This commit consolidates a large set of host-mode security and UX fixes across backend and frontend. Security / execution model: - Make permission/execution mode switches apply immediately (no deferred pending-only behavior). - Keep runtime mode change notices durable and visible via user-message guidance path. - Add explicit runtime message source taxonomy support and persistence: user / presend / guidance / notify / sub_agent / background_command. - Ensure guidance/notify insertion is batched per tool-cycle so mid-run inserts are committed together. - Separate notify from guidance semantics for mode-change notices. - Add direct-mode auto-fallback handling visibility on frontend. Approval and command gating: - Align run_command approval pre-check logic with docker behavior for approval/auto_approval modes in host execution paths. - Keep approval retry flow and final-result semantics intact when permission errors trigger approval. - Externalize forbidden command keyword list into JSON config: config/forbidden_commands.json. - Update forbidden command rejection message to user-facing wording: 用户不允许执行包含“... ”的指令. Prompt/runtime guidance: - Refine execution-mode runtime rule text to avoid endless workaround loops: one safe alternative first, then request switching to direct mode when truly required. Chat rendering / message UX: - Prevent injected guidance/notify user-messages from incorrectly triggering assistant work header/timer chain. - Restore correct visibility after history reload while preserving runtime-source behavior. - Update user-header icon/label rendering by message source: - guidance -> 引导 + navigation icon - notify/sub_agent/background_command -> 通知 + bell icon - user/presend -> keep normal user header. - Add new icons: static/icons/navigation.svg, static/icons/bell.svg. Approval panel UX: - Convert desktop approval panel from layout-compress sidebar to overlay + blur sheet. - Fix panel transition behavior (remove unintended vertical motion; use dedicated desktop overlay transition). - Improve approval result display: - decision and reason split lines, - green/red status styling, - multiline reason rendering, - auto-collapse delay adjusted to 3s. Execution mode TTL feedback: - When direct mode auto-expires to sandbox, frontend menu state is updated from status snapshot. - Show non-auto-dismiss warning toast to explicitly notify auto-fallback. Misc consistency updates: - Execution mode label text cleanup in composer. - Runtime notice wording normalization (权限模式修改为..., 执行环境修改为...). Build/test notes: - Frontend rebuilt after UI changes. - Smoke tests passed for server refactor path.
31 lines
1.3 KiB
YAML
31 lines
1.3 KiB
YAML
- generic [active] [ref=e1]:
|
||
- banner [ref=e2]:
|
||
- generic [ref=e3]:
|
||
- link [ref=e5] [cursor=pointer]:
|
||
- /url: /
|
||
- generic [ref=e6]:
|
||
- link "抖音" [ref=e7] [cursor=pointer]:
|
||
- /url: /
|
||
- link "| 记录美好生活" [ref=e8] [cursor=pointer]:
|
||
- /url: /
|
||
- generic [ref=e12]:
|
||
- img "404 image" [ref=e13]
|
||
- generic [ref=e14]: 页面不见啦
|
||
- link "回首页看看" [ref=e15] [cursor=pointer]:
|
||
- /url: /
|
||
- generic [ref=e16]: 回首页看看
|
||
- contentinfo [ref=e17]:
|
||
- generic [ref=e19]:
|
||
- paragraph [ref=e20]:
|
||
- text: 2026 © 抖音 |
|
||
- link "京ICP备16016397号-3" [ref=e21] [cursor=pointer]:
|
||
- /url: https://beian.miit.gov.cn/
|
||
- text: "| 北京微播视界科技有限公司"
|
||
- paragraph [ref=e22]:
|
||
- link "中国互联网举报中心" [ref=e23] [cursor=pointer]:
|
||
- /url: https://www.12377.cn/
|
||
- text: "| 网络文化许可证-京网文-(2016)2282-264号 | 违法和不良信息举报:400-140-2108"
|
||
- link "京公网安备 11000002002046号" [ref=e25] [cursor=pointer]:
|
||
- /url: http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=11000002002046
|
||
- img [ref=e26]
|
||
- text: 京公网安备 11000002002046号 |