ewoooc

Author	SHA1	Message	Date
OoO	943de8466c	feat(p7): Anthropic SDK + Claude Opus 4.7 接 Code Review (feature flag OFF) Some checks failed CD Pipeline / deploy (push) Has been cancelled Details Operation Ollama-First v5.0 / Phase 7 Frontier 升級 services/anthropic_service.py (新檔, 226 行) - AnthropicService 包裝 + ClaudeResponse dataclass - Ephemeral prompt cache 5 分鐘 TTL（重複 system_prompt 省 90% 成本） - usage 解析 input/output/cache_creation/cache_read 四欄位 - ANTHROPIC_API_KEY 未設或 SDK 缺失時 is_available()=False 靜默退化 code_review_pipeline_service.py — _openclaw_assess 加 L1 Claude 分支 - CODE_REVIEW_USE_CLAUDE flag (預設 OFF，等 ANTHROPIC_API_KEY 設定後翻 ON) - 路由：Claude Opus 4.7 (Arena code Elo 1548) → Gemini → ElephantAlpha 三層 - request_id 串鏈不變 ai_call_logger.py COST_TABLE 補 3 個 Claude 模型： - claude-opus-4-7: $15/$75 per M tokens (程式碼 #1) - claude-sonnet-4-6: $3/$15 per M tokens (agentic 平衡) - claude-haiku-4-5: $0.8/$4 per M tokens (輕量快速) requirements.txt: 加 anthropic>=0.40.0 .env.example: 加 ANTHROPIC_API_KEY / CODE_REVIEW_USE_CLAUDE / CLAUDE_MODEL 52 unit tests 全綠（22 logger + 18 anthropic + 5 routing + 7 security）啟用步驟（待統帥手動）： 1. .env 加 ANTHROPIC_API_KEY=sk-ant-... 2. CODE_REVIEW_USE_CLAUDE=true + restart momo-app 3. 觀察 ai_calls.cache_read_tokens > 0 確認 cache 生效 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-03 23:31:30 +08:00
OoO	6cad59f83e	feat(code-review): ADR-020 全自動修復政策 — 拆掉 CRITICAL/HIGH HITL 閘門 All checks were successful CD Pipeline / deploy (push) Successful in 2m23s Details post-deploy code review pipeline 改為「任何 finding 一律觸發 AiderHeal」，局部覆寫 ADR-012 L3 HITL（不影響 schema migration / 流量切換 / customer-facing 廣播 / AIOps prod SSH 等其他 L3 場景）。安全網改為 Git revert + Gitea CI/CD 健康檢查 + 主開關 CODE_REVIEW_AUTO_FIX_ENABLED。實作： • _ea_orchestrate / _guard_ea_decision / rule fallback 三條路徑統一為 has_findings AND AUTO_FIX_ENABLED → auto_fix=true • _guard 強制 LLM 即使回 auto_fix=False 也升級為 true（核心保證） • CODE_REVIEW_AUTO_FIX_ENABLED 預設 false → true • Telegram 文案移除「需人工審查」，改顯示主開關狀態 • action_plan status pending_review → auto_disabled（語意對齊） • aider_heal_executor 標頭 ADR-014 → ADR-020、補「直推 main」分支策略文件： • 新增 docs/adr/ADR-020-code-review-full-autoheal.md • ADR-012 加 Note 行反向引用 ADR-020 • README 索引收錄測試：tests/test_code_review_pipeline_security.py 反轉 HITL 期望，新增 5 case（含 LLM 降級被 guard 拒絕、LLM human_review_needed=true 被改 false） Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-02 23:44:01 +08:00
OoO	6bce46bbc7	fix(runtime): 強化健康檢查監控韌性 All checks were successful CD Pipeline / deploy (push) Successful in 2m29s Details	2026-05-01 14:46:49 +08:00
OoO	18b0fa8af2	chore(config): 補齊 Phase 3f env 範例契約	2026-04-30 10:25:21 +08:00
OoO	72fa166729	fix(ai): 遷移 Ollama embedding 至 api embed All checks were successful CD Pipeline / deploy (push) Successful in 1m46s Details	2026-04-30 10:24:15 +08:00
OoO	91ad98e621	feat(ai): 強化 ElephantAlpha NIM fallback All checks were successful CD Pipeline / deploy (push) Successful in 1m48s Details	2026-04-30 09:33:39 +08:00
OoO	4d5a995718	chore: 刪除孤兒 AI service 並補齊 env 範例 ADR-017 Phase 3f-5：刪除未被 runtime 引用的 elephant_alpha_decision_router、telegram_ai_integration、watcher_agent；補 .env.example 的 Aider/AutoHeal/NVIDIA/OpenClaw/backup/report/PG sync 等實際讀取變數。	2026-04-29 21:46:24 +08:00
OoO	ffeb28be95	docs: 補齊 .env.example — INITIAL_ADMIN_PASSWORD/BOT_API_TOKEN/SSH_JUMP_*	2026-04-28 14:59:19 +08:00
OoO	8331c15d1b	fix(post-3.5c): .env.example 補齊 HERMES_URL + DISABLE_LOGIN All checks were successful CD Pipeline / deploy (push) Successful in 1m19s Details P1-19： - 既有 LOGIN_PASSWORD/SECRET_KEY 補上「[必填]」註解 - 新增 DISABLE_LOGIN（auth.py:13 在用，但 .env.example 沒有） - 新增 Hermes 區塊：HERMES_URL、HERMES_TIMEOUT、EMBEDDING_HOST（註解） - 統一格式：每條前面加「[必填] / [預設 X]」標註注意：Elephant Alpha 區塊既有 ELEPHANT_ALPHA_HERMES_URL 是 Elephant 專用，與本次新增的 HERMES_URL（Hermes Module 2 用）不同變數，分開保留。	2026-04-28 12:15:59 +08:00
ogt	dc6597d36b	[V10.4-D] 環境變數修復：POSTGRES_PASSWORD 注入 + fail-fast 守衛 Some checks failed CD Pipeline / deploy (push) Failing after 1m6s Details 修復 H7（排程器/Telegram Bot 容器中 POSTGRES_PASSWORD 為空）： - docker-compose.yml: 移除 scheduler/telegram-bot 的 \${POSTGRES_*} environment 插值行，僅保留 env_file: .env（與 188 主機已上線版本同步） - config.py: USE_POSTGRESQL=true 時，POSTGRES_PASSWORD 空值立即 raise ValueError，避免無聲連線失敗（原本只在執行期出現 auth error） - .env.example: 新增 GEMINI_API_KEY / GEMINI_MODEL / OPENCLAW_MODEL，附 Gemini 2.0 Flash EOL 2026-06-01 警告 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 01:43:43 +08:00
ogt	87e40ebcf9	fix: resolve datetime variable scope error and duplicate alert notifications - Fix datetime variable scope issue in openclaw_bot_routes.py by removing redundant imports - Add notification_sent flag to prevent duplicate import failure alerts in scheduler.py - Add database configuration to .env.example to fix missing POSTGRES_PASSWORD setup - Create security fix guide for hardcoded database passwords in Kubernetes configs Resolves: - Presentation report export function abnormal (datetime NameError) - Import failure alert messages being sent repeatedly - Database connection password configuration issues	2026-04-22 14:32:34 +08:00
ogt	0099543c05	fix(security): 全域健檢 — 40 項安全/Bug/品質修復 Some checks failed CD Pipeline / deploy (push) Failing after 5m18s Details 🔴 Critical - auto_heal_service: 補 import re + sqlalchemy.text + 修正 orchestrator 變數名 + autoheal_playbook→playbooks 表名 + _alert_and_store cooldown 修復 - aider_heal_executor: shell injection 改 shell=False + list 參數 - docker-compose: DISABLE_LOGIN 改 env var + 移除密碼 fallback + POSTGRES_HOST 修正 - app.py: /api/backup /api/run_task 等 6 個管理 API 加 @login_required - config.py + pg_sync + e2e_test: 移除 wooo_pg_2026 hardcoded 密碼 fallback - pg_backup.sh: 移除 TELEGRAM_TOKEN= 中間變數，直接用 $TELEGRAM_BOT_TOKEN - migration 014: trigger_pattern→match_pattern + 補 error_type NOT NULL 欄位 🟡 High - telegram_bot_service: str(e) 改通用訊息 + session try/finally + 移除 pa:/pr: 舊 callback - run_scheduler: ElephantAlpha thread 死亡監控 + 自動重啟 + Telegram 告警 + agent_context 03:30 TTL 定時清理任務 - openclaw_learning_service: build_rag_context 兩路徑加 .limit(200) - hooks: commit-quality + momo-prod-guard 空 catch 改 stderr+exit(1) - scripts/code_review: auto_yes 預設改 false - db_backup_service: PGPASSWORD 透過 env dict 傳遞 📦 Migrations - 013_autoheal: 修正建表順序 playbooks→incidents（外鍵前向引用） - 018_add_missing_indexes: heal_logs/incidents 外鍵索引 + cleanup_expired_agent_context() 🟢 Infrastructure - requirements.txt: 加版本下界 Flask>=2.3 SQLAlchemy>=1.4 等 - cd.yaml: 新增 run_scheduler.py + run_telegram_bot.py 監聽路徑 - .gitignore: insert_playbook_local.py 加入忽略 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 01:12:23 +08:00
ogt	8df8b24043	docs: 新增 ALERT_WEBHOOK_PASSWORD 和 GITLAB_TOKEN 到 .env.example - 新增 Alert Webhook 認證設定範例 - 新增 GitLab CI/CD API token 設定範例 - 解決啟動時的環境變數警告	2026-04-20 22:45:36 +08:00
ogt	96e19b6b72	security: harden system_routes.py — auth + input validation All checks were successful CD Pipeline / deploy (push) Successful in 1m18s Details Issues fixed: 1. [CRITICAL] No authentication on destructive routes (CWE-306) POST /api/system/cleanup/docker was unauthenticated (system_bp is CSRF-exempt, before_request only refreshes session, no login check). Any unauthenticated HTTP client could trigger docker system prune. Fix: _require_internal_key() checks X-Internal-Key header against INTERNAL_API_KEY env var on all 4 routes; fail-secure if key unset. 2. [MEDIUM] Unvalidated numeric inputs in find commands (CWE-20) max_size_mb / older_than_hours came from POST body and were interpolated into find -size / -mmin args. Negative/huge values could cause unexpected behavior. Fix: _validate_int() clamps to [1..10000] / [1..8760] with defaults. 3. [LOW] find -mmin arg missing leading '+' (logic bug) '-mmin 168' matches FILES EXACTLY 168 min old, not older-than. Fix: '-mmin', f'+{older_than_hours * 60}' (+ = older than) 4. [LOW] subprocess(['date', ...]) in health_check replaced with Python datetime.now(UTC).isoformat() — no subprocess needed. INTERNAL_API_KEY added to .env.example with generation instructions. Generate with: openssl rand -hex 32 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-20 05:47:04 +08:00
ogt	ba86f98514	feat: integrate Elephant Alpha ecosystem with full ADR-012/013 compliance Some checks failed CD Pipeline / deploy (push) Has been cancelled Details - Add ElephantService, AutonomousEngine, Orchestrator, DecisionRouter (EA 4-file stack) - Fix 10 bugs: URL typo, SQL schema mismatches (price_records JOIN), enum mapping, metadata_json, NemoTron PriceThreat dispatch, async/await mismatch, broken imports - Wire ADR-012 Agent Action Ladder: EventRouter L2 → EA first + AIOrch fallback; all decisions dual-write DB + triaged_alert Telegram; momo: callback prefix - Wire ADR-013 AutoHeal: resource_optimization trigger → AutoHealService - Add W3 guards: connection cache 300s TTL, $5/hr cost hard limit - Add W4 persistence: routing decisions + agent performance snapshots → ai_insights - Add Migration 015: confidence + created_by columns on ai_insights - Fix run_scheduler.py broken imports (DecisionTracker service didn't exist) - Fix verify_elephant_integration.py: check_status() → check_connection() Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-20 04:28:26 +08:00
ogt	1b4f3a7bbe	feat: EwoooC 初始化 — 完整專案推版至 Gitea Some checks failed CD Pipeline / deploy (push) Failing after 59s Details - 建立 Gitea Actions CD pipeline (.gitea/workflows/cd.yaml) - 部署模式: rsync Python 檔案至 188 → docker restart (volume mount) - Dockerfile/requirements 變動時自動重建 Docker image - 部署通知: Telegram (開始/成功/失敗) - 健康檢查: https://mo.wooo.work/health (最多 5 次重試) - 同步最新 CLAUDE.md / ADR-008 / memory (2026-04-19) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-19 01:21:13 +08:00

16 Commits