Commit Graph

15 Commits

Author SHA1 Message Date
e90610ed05 fix(frontend): 修复刷新后AI等待提示与终端侧边栏重复问题
- 修复模型调用工具后刷新页面,AI回复头部等待提示文字再次出现的bug
  - restoreTaskState 根据 hasAssistantContentEvent 精确设置 awaitingFirstContent
  - handleAiMessageStart 从头重建时保留 restoreTaskState 的设置
  - handleToolStart 兜底清除 awaitingFirstContent

- 修复刷新页面后终端侧边栏已有内容重复显示绿色箭头与输入内容的bug
  - 后端 get_snapshot/get_terminal_output 返回 last_event_time
  - 前端 TerminalPanel 基于 last_event_time 对 terminal_output 事件去重
2026-06-22 20:35:00 +08:00
6ee8cda2a7 feat(security): harden host execution model with sandbox/direct controls
This commit introduces a substantial security and runtime architecture update for host mode, with three major goals: (1) enforce OS-level sandboxing by default, (2) support a controlled temporary direct-execution escape hatch for admin users, and (3) eliminate silent fallback behavior that could hide risk.

Backend/runtime changes:\n- Added a unified host sandbox runner (macOS sandbox-exec / Linux bubblewrap+seccomp / Windows WSL2).\n- Converted host terminal creation to sandboxed interactive shells by default.\n- Kept run_command/run_python on the same execution policy and added host execution mode plumbing (sandbox|direct).\n- Added session-scoped direct mode with TTL auto-revert (default 10 minutes), configurable via environment.\n- Added execution mode APIs (GET/POST /api/execution-mode), host+admin gating, status propagation, and rate limiting.\n- Added runtime refresh hooks so tool calls honor TTL expiration and mode transitions consistently.\n- Removed docker->host silent fallback paths: docker startup/runtime failures now fail fast instead of degrading silently.\n- Added host sandbox prompt injection (host-only) to guide agent behavior under permission constraints.

Configuration and policy changes:\n- Added HOST_EXECUTION_MODE_DEFAULT and HOST_EXECUTION_DIRECT_TTL_SECONDS.\n- Added HOST_SANDBOX_MACOS_WRITABLE_PATHS to support user-defined writable path allowlists.\n- Updated macOS sandbox profile generation to use minimal defaults (workspace + tmp + /dev/null) plus explicit allowlist extensions.\n- Updated .env.example documentation for new execution/sandbox controls.

Frontend changes:\n- Extended permission popover to a two-column model (Permission + Execution Environment) for host admin sessions.\n- Added execution mode state/options to app state, fetching, and status synchronization flows.\n- Added execution mode switching action and user feedback toasts.\n- Kept warning emphasis via text styling only (removed warning border per UX request).

Validation:\n- Python syntax checks passed for modified backend modules.\n- Existing smoke tests passed: python3 -m unittest test.test_server_refactor_smoke\n- Frontend production build passed: npm run build
2026-05-10 19:19:01 +08:00
5ab3acef9c feat: 添加 terminal-guide 和 sub-agent-guide skills
- 新增 terminal-guide skill: 持久化终端使用指南
- 新增 sub-agent-guide skill: 子智能体使用指南
- 优化终端工具定义和执行逻辑
- 更新系统提示词以引用新 skills
- 添加 utils/__init__.py 模块初始化文件

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-03-16 21:17:02 +08:00
4be61fe76e feat: unify terminal session controls 2026-03-04 23:49:10 +08:00
12047ce237 feat: add terminal_input timeout hints 2026-02-25 15:21:35 +08:00
d0197c38c3 fix: expand workspace file access and paginate convo index 2026-01-25 16:13:32 +08:00
aacdfc78eb fix: fallback timeout wrapper for terminal commands 2026-01-19 21:57:59 +08:00
4617e00693 fix: improve terminal timeouts and clean outputs 2025-12-15 18:13:53 +08:00
b78921b1ca fix: correct terminal_input error reporting 2025-12-15 16:04:47 +08:00
8fe06753bb fix: stabilize terminal tool timeouts 2025-12-15 15:15:03 +08:00
7348eab83a docs: refresh readme and phase2 summary 2025-11-23 21:24:09 +08:00
b81d6760bd feat: containerize terminals and add resource controls 2025-11-23 18:49:35 +08:00
9a83f92dd9 fix: improve terminal history rendering 2025-11-21 19:06:12 +08:00
21f206559e revert: restore terminal monitor layout 2025-11-21 14:28:00 +08:00
fea932425a chore: initial import 2025-11-14 16:44:12 +08:00