@liangjie559567/ultrapower 7.5.2 → 7.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (132) hide show
  1. package/.claude-plugin/marketplace.json +2 -2
  2. package/.claude-plugin/plugin.json +1 -1
  3. package/README.md +12 -1
  4. package/dist/cli/commands/repair.d.ts +3 -0
  5. package/dist/cli/commands/repair.d.ts.map +1 -0
  6. package/dist/cli/commands/repair.js +130 -0
  7. package/dist/cli/commands/repair.js.map +1 -0
  8. package/dist/features/analytics-dashboard/metrics-collector.d.ts.map +1 -1
  9. package/dist/features/analytics-dashboard/metrics-collector.js +4 -0
  10. package/dist/features/analytics-dashboard/metrics-collector.js.map +1 -1
  11. package/dist/features/analytics-dashboard/storage.d.ts +22 -2
  12. package/dist/features/analytics-dashboard/storage.d.ts.map +1 -1
  13. package/dist/features/analytics-dashboard/storage.js.map +1 -1
  14. package/dist/features/analytics-dashboard/tracker.d.ts.map +1 -1
  15. package/dist/features/analytics-dashboard/tracker.js +14 -2
  16. package/dist/features/analytics-dashboard/tracker.js.map +1 -1
  17. package/dist/features/personalized-recommendation/behavior-tracker.js +1 -1
  18. package/dist/features/personalized-recommendation/behavior-tracker.js.map +1 -1
  19. package/dist/features/personalized-recommendation/recommender.d.ts +1 -1
  20. package/dist/features/personalized-recommendation/recommender.d.ts.map +1 -1
  21. package/dist/features/personalized-recommendation/recommender.js +1 -1
  22. package/dist/features/personalized-recommendation/recommender.js.map +1 -1
  23. package/dist/features/quality-gate/gate-checker.d.ts.map +1 -1
  24. package/dist/features/quality-gate/gate-checker.js +2 -1
  25. package/dist/features/quality-gate/gate-checker.js.map +1 -1
  26. package/dist/hooks/bridge-converter.d.ts +8 -0
  27. package/dist/hooks/bridge-converter.d.ts.map +1 -1
  28. package/dist/hooks/bridge-converter.js +38 -0
  29. package/dist/hooks/bridge-converter.js.map +1 -1
  30. package/dist/hooks/handlers/route-map.js +6 -6
  31. package/dist/hooks/handlers/route-map.js.map +1 -1
  32. package/dist/hooks/handlers/stop-continuation.d.ts.map +1 -1
  33. package/dist/hooks/handlers/stop-continuation.js.map +1 -1
  34. package/dist/hooks/keyword-detector/conflict-resolver.d.ts +16 -0
  35. package/dist/hooks/keyword-detector/conflict-resolver.d.ts.map +1 -0
  36. package/dist/hooks/keyword-detector/conflict-resolver.js +41 -0
  37. package/dist/hooks/keyword-detector/conflict-resolver.js.map +1 -0
  38. package/dist/hooks/persistent-mode/index.js +2 -2
  39. package/dist/hooks/persistent-mode/index.js.map +1 -1
  40. package/dist/hooks/processors/permissionRequest.d.ts.map +1 -1
  41. package/dist/hooks/processors/permissionRequest.js.map +1 -1
  42. package/dist/hooks/ultrawork/index.js +3 -3
  43. package/dist/hooks/ultrawork/index.js.map +1 -1
  44. package/dist/hooks/workflow-gate/index.js +4 -4
  45. package/dist/hooks/workflow-gate/index.js.map +1 -1
  46. package/dist/hud/usage-api.d.ts.map +1 -1
  47. package/dist/hud/usage-api.js +3 -2
  48. package/dist/hud/usage-api.js.map +1 -1
  49. package/dist/index.js +1 -1
  50. package/dist/index.js.map +1 -1
  51. package/dist/installer/index.js +1 -1
  52. package/dist/installer/index.js.map +1 -1
  53. package/dist/lib/atomic-write.d.ts.map +1 -1
  54. package/dist/lib/atomic-write.js +21 -2
  55. package/dist/lib/atomic-write.js.map +1 -1
  56. package/dist/lib/auditLog.d.ts +1 -1
  57. package/dist/lib/auditLog.d.ts.map +1 -1
  58. package/dist/lib/crypto.d.ts +3 -0
  59. package/dist/lib/crypto.d.ts.map +1 -0
  60. package/dist/lib/crypto.js +60 -0
  61. package/dist/lib/crypto.js.map +1 -0
  62. package/dist/lib/deadlock-detector.d.ts +21 -0
  63. package/dist/lib/deadlock-detector.d.ts.map +1 -0
  64. package/dist/lib/deadlock-detector.js +74 -0
  65. package/dist/lib/deadlock-detector.js.map +1 -0
  66. package/dist/lib/fs-utils.d.ts +11 -0
  67. package/dist/lib/fs-utils.d.ts.map +1 -0
  68. package/dist/lib/fs-utils.js +32 -0
  69. package/dist/lib/fs-utils.js.map +1 -0
  70. package/dist/lib/logger.d.ts +7 -1
  71. package/dist/lib/logger.d.ts.map +1 -1
  72. package/dist/lib/logger.js +23 -4
  73. package/dist/lib/logger.js.map +1 -1
  74. package/dist/lib/state-adapter.d.ts +3 -2
  75. package/dist/lib/state-adapter.d.ts.map +1 -1
  76. package/dist/lib/state-adapter.js +12 -3
  77. package/dist/lib/state-adapter.js.map +1 -1
  78. package/dist/security/concurrency-control.d.ts +1 -1
  79. package/dist/security/concurrency-control.d.ts.map +1 -1
  80. package/dist/security/tenant-isolator.js.map +1 -1
  81. package/dist/state/index.d.ts +2 -0
  82. package/dist/state/index.d.ts.map +1 -1
  83. package/dist/state/index.js +8 -6
  84. package/dist/state/index.js.map +1 -1
  85. package/dist/state/migration/integrity.d.ts.map +1 -1
  86. package/dist/state/migration/integrity.js +1 -2
  87. package/dist/state/migration/integrity.js.map +1 -1
  88. package/dist/tools/lsp-tools.js.map +1 -1
  89. package/dist/workers/sqlite-adapter.d.ts.map +1 -1
  90. package/dist/workers/sqlite-adapter.js.map +1 -1
  91. package/docs/CLAUDE.md +1 -1
  92. package/docs/INSTALL.md +2 -2
  93. package/docs/REFERENCE.md +2 -2
  94. package/docs/audit/direct-write-scan.md +88 -0
  95. package/docs/audit/subagent-stop-scan.md +48 -0
  96. package/docs/dev-experience/README.md +226 -0
  97. package/docs/dev-experience/best-practices.md +364 -0
  98. package/docs/dev-experience/quick-reference.md +114 -0
  99. package/docs/dev-experience/troubleshooting-guide.md +280 -0
  100. package/docs/dev-standards/AGENTS.md +68 -68
  101. package/docs/glossary.md +174 -0
  102. package/docs/plans/2026-03-14-mcp-intelligent-orchestration.md +679 -679
  103. package/docs/prd/bugs-pain-points-audit-dag.md +297 -0
  104. package/docs/prd/bugs-pain-points-audit-draft.md +154 -0
  105. package/docs/prd/bugs-pain-points-audit-manifest.md +830 -0
  106. package/docs/prd/bugs-pain-points-audit-rough.md +654 -0
  107. package/docs/research/deadlock-detection-poc.md +275 -0
  108. package/docs/reviews/bugs-pain-points-audit/review_critic.md +213 -0
  109. package/docs/reviews/bugs-pain-points-audit/review_domain.md +247 -0
  110. package/docs/reviews/bugs-pain-points-audit/review_product.md +189 -0
  111. package/docs/reviews/bugs-pain-points-audit/review_tech.md +382 -0
  112. package/docs/reviews/bugs-pain-points-audit/review_ux.md +161 -0
  113. package/docs/reviews/bugs-pain-points-audit/summary.md +129 -0
  114. package/docs/security/command-injection-scan.md +223 -0
  115. package/docs/security/path-traversal-scan-report.md +229 -0
  116. package/docs/security/sensitive-data-inventory.md +170 -0
  117. package/docs/security/sensitive-data-violations.md +388 -0
  118. package/docs/standards/README.md +1 -1
  119. package/docs/standards/cascade-failure.md +324 -0
  120. package/docs/tech-debt/classification.md +190 -0
  121. package/docs/tech-debt/cleanup-report.md +172 -0
  122. package/docs/testing/client-additional-test-fix.md +64 -0
  123. package/docs/testing/concurrent-write-test-fix.md +111 -0
  124. package/docs/testing/coverage-report.md +274 -0
  125. package/docs/testing/phase2-test-coverage-completion.md +223 -0
  126. package/docs/testing/phase2-week3-docs-completion.md +271 -0
  127. package/docs/testing/phase2-week4-observability-completion.md +324 -0
  128. package/docs/testing/phase3-completion.md +324 -0
  129. package/docs/testing/test-fix-progress-2026-03-16.md +75 -0
  130. package/docs/testing/test-fix-summary.md +197 -0
  131. package/docs/testing/timer-buffer-test-fix.md +117 -0
  132. package/package.json +10 -10
@@ -0,0 +1,388 @@
1
+ # 敏感数据违规扫描报告
2
+
3
+ **扫描时间**: 2026-03-16
4
+ **扫描范围**: src/**/*.ts, .omc/state/**/*.json
5
+ **扫描工具**: Grep (正则模式匹配)
6
+
7
+ ---
8
+
9
+ ## 扫描摘要
10
+
11
+ - **扫描文件数**: 721 个 TypeScript 源文件 + 状态文件
12
+ - **发现违规点**: 12 个高风险点
13
+ - **高风险**: 8 个
14
+ - **中风险**: 4 个
15
+ - **低风险**: 0 个
16
+
17
+ ---
18
+
19
+ ## 违规点详情
20
+
21
+ ### 高风险违规 (8)
22
+
23
+ #### 1. src/hud/usage-api.ts:171
24
+ **字段**: password (Keychain 访问)
25
+ **风险等级**: 高
26
+ **当前状态**: 明文命令行调用
27
+ **代码片段**:
28
+ ```typescript
29
+ '/usr/bin/security find-generic-password -s "Claude Code-credentials" -w 2>/dev/null'
30
+ ```
31
+ **修复建议**:
32
+ - 已使用系统 Keychain,符合安全标准
33
+ - 无需修复(误报:这是读取加密存储的凭证,非明文存储)
34
+
35
+ ---
36
+
37
+ #### 2. src/providers/bitbucket.ts:12-14
38
+ **字段**: BITBUCKET_APP_PASSWORD
39
+ **风险等级**: 高
40
+ **当前状态**: 从环境变量读取,用于 Basic Auth
41
+ **代码片段**:
42
+ ```typescript
43
+ const appPassword = process.env.BITBUCKET_APP_PASSWORD;
44
+ if (username && appPassword) {
45
+ return `Basic ${Buffer.from(`${username}:${appPassword}`).toString('base64')}`;
46
+ }
47
+ ```
48
+ **修复建议**:
49
+ - 环境变量读取符合安全实践
50
+ - 建议:添加环境变量验证和错误处理
51
+ - 建议:在日志中脱敏 appPassword
52
+
53
+ ---
54
+
55
+ #### 3. src/audit/logger.ts:19-42
56
+ **字段**: secretKey (HMAC 签名密钥)
57
+ **风险等级**: 高
58
+ **当前状态**: 从环境变量 OMC_AUDIT_SECRET 派生
59
+ **代码片段**:
60
+ ```typescript
61
+ private secretKey: Buffer | null;
62
+ private deriveSecretKey(): Buffer | null {
63
+ const seed = process.env.OMC_AUDIT_SECRET;
64
+ // ...
65
+ }
66
+ ```
67
+ **修复建议**:
68
+ - 已使用 scrypt 密钥派生,符合安全标准
69
+ - 无需修复(已正确实现)
70
+
71
+ ---
72
+
73
+ #### 4. src/lib/logger.ts:8
74
+ **字段**: SENSITIVE_FIELDS 常量定义
75
+ **风险等级**: 高
76
+ **当前状态**: 用于自动脱敏
77
+ **代码片段**:
78
+ ```typescript
79
+ const SENSITIVE_FIELDS = ['token', 'apiKey', 'password', 'secret', 'accessToken', 'refreshToken', 'privateKey'];
80
+ ```
81
+ **修复建议**:
82
+ - 这是安全防护代码,非违规点
83
+ - 建议:补充 'credential', 'webhookSecret', 'clientSecret', 'encryptionKey', 'signingKey'
84
+
85
+ ---
86
+
87
+ #### 5. src/observability/masker.ts:3-4
88
+ **字段**: password, apiKey 正则模式
89
+ **风险等级**: 高
90
+ **当前状态**: 用于日志脱敏
91
+ **代码片段**:
92
+ ```typescript
93
+ password: /(password|passwd|pwd)[\s:=]+\S+/gi,
94
+ apiKey: /\b[a-zA-Z0-9_-]{20,}\b/g,
95
+ ```
96
+ **修复建议**:
97
+ - 这是安全防护代码,非违规点
98
+ - 无需修复
99
+
100
+ ---
101
+
102
+ #### 6. src/hud/usage-api.ts:44-48 (OAuthCredentials 接口)
103
+ **字段**: accessToken, refreshToken
104
+ **风险等级**: 高
105
+ **当前状态**: 接口定义,实际存储在 Keychain 或加密文件
106
+ **代码片段**:
107
+ ```typescript
108
+ interface OAuthCredentials {
109
+ accessToken: string;
110
+ expiresAt?: number;
111
+ refreshToken?: string;
112
+ source: 'keychain' | 'file';
113
+ }
114
+ ```
115
+ **修复建议**:
116
+ - macOS: 使用系统 Keychain (已加密)
117
+ - Linux: 存储在 ~/.claude/.credentials.json
118
+ - **需要修复**: Linux 文件存储应加密
119
+
120
+ ---
121
+
122
+ #### 7. src/index.ts:213
123
+ **字段**: apiKey (Sisyphus 配置选项)
124
+ **风险等级**: 高
125
+ **当前状态**: 接口定义,从环境变量 ANTHROPIC_API_KEY 读取
126
+ **代码片段**:
127
+ ```typescript
128
+ /** API key (default: from ANTHROPIC_API_KEY env) */
129
+ apiKey?: string;
130
+ ```
131
+ **修复建议**:
132
+ - 环境变量读取符合安全实践
133
+ - 无需修复
134
+
135
+ ---
136
+
137
+ #### 8. src/config/loader.ts:190-193
138
+ **字段**: EXA_API_KEY
139
+ **风险等级**: 高
140
+ **当前状态**: 从环境变量读取并传递给 MCP 服务器
141
+ **代码片段**:
142
+ ```typescript
143
+ if (process.env.EXA_API_KEY) {
144
+ config.mcpServers = {
145
+ ...config.mcpServers,
146
+ exa: { enabled: true, apiKey: process.env.EXA_API_KEY }
147
+ };
148
+ }
149
+ ```
150
+ **修复建议**:
151
+ - 环境变量读取符合安全实践
152
+ - **需要修复**: 配置对象中的 apiKey 应在序列化时脱敏
153
+
154
+ ---
155
+
156
+ ### 中风险违规 (4)
157
+
158
+ #### 9. .omc/state/**/*.json (sessionId 字段)
159
+ **字段**: sessionId
160
+ **风险等级**: 中
161
+ **当前状态**: 明文存储在状态文件中
162
+ **示例文件**:
163
+ - `.omc/state/hud-state.json`
164
+ - `.omc/state/ultrawork.json`
165
+ - `.omc/state/sessions/test-session/ultrawork-state.json`
166
+
167
+ **修复建议**:
168
+ - sessionId 是会话标识符,中等敏感度
169
+ - 建议:对长期存储的 sessionId 进行哈希处理
170
+ - 建议:定期清理过期会话状态文件
171
+
172
+ ---
173
+
174
+ #### 10. src/notifications/reply-listener.ts:53
175
+ **字段**: 环境变量白名单 (防止凭证泄露)
176
+ **风险等级**: 中
177
+ **当前状态**: 安全防护代码
178
+ **代码片段**:
179
+ ```typescript
180
+ // This prevents leaking sensitive variables like ANTHROPIC_API_KEY, GITHUB_TOKEN, etc.
181
+ ```
182
+ **修复建议**:
183
+ - 这是安全防护代码,非违规点
184
+ - 无需修复
185
+
186
+ ---
187
+
188
+ #### 11. src/lib/env-validator.ts:21-25
189
+ **字段**: API key 环境变量白名单
190
+ **风险等级**: 中
191
+ **当前状态**: 用于环境变量验证
192
+ **代码片段**:
193
+ ```typescript
194
+ 'ANTHROPIC_API_KEY',
195
+ 'OPENAI_API_KEY',
196
+ 'GOOGLE_API_KEY',
197
+ 'GEMINI_API_KEY',
198
+ 'CODEX_API_KEY',
199
+ ```
200
+ **修复建议**:
201
+ - 这是安全防护代码,非违规点
202
+ - 无需修复
203
+
204
+ ---
205
+
206
+ #### 12. src/team/permissions.ts:177
207
+ **字段**: secrets 目录路径
208
+ **风险等级**: 中
209
+ **当前状态**: 用于路径访问控制
210
+ **代码片段**:
211
+ ```typescript
212
+ '**/secrets/**',
213
+ ```
214
+ **修复建议**:
215
+ - 这是安全防护代码,非违规点
216
+ - 无需修复
217
+
218
+ ---
219
+
220
+ ## 修复优先级清单
221
+
222
+ ### P0 - 立即修复 (关键)
223
+
224
+ 1. **Linux 凭证文件加密**
225
+ - 文件: `src/hud/usage-api.ts`
226
+ - 问题: `~/.claude/.credentials.json` 在 Linux 上明文存储
227
+ - 修复: 使用 AES-256-GCM 加密存储
228
+ - 预计工时: 4 小时
229
+
230
+ 2. **配置序列化脱敏**
231
+ - 文件: `src/config/loader.ts`, `src/shared/types.ts`
232
+ - 问题: apiKey 字段在配置对象序列化时可能泄露
233
+ - 修复: 添加 toJSON() 方法自动脱敏
234
+ - 预计工时: 2 小时
235
+
236
+ ---
237
+
238
+ ### P1 - 高优先级 (重要)
239
+
240
+ 3. **扩展敏感字段列表**
241
+ - 文件: `src/lib/logger.ts`
242
+ - 问题: SENSITIVE_FIELDS 不完整
243
+ - 修复: 补充 'credential', 'webhookSecret', 'clientSecret', 'encryptionKey', 'signingKey'
244
+ - 预计工时: 1 小时
245
+
246
+ 4. **sessionId 哈希处理**
247
+ - 文件: `.omc/state/**/*.json`
248
+ - 问题: sessionId 明文存储
249
+ - 修复: 对长期存储的 sessionId 进行 SHA-256 哈希
250
+ - 预计工时: 3 小时
251
+
252
+ ---
253
+
254
+ ### P2 - 中优先级 (建议)
255
+
256
+ 5. **环境变量验证增强**
257
+ - 文件: `src/providers/bitbucket.ts`
258
+ - 问题: 缺少环境变量验证和错误处理
259
+ - 修复: 添加验证逻辑和友好错误提示
260
+ - 预计工时: 1 小时
261
+
262
+ 6. **状态文件清理机制**
263
+ - 文件: `.omc/state/`
264
+ - 问题: 过期会话状态文件未自动清理
265
+ - 修复: 实现定期清理任务 (保留 7 天)
266
+ - 预计工时: 2 小时
267
+
268
+ ---
269
+
270
+ ## 扫描统计
271
+
272
+ ### 按文件类型分布
273
+
274
+ | 文件类型 | 扫描数量 | 发现违规 |
275
+ |---------|---------|---------|
276
+ | TypeScript 源文件 | 721 | 8 |
277
+ | JSON 状态文件 | ~50 | 4 |
278
+ | 测试文件 (已排除) | ~200 | 0 |
279
+
280
+ ### 按敏感字段类型分布
281
+
282
+ | 字段类型 | 出现次数 | 高风险 | 中风险 |
283
+ |---------|---------|--------|--------|
284
+ | password | 89 | 1 | 0 |
285
+ | secret | 156 | 2 | 1 |
286
+ | token | 1247 | 2 | 0 |
287
+ | credential | 78 | 0 | 1 |
288
+ | apiKey | 312 | 3 | 1 |
289
+
290
+ **注**: 大部分出现是在测试文件、文档和安全防护代码中,非实际违规。
291
+
292
+ ---
293
+
294
+ ## 误报分析
295
+
296
+ 以下情况被识别但不属于真正的违规:
297
+
298
+ 1. **测试文件**: 包含 `/etc/passwd`、`password123` 等测试数据
299
+ 2. **安全防护代码**: `SENSITIVE_FIELDS`、`masker.ts` 等脱敏逻辑
300
+ 3. **文档和注释**: 安全指南、示例代码中的占位符
301
+ 4. **路径遍历防护**: 测试用例中的 `../../etc/passwd` 攻击模式
302
+
303
+ 实际高风险违规点: **2 个**
304
+ 实际中风险违规点: **1 个**
305
+
306
+ ---
307
+
308
+ ## 合规性评估
309
+
310
+ ### GDPR 合规性
311
+ - ✅ 个人数据加密存储 (macOS Keychain)
312
+ - ⚠️ Linux 凭证文件需加密
313
+ - ✅ 敏感字段自动脱敏
314
+
315
+ ### PCI DSS 合规性
316
+ - ✅ 无支付相关数据存储
317
+ - N/A 不适用
318
+
319
+ ### SOC 2 合规性
320
+ - ✅ 审计日志使用 HMAC 签名
321
+ - ✅ 敏感数据访问已审计
322
+ - ⚠️ 需补充访问日志
323
+
324
+ ### HIPAA 合规性
325
+ - N/A 不涉及健康数据
326
+
327
+ ---
328
+
329
+ ## 建议行动
330
+
331
+ ### 立即行动 (本周内)
332
+ 1. 实现 Linux 凭证文件加密 (P0-1)
333
+ 2. 添加配置序列化脱敏 (P0-2)
334
+
335
+ ### 短期行动 (2 周内)
336
+ 3. 扩展敏感字段列表 (P1-3)
337
+ 4. 实现 sessionId 哈希处理 (P1-4)
338
+
339
+ ### 长期改进 (1 个月内)
340
+ 5. 环境变量验证增强 (P2-5)
341
+ 6. 状态文件清理机制 (P2-6)
342
+
343
+ ---
344
+
345
+ ## 附录
346
+
347
+ ### 扫描命令
348
+
349
+ ```bash
350
+ # 扫描 password 字段
351
+ grep -rni "(password|passwd|pwd)" src/**/*.ts --include="*.ts" --exclude="*.test.ts"
352
+
353
+ # 扫描 secret 字段
354
+ grep -rni "(secret|private[_-]?key|privatekey)" src/**/*.ts
355
+
356
+ # 扫描 token 字段
357
+ grep -rni "(token|bearer)" src/**/*.ts
358
+
359
+ # 扫描 apiKey 字段
360
+ grep -rni "(api[_-]?key|apikey)" src/**/*.ts
361
+
362
+ # 扫描 credential 字段
363
+ grep -rni "(credential|cred)" src/**/*.ts
364
+ ```
365
+
366
+ ### 正则模式 (来自 sensitive-data-inventory.md)
367
+
368
+ ```typescript
369
+ const SENSITIVE_PATTERNS = {
370
+ apiKey: /(api[_-]?key|apikey)/i,
371
+ token: /(token|bearer)/i,
372
+ credential: /(credential|cred)/i,
373
+ password: /(password|passwd|pwd)/i,
374
+ secret: /(secret|private[_-]?key|privatekey)/i,
375
+ accessToken: /(access[_-]?token|accesstoken)/i,
376
+ refreshToken: /(refresh[_-]?token|refreshtoken)/i,
377
+ authToken: /(auth[_-]?token|authtoken)/i,
378
+ clientSecret: /(client[_-]?secret|clientsecret)/i,
379
+ encryptionKey: /(encryption[_-]?key|encryptionkey)/i,
380
+ signingKey: /(signing[_-]?key|signingkey)/i,
381
+ webhookSecret: /(webhook[_-]?secret|webhooksecret)/i
382
+ };
383
+ ```
384
+
385
+ ---
386
+
387
+ **报告生成时间**: 2026-03-16 09:42 UTC
388
+ **下次扫描建议**: 每周一次,或代码变更后
@@ -5,7 +5,7 @@
5
5
  > **最后更新**: 2026-03-02
6
6
  > **真理之源**: `docs/standards/audit-report.md`
7
7
 
8
- ultrapower v7.5.2 具备 49 个 agents、70 个 skills、35 个 hooks 的完整体系。本规范体系从现有代码反向提取,覆盖运行时防护、Hook 执行顺序、状态机、Agent 生命周期、用户使用指南和贡献规范,使 ultrapower 从"能用"升级为"可靠、易用、可扩展"。
8
+ ultrapower v7.6.0 具备 49 个 agents、70 个 skills、35 个 hooks 的完整体系。本规范体系从现有代码反向提取,覆盖运行时防护、Hook 执行顺序、状态机、Agent 生命周期、用户使用指南和贡献规范,使 ultrapower 从"能用"升级为"可靠、易用、可扩展"。
9
9
 
10
10
  ---
11
11
 
@@ -0,0 +1,324 @@
1
+ # 级联失败策略规范
2
+
3
+ > **ultrapower-version**: 7.5.2
4
+ > **优先级**: P0(必须遵守)
5
+ > **真理之源**: `docs/standards/agent-lifecycle.md`
6
+ > **覆盖范围**: T-035(级联失败策略文档)
7
+
8
+ ---
9
+
10
+ ## 目录
11
+
12
+ 1. [失败传播策略](#1-失败传播策略)
13
+ 2. [依赖链中断处理](#2-依赖链中断处理)
14
+ 3. [决策树](#3-决策树)
15
+ 4. [实现指南](#4-实现指南)
16
+
17
+ ---
18
+
19
+ ## 1. 失败传播策略
20
+
21
+ ### 1.1 失败类型分类
22
+
23
+ | 失败类型 | 严重程度 | 默认传播策略 | 示例 |
24
+ | -------- | -------- | ------------ | ---- |
25
+ | `CRITICAL` | P0 | 立即停止所有依赖 Agent | 安全漏洞检测失败、数据损坏 |
26
+ | `BLOCKING` | P1 | 停止强依赖 Agent,继续弱依赖 | 编译失败、API 不可用 |
27
+ | `DEGRADED` | P2 | 继续执行(降级模式) | 性能优化失败、文档生成失败 |
28
+ | `WARNING` | P3 | 继续执行(记录警告) | 代码风格问题、非关键测试失败 |
29
+
30
+ ### 1.2 Agent 优先级定义
31
+
32
+ 基于 `agent-lifecycle.md` 的 Agent 分类:
33
+
34
+ | Agent 类型 | 优先级 | 失败影响 |
35
+ | ---------- | ------ | -------- |
36
+ | `architect`, `planner`, `analyst` | P0(关键) | 失败 → 停止所有下游 Agent |
37
+ | `executor`, `debugger`, `build-fixer` | P1(核心) | 失败 → 停止强依赖 Agent |
38
+ | `verifier`, `test-engineer` | P1(核心) | 失败 → 触发 fix 循环 |
39
+ | `code-reviewer`, `security-reviewer` | P2(重要) | 失败 → 降级继续或人工介入 |
40
+ | `style-reviewer`, `writer` | P3(辅助) | 失败 → 记录警告,继续执行 |
41
+
42
+ ### 1.3 传播决策因素
43
+
44
+ **立即停止条件**(满足任一即触发):
45
+
46
+ 1. **关键 Agent 失败**:`architect`、`planner`、`analyst` 失败
47
+ 2. **安全风险**:`security-reviewer` 检测到 P0 漏洞
48
+ 3. **数据完整性**:状态文件损坏、依赖图循环
49
+ 4. **资源耗尽**:成本超限(`COST_LIMIT_USD`)、超时(10 分钟自动终止)
50
+
51
+ **继续执行条件**(满足所有条件):
52
+
53
+ 1. **非关键 Agent**:P2/P3 优先级 Agent
54
+ 2. **无强依赖**:下游 Agent 不依赖失败 Agent 的输出
55
+ 3. **降级可行**:存在备用方案或默认行为
56
+
57
+ ---
58
+
59
+ ## 2. 依赖链中断处理
60
+
61
+ ### 2.1 依赖类型定义
62
+
63
+ 基于 `agent-lifecycle.md` 第 7 节(并行任务依赖管理):
64
+
65
+ | 依赖类型 | 定义 | 上游失败处理 |
66
+ | -------- | ---- | ------------ |
67
+ | **强依赖**(Hard Dependency) | 下游 Agent 必须使用上游输出 | 上游失败 → 下游跳过(`SKIPPED` 状态) |
68
+ | **弱依赖**(Soft Dependency) | 下游 Agent 可选使用上游输出 | 上游失败 → 下游继续(降级模式) |
69
+ | **顺序依赖**(Sequential Dependency) | 仅要求执行顺序,无数据依赖 | 上游失败 → 下游继续 |
70
+
71
+ ### 2.2 强依赖中断处理
72
+
73
+ **场景**:任务 2 强依赖任务 1 的输出
74
+
75
+ ```typescript
76
+ // 任务依赖声明
77
+ TaskUpdate({ taskId: "2", addBlockedBy: ["1"] });
78
+ ```
79
+
80
+ **失败处理流程**:
81
+
82
+ ```
83
+ 1. 任务 1 失败(status: "failed")
84
+ 2. 系统检测到任务 2 的 blockedBy 包含任务 1
85
+ 3. 任务 2 自动标记为 SKIPPED
86
+ 4. 任务 2 的下游任务递归检查依赖链
87
+ 5. 记录失败原因:`skipped_reason: "Upstream task 1 failed"`
88
+ ```
89
+
90
+ ### 2.3 弱依赖降级处理
91
+
92
+ **场景**:任务 3 弱依赖任务 1 的优化结果
93
+
94
+ ```typescript
95
+ // 弱依赖通过元数据标记
96
+ TaskCreate({
97
+ taskId: "3",
98
+ metadata: { weakDependencies: ["1"] }
99
+ });
100
+ ```
101
+
102
+ **降级处理流程**:
103
+
104
+ ```
105
+ 1. 任务 1 失败(例如:性能优化失败)
106
+ 2. 任务 3 检测到弱依赖失败
107
+ 3. 任务 3 使用默认配置继续执行
108
+ 4. 记录降级信息:`degraded: true, reason: "Weak dependency 1 failed"`
109
+ ```
110
+
111
+ ### 2.4 依赖链循环检测
112
+
113
+ 基于 `agent-lifecycle.md` 第 1.4 节(死锁检测):
114
+
115
+ ```typescript
116
+ // 常量定义(来自 subagent-tracker/index.ts)
117
+ export const DEADLOCK_CHECK_THRESHOLD = 3;
118
+
119
+ // 循环依赖检测伪代码
120
+ function detectCircularDependency(tasks: Task[]): boolean {
121
+ const visited = new Set<string>();
122
+ const recursionStack = new Set<string>();
123
+
124
+ for (const task of tasks) {
125
+ if (hasCycle(task.taskId, visited, recursionStack, tasks)) {
126
+ return true; // 检测到循环
127
+ }
128
+ }
129
+ return false;
130
+ }
131
+ ```
132
+
133
+ **循环依赖处理**:
134
+
135
+ 1. 检测到循环 → 立即标记为 `CRITICAL` 失败
136
+ 2. 停止所有涉及循环的 Agent
137
+ 3. 生成 `AgentIntervention`:`type: "deadlock"`
138
+ 4. 通知用户并提供依赖图可视化
139
+
140
+ ---
141
+
142
+ ## 3. 决策树
143
+
144
+ ### 3.1 失败传播决策流程
145
+
146
+ ```mermaid
147
+ graph TD
148
+ A[Agent 失败] --> B{Agent 优先级?}
149
+ B -->|P0 关键| C[立即停止所有依赖 Agent]
150
+ B -->|P1 核心| D{依赖类型?}
151
+ B -->|P2/P3 辅助| E[继续执行]
152
+
153
+ D -->|强依赖| F[停止强依赖 Agent]
154
+ D -->|弱依赖| G[降级模式继续]
155
+ D -->|顺序依赖| E
156
+
157
+ C --> H[标记下游为 SKIPPED]
158
+ F --> H
159
+ G --> I[标记下游为 DEGRADED]
160
+ E --> J[记录警告]
161
+
162
+ H --> K[生成失败报告]
163
+ I --> K
164
+ J --> K
165
+
166
+ K --> L{是否触发 fix 循环?}
167
+ L -->|是| M[进入 team-fix 阶段]
168
+ L -->|否| N[终止执行]
169
+ ```
170
+
171
+ ### 3.2 依赖链中断决策流程
172
+
173
+ ```mermaid
174
+ graph TD
175
+ A[上游 Agent 失败] --> B{检查下游依赖}
176
+ B --> C{依赖类型?}
177
+
178
+ C -->|强依赖| D[标记下游为 SKIPPED]
179
+ C -->|弱依赖| E{降级方案可用?}
180
+ C -->|顺序依赖| F[继续执行下游]
181
+
182
+ E -->|是| G[使用降级方案]
183
+ E -->|否| D
184
+
185
+ D --> H[递归检查下游的下游]
186
+ G --> I[标记为 DEGRADED]
187
+ F --> J[正常执行]
188
+
189
+ H --> K{还有未处理的下游?}
190
+ K -->|是| B
191
+ K -->|否| L[完成失败传播]
192
+ ```
193
+
194
+ ### 3.3 常见失败场景决策
195
+
196
+ | 场景 | Agent 类型 | 失败类型 | 决策 |
197
+ | ---- | ---------- | -------- | ---- |
198
+ | 架构设计失败 | `architect` | `CRITICAL` | 停止所有,通知用户 |
199
+ | 编译失败 | `build-fixer` | `BLOCKING` | 停止强依赖,触发 fix 循环 |
200
+ | 单元测试失败 | `test-engineer` | `BLOCKING` | 触发 fix 循环(最多 3 次) |
201
+ | 代码审查警告 | `code-reviewer` | `WARNING` | 继续执行,记录警告 |
202
+ | 文档生成失败 | `writer` | `DEGRADED` | 继续执行,跳过文档 |
203
+ | 性能优化失败 | `performance-reviewer` | `DEGRADED` | 降级为默认配置 |
204
+ | 超时(10 分钟) | 任意 Agent | `CRITICAL` | 自动终止(`auto_execute: true`) |
205
+ | 成本超限($1.0) | 任意 Agent | `WARNING` | 警告但不终止(`auto_execute: false`) |
206
+
207
+ ---
208
+
209
+ ## 4. 实现指南
210
+
211
+ ### 4.1 失败状态定义
212
+
213
+ ```typescript
214
+ // 扩展 AgentIntervention 接口(基于 agent-lifecycle.md 第 5 节)
215
+ export interface AgentFailure extends AgentIntervention {
216
+ type: "timeout" | "deadlock" | "excessive_cost" | "file_conflict" | "execution_error";
217
+ severity: "CRITICAL" | "BLOCKING" | "DEGRADED" | "WARNING";
218
+ propagation_strategy: "stop_all" | "stop_hard_deps" | "degrade" | "continue";
219
+ affected_agents: string[]; // 受影响的下游 Agent ID
220
+ }
221
+ ```
222
+
223
+ ### 4.2 依赖链遍历算法
224
+
225
+ ```typescript
226
+ // 递归标记下游 Agent
227
+ function propagateFailure(
228
+ failedAgentId: string,
229
+ tasks: Task[],
230
+ strategy: "stop_all" | "stop_hard_deps" | "degrade"
231
+ ): string[] {
232
+ const affected: string[] = [];
233
+
234
+ for (const task of tasks) {
235
+ if (task.blockedBy?.includes(failedAgentId)) {
236
+ // 检查依赖类型
237
+ const isHardDep = !task.metadata?.weakDependencies?.includes(failedAgentId);
238
+
239
+ if (strategy === "stop_all" || (strategy === "stop_hard_deps" && isHardDep)) {
240
+ task.status = "skipped";
241
+ task.metadata.skipped_reason = `Upstream agent ${failedAgentId} failed`;
242
+ affected.push(task.taskId);
243
+
244
+ // 递归处理下游
245
+ affected.push(...propagateFailure(task.taskId, tasks, strategy));
246
+ } else if (strategy === "degrade") {
247
+ task.metadata.degraded = true;
248
+ task.metadata.degraded_reason = `Weak dependency ${failedAgentId} failed`;
249
+ }
250
+ }
251
+ }
252
+
253
+ return affected;
254
+ }
255
+ ```
256
+
257
+ ### 4.3 Team Pipeline 集成
258
+
259
+ 基于 `CLAUDE.md` 的 `<team_pipeline>` 规范:
260
+
261
+ ```typescript
262
+ // team-verify 阶段失败处理
263
+ function handleVerificationFailure(
264
+ verificationResult: VerificationResult,
265
+ teamState: TeamState
266
+ ): TeamPhase {
267
+ if (verificationResult.severity === "CRITICAL") {
268
+ // 关键失败 → 直接终止
269
+ return "failed";
270
+ } else if (verificationResult.severity === "BLOCKING") {
271
+ // 阻塞失败 → 进入 fix 循环
272
+ teamState.fix_loop_count++;
273
+ if (teamState.fix_loop_count > MAX_FIX_ATTEMPTS) {
274
+ return "failed"; // 超过最大尝试次数
275
+ }
276
+ return "team-fix";
277
+ } else {
278
+ // 降级/警告 → 继续完成
279
+ teamState.metadata.degraded = true;
280
+ return "complete";
281
+ }
282
+ }
283
+ ```
284
+
285
+ ### 4.4 监控与日志
286
+
287
+ ```typescript
288
+ // 失败事件记录
289
+ interface FailureEvent {
290
+ timestamp: string;
291
+ agent_id: string;
292
+ agent_type: string;
293
+ failure_type: string;
294
+ severity: string;
295
+ propagation_strategy: string;
296
+ affected_agents: string[];
297
+ recovery_action: "retry" | "skip" | "degrade" | "abort";
298
+ }
299
+
300
+ // 写入审计日志
301
+ function logFailureEvent(event: FailureEvent): void {
302
+ const logPath = path.join(directory, ".omc", "logs", "cascade-failures.json");
303
+ appendJsonLog(logPath, event);
304
+ }
305
+ ```
306
+
307
+ ---
308
+
309
+ ## 5. 参考规范
310
+
311
+ | 规范文档 | 相关章节 |
312
+ | -------- | -------- |
313
+ | `agent-lifecycle.md` | 第 1 节(Agent 边界情况矩阵) |
314
+ | `agent-lifecycle.md` | 第 7 节(并行任务依赖管理) |
315
+ | `state-machine.md` | Team Pipeline 状态转换 |
316
+ | `CLAUDE.md` | `<team_pipeline>` 阶段路由 |
317
+
318
+ ---
319
+
320
+ ## 6. 版本历史
321
+
322
+ | 版本 | 日期 | 变更内容 |
323
+ | ---- | ---- | -------- |
324
+ | 1.0.0 | 2026-03-16 | 初始版本(T-035) |