@comate/zulu 1.3.3 → 1.3.4-beta.1

package/comate-engine/assets/skills/auto-commit-comate/scripts/payload_validators.py

@@ -0,0 +1,309 @@
+"""共享 payload 验证和转换函数
+
+为 build_icafe_cards_payload.py 和 build_git_commit_payload.py 提供验证和转换逻辑。
+每个验证函数返回错误列表（list[str]），空列表表示验证通过。
+"""
+
+import json
+
+
+def _check_type(value, expected_type, path):
+    """检查值的类型，返回错误列表。"""
+    if not isinstance(value, expected_type):
+        type_name = expected_type.__name__ if isinstance(expected_type, type) else str(expected_type)
+        actual_name = type(value).__name__
+        if expected_type is str and isinstance(value, (int, float)):
+            actual_name = "数字"
+        return [f"'{path}' 应为 {type_name}，实际为 {actual_name}"]
+    return []
+
+
+def convert_icafe_cards_payload(raw):
+    """将模型传入的原始数据转换为 camelCase payload。
+
+    接受 snake_case 或 camelCase 的混合输入，完成转换和合并。
+    模型只需要把 match_card_cli.py 的输出原封传入，加上 viewMode 和 cards（排序后）。
+
+    Args:
+        raw: 模型传入的原始 dict
+
+    Returns:
+        (converted_data, errors)
+    """
+    errors = []
+
+    if not isinstance(raw, dict):
+        return None, ["输入必须是一个 JSON 对象"]
+
+    # 从 raw 中提取字段，兼容 snake_case 和 camelCase
+    cards = raw.get("cards", [])
+    space_prefix = raw.get("spacePrefix") or raw.get("space_prefix", "")
+    space_id = raw.get("spaceId") or raw.get("space_id", 0)
+    space_name = raw.get("spaceName") or raw.get("space_name", "")
+    available_spaces = raw.get("availableSpaces") or raw.get("available_spaces", [])
+    view_mode = raw.get("viewMode") or raw.get("view_mode", "")
+    defaults_raw = raw.get("defaults", {})
+
+    # 构建 defaults
+    if isinstance(defaults_raw, dict):
+        defaults = {
+            "title": defaults_raw.get("title", ""),
+            "typeId": defaults_raw.get("typeId") or defaults_raw.get("type_id", ""),
+            "typeName": defaults_raw.get("typeName") or defaults_raw.get("type_name", ""),
+            "spaceId": defaults_raw.get("spaceId") or defaults_raw.get("space_id", 0),
+        }
+    else:
+        defaults = {"title": "", "typeId": "", "typeName": "", "spaceId": 0}
+
+    # 如果模型没传 defaults 但 raw 里有顶层字段，从顶层取
+    if not defaults.get("typeId") and raw.get("available_types"):
+        defaults["typeId"] = str(raw["available_types"][0]["id"]) if raw["available_types"] else ""
+        defaults["typeName"] = raw["available_types"][0]["name"] if raw["available_types"] else ""
+    if not defaults.get("spaceId") and space_id:
+        defaults["spaceId"] = space_id
+
+    data = {
+        "cards": cards,
+        "spacePrefix": space_prefix,
+        "spaceId": space_id,
+        "spaceName": space_name,
+        "availableSpaces": available_spaces,
+        "viewMode": view_mode,
+        "defaults": defaults,
+    }
+
+    # 验证
+    errors.extend(_validate_icafe_cards(data))
+
+    return data, errors
+
+
+def _validate_icafe_cards(data):
+    """验证转换后的 icafe-cards payload。"""
+    errors = []
+
+    # cards
+    if not isinstance(data["cards"], list):
+        errors.append("'cards' 应为数组")
+    else:
+        for i, card in enumerate(data["cards"]):
+            if not isinstance(card, dict):
+                errors.append(f"'cards[{i}]' 应为对象")
+                continue
+            for key in ("sequence", "title", "type", "status"):
+                if key not in card:
+                    errors.append(f"'cards[{i}].{key}' 缺失")
+                elif not isinstance(card[key], str):
+                    # sequence 可能是数字，转成字符串
+                    if key == "sequence":
+                        card[key] = str(card[key])
+                    else:
+                        errors.append(f"'cards[{i}].{key}' 应为字符串")
+
+    # spacePrefix
+    if not isinstance(data["spacePrefix"], str):
+        errors.append("'spacePrefix' 应为字符串")
+    elif not data["spacePrefix"]:
+        errors.append("'spacePrefix' 不能为空字符串")
+
+    # spaceId
+    if not isinstance(data["spaceId"], (int, float)):
+        errors.append("'spaceId' 应为数字")
+
+    # spaceName
+    if not isinstance(data["spaceName"], str):
+        errors.append("'spaceName' 应为字符串")
+
+    # availableSpaces
+    if not isinstance(data["availableSpaces"], list):
+        errors.append("'availableSpaces' 应为数组")
+    else:
+        for i, space in enumerate(data["availableSpaces"]):
+            if not isinstance(space, dict):
+                errors.append(f"'availableSpaces[{i}]' 应为对象")
+                continue
+            for key in ("id", "prefix", "name", "types"):
+                if key not in space:
+                    errors.append(f"'availableSpaces[{i}].{key}' 缺失")
+            # types 检查（但允许为空）
+            if "types" in space and isinstance(space["types"], list):
+                for j, t in enumerate(space["types"]):
+                    if not isinstance(t, dict):
+                        errors.append(f"'availableSpaces[{i}].types[{j}]' 应为对象")
+                        continue
+                    if "id" not in t:
+                        errors.append(f"'availableSpaces[{i}].types[{j}].id' 缺失")
+                    if "name" not in t:
+                        errors.append(f"'availableSpaces[{i}].types[{j}].name' 缺失")
+
+    # viewMode
+    valid_modes = ("list", "create")
+    if not isinstance(data["viewMode"], str):
+        errors.append(f"'viewMode' 应为字符串，取值范围为 {valid_modes}")
+    elif data["viewMode"] not in valid_modes:
+        errors.append(f"'viewMode' 应为 {valid_modes} 之一，实际为 '{data['viewMode']}'")
+
+    # defaults
+    if not isinstance(data["defaults"], dict):
+        errors.append("'defaults' 应为对象")
+    else:
+        defaults = data["defaults"]
+        for key in ("title", "typeId", "typeName", "spaceId"):
+            if key not in defaults:
+                errors.append(f"'defaults.{key}' 缺失")
+        if "title" in defaults:
+            errors.extend(_check_type(defaults["title"], str, "defaults.title"))
+        if "typeId" in defaults:
+            errors.extend(_check_type(defaults["typeId"], str, "defaults.typeId"))
+        if "typeName" in defaults:
+            errors.extend(_check_type(defaults["typeName"], str, "defaults.typeName"))
+        if "spaceId" in defaults:
+            if not isinstance(defaults["spaceId"], (int, float)):
+                errors.append("'defaults.spaceId' 应为数字")
+            else:
+                defaults["spaceId"] = int(defaults["spaceId"])
+
+    # spaceId 转为 int
+    if isinstance(data["spaceId"], float):
+        data["spaceId"] = int(data["spaceId"])
+
+    return errors
+
+
+def convert_git_commit_payload(raw):
+    """将模型传入的原始数据转换为并验证 git-commit payload。
+
+    模型需要传入 commitMessage、boundCard、workspaces。
+    workspaces 中的 diffSummary 保持 snake_case（与 git_diff_cli.py 输出一致）。
+
+    Args:
+        raw: 模型传入的原始 dict
+
+    Returns:
+        (converted_data, errors)
+    """
+    errors = []
+
+    if not isinstance(raw, dict):
+        return None, ["输入必须是一个 JSON 对象"]
+
+    commit_message = raw.get("commitMessage") or raw.get("commit_message", "")
+    bound_card = raw.get("boundCard") or raw.get("boundCard") or raw.get("icafe_card")
+    workspaces = raw.get("workspaces", [])
+
+    data = {
+        "commitMessage": commit_message,
+        "boundCard": bound_card,
+        "workspaces": workspaces,
+    }
+
+    errors.extend(_validate_git_commit(data))
+
+    return data, errors
+
+
+def _validate_git_commit(data):
+    """验证转换后的 git-commit payload。"""
+    errors = []
+
+    # commitMessage
+    if not isinstance(data["commitMessage"], str):
+        errors.append("'commitMessage' 应为字符串")
+    elif not data["commitMessage"]:
+        errors.append("'commitMessage' 不能为空字符串")
+
+    # boundCard
+    bound_card = data["boundCard"]
+    if bound_card is not None and not isinstance(bound_card, dict):
+        errors.append("'boundCard' 应为对象或 null")
+    elif isinstance(bound_card, dict):
+        for key in ("sequence", "title", "type", "status", "spacePrefix"):
+            if key not in bound_card:
+                errors.append(f"'boundCard.{key}' 缺失")
+        for key in ("sequence", "title", "type", "status", "spacePrefix"):
+            if key in bound_card and not isinstance(bound_card[key], str):
+                # sequence 可能是数字
+                if key == "sequence":
+                    bound_card[key] = str(bound_card[key])
+                else:
+                    errors.append(f"'boundCard.{key}' 应为字符串")
+
+    # workspaces
+    if not isinstance(data["workspaces"], list):
+        if isinstance(data["workspaces"], str):
+            errors.append("'workspaces' 应为数组，不能是字符串")
+        else:
+            errors.append("'workspaces' 应为数组")
+    elif len(data["workspaces"]) == 0:
+        errors.append("'workspaces' 数组不能为空")
+    else:
+        for i, ws in enumerate(data["workspaces"]):
+            p = f"workspaces[{i}]"
+            if not isinstance(ws, dict):
+                errors.append(f"'{p}' 应为对象")
+                continue
+
+            ws_required = {"workspace", "repoName", "currentBranch",
+                           "remoteBranches", "hasChanges", "diffSummary"}
+            for key in ws_required:
+                if key not in ws:
+                    errors.append(f"'{p}.{key}' 缺失")
+
+            if "workspace" in ws:
+                errors.extend(_check_type(ws["workspace"], str, f"{p}.workspace"))
+            if "repoName" in ws:
+                errors.extend(_check_type(ws["repoName"], str, f"{p}.repoName"))
+            if "currentBranch" in ws:
+                errors.extend(_check_type(ws["currentBranch"], str, f"{p}.currentBranch"))
+
+            # remoteBranches
+            if "remoteBranches" in ws:
+                if not isinstance(ws["remoteBranches"], list):
+                    errors.append(f"'{p}.remoteBranches' 应为数组")
+                else:
+                    for j, branch in enumerate(ws["remoteBranches"]):
+                        bp = f"{p}.remoteBranches[{j}]"
+                        if not isinstance(branch, dict):
+                            errors.append(f"'{bp}' 应为对象")
+                            continue
+                        if "name" not in branch:
+                            errors.append(f"'{bp}.name' 缺失")
+                        elif not isinstance(branch["name"], str):
+                            errors.append(f"'{bp}.name' 应为字符串")
+                        if "isCurrent" not in branch:
+                            errors.append(f"'{bp}.isCurrent' 缺失")
+                        elif not isinstance(branch["isCurrent"], bool):
+                            errors.append(f"'{bp}.isCurrent' 应为布尔值")
+
+            # hasChanges + diffSummary 一致性
+            if "hasChanges" in ws:
+                if not isinstance(ws["hasChanges"], bool):
+                    errors.append(f"'{p}.hasChanges' 应为布尔值")
+                else:
+                    ds = ws.get("diffSummary")
+                    if not ws["hasChanges"] and ds is not None:
+                        errors.append(f"'{p}.hasChanges' 为 false 时，'{p}.diffSummary' 必须为 null")
+                    elif ws["hasChanges"] and ds is None:
+                        errors.append(f"'{p}.hasChanges' 为 true 时，'{p}.diffSummary' 不能为 null")
+                    elif ws["hasChanges"] and isinstance(ds, dict):
+                        if "changed_files" not in ds:
+                            errors.append(f"'{p}.diffSummary.changed_files' 缺失")
+                        elif not isinstance(ds["changed_files"], list):
+                            errors.append(f"'{p}.diffSummary.changed_files' 应为数组")
+                        else:
+                            for k, cf in enumerate(ds["changed_files"]):
+                                cfp = f"{p}.diffSummary.changed_files[{k}]"
+                                if not isinstance(cf, dict):
+                                    errors.append(f"'{cfp}' 应为对象")
+                                    continue
+                                for fkey, ftype in [("file", str), ("insertions", int), ("deletions", int)]:
+                                    if fkey not in cf:
+                                        errors.append(f"'{cfp}.{fkey}' 缺失")
+                                    elif not isinstance(cf[fkey], ftype):
+                                        errors.append(f"'{cfp}.{fkey}' 应为 {ftype.__name__}")
+                        if "stat_summary" not in ds:
+                            errors.append(f"'{p}.diffSummary.stat_summary' 缺失")
+                        elif not isinstance(ds["stat_summary"], str):
+                            errors.append(f"'{p}.diffSummary.stat_summary' 应为字符串")
+
+    return errors

package/comate-engine/assets/skills/code-security-comate/SKILL.md

@@ -4,6 +4,7 @@ description: 代码安全漏洞扫描与修复工具。当用户涉及以下任
 metadata:
   enableWhen:
     - isInternal
+  version: V1.3.0
 ---
 
 # Code Security - 代码安全漏洞扫描与修复
@@ -113,7 +114,7 @@ python3 scripts/parse_scan_result.py --scan-result <scan_result.json路径> --pr
 直接传入解析结果文件执行修复：
 
 ```bash
-python3 scripts/repair_vulnerability.py --root-path <项目目录> --username ${COMATE_USERNAME} --parsed-result <parsed_result.json路径>
+python3 scripts/repair_vulnerability.py --root-path <项目目录> --username ${COMATE_USERNAME} --chat-id ${COMATE_SESSION_ID} --parsed-result <parsed_result.json路径>
 ```
 
 脚本自动从 `parsed_result.json` 提取普通漏洞并按文件聚合，然后调用修复接口。