讀 INITIAL_ADMIN_PASSWORD env
S4: app.py — 匯入流程 table_name 正規表達式白名單驗證,date_list 格式驗證
S5: database/manager.py — ALLOWED_SALES_TABLES frozenset 白名單,日期改參數化查詢
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-04-27 20:34:15 +08:00 |
|
ogt
|
0099543c05
|
fix(security): 全域健檢 — 40 項安全/Bug/品質修復
CD Pipeline / deploy (push) Failing after 5m18s
🔴 Critical
- auto_heal_service: 補 import re + sqlalchemy.text + 修正 orchestrator 變數名
+ autoheal_playbook→playbooks 表名 + _alert_and_store cooldown 修復
- aider_heal_executor: shell injection 改 shell=False + list 參數
- docker-compose: DISABLE_LOGIN 改 env var + 移除密碼 fallback + POSTGRES_HOST 修正
- app.py: /api/backup /api/run_task 等 6 個管理 API 加 @login_required
- config.py + pg_sync + e2e_test: 移除 wooo_pg_2026 hardcoded 密碼 fallback
- pg_backup.sh: 移除 TELEGRAM_TOKEN= 中間變數,直接用 $TELEGRAM_BOT_TOKEN
- migration 014: trigger_pattern→match_pattern + 補 error_type NOT NULL 欄位
🟡 High
- telegram_bot_service: str(e) 改通用訊息 + session try/finally + 移除 pa:/pr: 舊 callback
- run_scheduler: ElephantAlpha thread 死亡監控 + 自動重啟 + Telegram 告警
+ agent_context 03:30 TTL 定時清理任務
- openclaw_learning_service: build_rag_context 兩路徑加 .limit(200)
- hooks: commit-quality + momo-prod-guard 空 catch 改 stderr+exit(1)
- scripts/code_review: auto_yes 預設改 false
- db_backup_service: PGPASSWORD 透過 env dict 傳遞
📦 Migrations
- 013_autoheal: 修正建表順序 playbooks→incidents(外鍵前向引用)
- 018_add_missing_indexes: heal_logs/incidents 外鍵索引 + cleanup_expired_agent_context()
🟢 Infrastructure
- requirements.txt: 加版本下界 Flask>=2.3 SQLAlchemy>=1.4 等
- cd.yaml: 新增 run_scheduler.py + run_telegram_bot.py 監聽路徑
- .gitignore: insert_playbook_local.py 加入忽略
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-04-22 01:12:23 +08:00 |
|
ogt
|
0cc940fdb1
|
fix: 恢復 ai_bp Blueprint 並完成全站修復
CD Pipeline / deploy (push) Successful in 1m15s
1. 恢復 ai_bp (routes/ai_routes.py) register — 修復 /ai_intelligence /ai_recommend 404
2. growth_analysis: SQL 月聚合取代 748k 行全表掃描(hang → 瞬間回應)
3. abc_analysis 冷快取: 快速 error 讓 spinner UI 導回 sales_analysis
4. elephant_alpha_routes.py: 補建 Blueprint stub 消除啟動 WARNING
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-04-21 00:55:05 +08:00 |
|
ogt
|
b37658f7be
|
fix: 修復 growth_analysis/abc_analysis 全表掃描 hang + elephant_alpha Blueprint stub
CD Pipeline / deploy (push) Failing after 51s
- growth_analysis: 改用 SQL 月度聚合 (3 個 targeted queries) 取代讀取 748k 行進 pandas
- _get_filtered_sales_data: 冷快取補載時 months=0 改為 months=12,避免全表掃描 hang
- elephant_alpha_routes: 補建 Blueprint stub 解除啟動 import 失敗警告
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-04-20 20:41:06 +08:00 |
|
ogt
|
ba86f98514
|
feat: integrate Elephant Alpha ecosystem with full ADR-012/013 compliance
CD Pipeline / deploy (push) Has been cancelled
- Add ElephantService, AutonomousEngine, Orchestrator, DecisionRouter (EA 4-file stack)
- Fix 10 bugs: URL typo, SQL schema mismatches (price_records JOIN), enum mapping,
metadata_json, NemoTron PriceThreat dispatch, async/await mismatch, broken imports
- Wire ADR-012 Agent Action Ladder: EventRouter L2 → EA first + AIOrch fallback;
all decisions dual-write DB + triaged_alert Telegram; momo: callback prefix
- Wire ADR-013 AutoHeal: resource_optimization trigger → AutoHealService
- Add W3 guards: connection cache 300s TTL, $5/hr cost hard limit
- Add W4 persistence: routing decisions + agent performance snapshots → ai_insights
- Add Migration 015: confidence + created_by columns on ai_insights
- Fix run_scheduler.py broken imports (DecisionTracker service didn't exist)
- Fix verify_elephant_integration.py: check_status() → check_connection()
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-04-20 04:28:26 +08:00 |
|
ogt
|
1b4f3a7bbe
|
feat: EwoooC 初始化 — 完整專案推版至 Gitea
CD Pipeline / deploy (push) Failing after 59s
- 建立 Gitea Actions CD pipeline (.gitea/workflows/cd.yaml)
- 部署模式: rsync Python 檔案至 188 → docker restart (volume mount)
- Dockerfile/requirements 變動時自動重建 Docker image
- 部署通知: Telegram (開始/成功/失敗)
- 健康檢查: https://mo.wooo.work/health (最多 5 次重試)
- 同步最新 CLAUDE.md / ADR-008 / memory (2026-04-19)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-04-19 01:21:13 +08:00 |
|