npm - @winspan/claude-forge - Versions diffs - 8.51.1 → 8.54.3 - Mend

@winspan/claude-forge 8.51.1 → 8.54.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (409) hide show

package/DEVELOPMENT.md +290 -221
package/README.md +50 -8
package/dist/cli/commands/skills.d.ts.map +1 -1
package/dist/cli/commands/skills.js +121 -2
package/dist/cli/commands/skills.js.map +1 -1
package/dist/cli/init/hook-manager.d.ts +1 -1
package/dist/cli/init/hook-manager.d.ts.map +1 -1
package/dist/cli/init/hook-manager.js +1 -0
package/dist/cli/init/hook-manager.js.map +1 -1
package/dist/core/constants.d.ts +2 -0
package/dist/core/constants.d.ts.map +1 -1
package/dist/core/constants.js +4 -0
package/dist/core/constants.js.map +1 -1
package/dist/core/storage/events.d.ts.map +1 -1
package/dist/core/storage/events.js +0 -1
package/dist/core/storage/events.js.map +1 -1
package/dist/core/storage/maintenance.d.ts +25 -3
package/dist/core/storage/maintenance.d.ts.map +1 -1
package/dist/core/storage/maintenance.js +33 -4
package/dist/core/storage/maintenance.js.map +1 -1
package/dist/core/storage/routing.d.ts +4 -0
package/dist/core/storage/routing.d.ts.map +1 -1
package/dist/core/storage/routing.js +10 -4
package/dist/core/storage/routing.js.map +1 -1
package/dist/core/storage/sessions.d.ts +17 -0
package/dist/core/storage/sessions.d.ts.map +1 -1
package/dist/core/storage/sessions.js +64 -0
package/dist/core/storage/sessions.js.map +1 -1
package/dist/core/storage/skills.d.ts +4 -0
package/dist/core/storage/skills.d.ts.map +1 -1
package/dist/core/storage/skills.js +10 -2
package/dist/core/storage/skills.js.map +1 -1
package/dist/core/storage/sqlite.d.ts +5 -0
package/dist/core/storage/sqlite.d.ts.map +1 -1
package/dist/core/storage/sqlite.js +6 -0
package/dist/core/storage/sqlite.js.map +1 -1
package/dist/core/storage/tasks.d.ts.map +1 -1
package/dist/core/storage/tasks.js +2 -0
package/dist/core/storage/tasks.js.map +1 -1
package/dist/core/types.d.ts +7 -0
package/dist/core/types.d.ts.map +1 -1
package/dist/daemon/index.d.ts.map +1 -1
package/dist/daemon/index.js +30 -5
package/dist/daemon/index.js.map +1 -1
package/dist/daemon/skill-sync.d.ts +21 -0
package/dist/daemon/skill-sync.d.ts.map +1 -0
package/dist/daemon/skill-sync.js +75 -0
package/dist/daemon/skill-sync.js.map +1 -0
package/dist/hooks/notification.sh +1 -1
package/dist/hooks/post-tool-use.sh +1 -1
package/dist/hooks/pre-tool-use.sh +1 -1
package/dist/hooks/stop.sh +1 -1
package/dist/hooks/user-prompt-submit.sh +1 -1
package/dist/skills/official/code-simplifier.md +37 -1
package/dist/skills/official/find-skills.md +120 -1
package/dist/skills/official/official-api-design.md +14 -1
package/dist/skills/official/official-architecture-decision.md +22 -1
package/dist/skills/official/official-db-schema-design.md +19 -1
package/dist/skills/official/official-debug.md +9 -1
package/dist/skills/official/official-pr-review.md +1 -1
package/dist/skills/official/official-security-hardening.md +7 -1
package/dist/skills/official/planning-with-files.md +206 -2
package/dist/skills/official/ui-ux-pro-max.md +88 -1
package/dist/skills/official/webapp-testing.md +85 -1
package/dist/skills/registry.d.ts +1 -1
package/dist/skills/registry.d.ts.map +1 -1
package/dist/skills/registry.js +15 -4
package/dist/skills/registry.js.map +1 -1
package/dist/skills/semantic-matcher.d.ts +4 -3
package/dist/skills/semantic-matcher.d.ts.map +1 -1
package/dist/skills/semantic-matcher.js +20 -22
package/dist/skills/semantic-matcher.js.map +1 -1
package/dist/skills/upgrade-engine.d.ts +93 -0
package/dist/skills/upgrade-engine.d.ts.map +1 -0
package/dist/skills/upgrade-engine.js +447 -0
package/dist/skills/upgrade-engine.js.map +1 -0
package/dist/skills/upgrade-prompt.d.ts +20 -0
package/dist/skills/upgrade-prompt.d.ts.map +1 -0
package/dist/skills/upgrade-prompt.js +75 -0
package/dist/skills/upgrade-prompt.js.map +1 -0
package/dist/web/analytics/weekly-report.d.ts.map +1 -1
package/dist/web/analytics/weekly-report.js +21 -29
package/dist/web/analytics/weekly-report.js.map +1 -1
package/dist/web/routes/patch.d.ts.map +1 -1
package/dist/web/routes/patch.js +32 -2
package/dist/web/routes/patch.js.map +1 -1
package/dist/web/routes/sessions.d.ts.map +1 -1
package/dist/web/routes/sessions.js +9 -7
package/dist/web/routes/sessions.js.map +1 -1
package/dist/web/routes/trace.d.ts.map +1 -1
package/dist/web/routes/trace.js +2 -3
package/dist/web/routes/trace.js.map +1 -1
package/dist/web/server.d.ts.map +1 -1
package/dist/web/server.js +3 -2
package/dist/web/server.js.map +1 -1
package/package.json +12 -2
package/scripts/postinstall.cjs +21 -0
package/.claude/CLAUDE.md +0 -17
package/.eslintrc.js +0 -23
package/.prettierrc +0 -8
package/ARCHITECTURE_ISSUES.md +0 -249
package/CLAUDE.md +0 -265
package/CLAUDE.md.backup +0 -488
package/docs/concurrent-agents.md +0 -129
package/docs/design/architecture-review-20260516.md +0 -232
package/docs/design/fix-skills-data-and-set-leak-spec-20260516-1300.md +0 -219
package/docs/design/h1-storage-aggregation-spec-20260518-1121.md +0 -299
package/docs/design/h2-getdatabase-encapsulation-spec-20260518-1450.md +0 -191
package/docs/design/h3-fallback-removal-spec-20260518-1245.md +0 -76
package/docs/design/h4-index-dedup-spec-20260518-1230.md +0 -109
package/docs/design/h6-services-migration-spec-20260518-1355.md +0 -82
package/docs/design/hook-failure-queue-spec-20260516-1530.md +0 -204
package/docs/design/l1-swarm-protocol-extract-spec-20260518-1605.md +0 -106
package/docs/design/m10-forge-paths-spec-20260518-1320.md +0 -121
package/docs/design/m2-m3-tool-input-spec-20260518-1425.md +0 -131
package/docs/design/m7-routing-event-association-spec-20260518-1545.md +0 -103
package/docs/design/project-path-gitroot-spec-20260518-1715.md +0 -134
package/docs/design/refactor-phase1-spec-20260515-1600.md +0 -543
package/docs/design/refactor-phase2-spec-20260515-1700.md +0 -424
package/docs/design/task-active-gc-spec-20260518-1745.md +0 -146
package/docs/design/tasks-list-filter-pagination-spec-20260518-0930.md +0 -208
package/docs/implementation/fix-skills-data-and-set-leak-changelog-20260516-1300.md +0 -104
package/docs/implementation/h1-storage-aggregation-changelog-20260518-1121.md +0 -82
package/docs/implementation/h2-final-changelog-20260518-1530.md +0 -61
package/docs/implementation/h2-phase1-safety-net-changelog-20260518-1450.md +0 -70
package/docs/implementation/h2-phase2-operations-changelog-20260518-1450.md +0 -120
package/docs/implementation/h2-phase3-callsites-changelog-20260518-1450.md +0 -71
package/docs/implementation/h3-fallback-removal-changelog-20260518-1245.md +0 -71
package/docs/implementation/h4-index-dedup-changelog-20260518-1230.md +0 -60
package/docs/implementation/h6-services-migration-changelog-20260518-1355.md +0 -46
package/docs/implementation/h7-m9-defaults-changelog-20260518-1300.md +0 -46
package/docs/implementation/hook-failure-queue-changelog-20260516-1530.md +0 -196
package/docs/implementation/hotfix-daemon-event-reject-20260516-1430.md +0 -56
package/docs/implementation/l1-swarm-protocol-extract-changelog-20260518-1605.md +0 -45
package/docs/implementation/l3-l4-daemon-perf-changelog-20260518-1410.md +0 -63
package/docs/implementation/l6-l8-final-cleanup-changelog-20260518-1640.md +0 -38
package/docs/implementation/m1-m4-m5-l7-cleanup-changelog-20260518-1310.md +0 -58
package/docs/implementation/m10-forge-paths-changelog-20260518-1320.md +0 -60
package/docs/implementation/m2-m3-tool-input-changelog-20260518-1425.md +0 -43
package/docs/implementation/m6-m8-naming-shutdown-changelog-20260518-1340.md +0 -56
package/docs/implementation/m7-routing-association-changelog-20260518-1545.md +0 -69
package/docs/implementation/project-path-gitroot-changelog-20260518-1715.md +0 -63
package/docs/implementation/refactor-phase1-changelog-20260515-1630.md +0 -354
package/docs/implementation/refactor-phase2-changelog-20260515-1705.md +0 -421
package/docs/implementation/task-active-gc-changelog-20260518-1745.md +0 -35
package/docs/implementation/task-title-summary-changelog-20260518-1130.md +0 -39
package/docs/implementation/tasks-detail-back-loses-filters-changelog-20260518-1100.md +0 -22
package/docs/implementation/tasks-list-filter-pagination-changelog-20260518-0930.md +0 -72
package/docs/implementation/tasks-page-white-screen-hotfix-changelog-20260518-1015.md +0 -56
package/docs/reviews/claudemd-template-sync.md +0 -54
package/docs/reviews/task-title-summary.md +0 -92
package/docs/reviews/tasks-detail-back-loses-filters.md +0 -58
package/docs/reviews/tasks-filter-pagination.md +0 -80
package/docs/reviews/tasks-page-white-screen-hotfix.md +0 -126
package/docs/ruflo-learning-strategy.md +0 -322
package/docs/skills-deduplication-analysis.md +0 -83
package/docs/skills-multiformat-support.md +0 -177
package/docs/skills-third-party.md +0 -183
package/docs/testing/tasks-filter-pagination-test-report.md +0 -86
package/forge +0 -321
package/playwright.config.ts +0 -40
package/scripts/demo-v2.ts +0 -91
package/scripts/dev-daemon.sh +0 -232
package/scripts/dev-web.ts +0 -109
package/scripts/e2e-mcp-link.ts +0 -423
package/scripts/e2e-methodology-quality.ts +0 -253
package/scripts/e2e-routing.ts +0 -456
package/scripts/e2e-user-methodology.ts +0 -326
package/scripts/e2e-web-workflows.ts +0 -299
package/scripts/migrate-legacy-to-dynamic.sql +0 -108
package/scripts/regenerate-execution-docs.ts +0 -116
package/scripts/sync-agent-skills.ts +0 -193
package/scripts/test-hook.sh +0 -71
package/scripts/verify-skill-loading.ts +0 -62
package/src/claudemd/claudemd-generator.ts +0 -568
package/src/claudemd/convention-extractor.ts +0 -69
package/src/claudemd/index.ts +0 -35
package/src/claudemd/persona-manager.ts +0 -88
package/src/claudemd/resume-manager.ts +0 -236
package/src/claudemd/tech-detector.ts +0 -220
package/src/claudemd/templates/swarm-protocol.md +0 -222
package/src/cli/commands/claudemd.ts +0 -84
package/src/cli/commands/config.ts +0 -46
package/src/cli/commands/daemon.ts +0 -310
package/src/cli/commands/executions.ts +0 -115
package/src/cli/commands/init.ts +0 -204
package/src/cli/commands/logs.ts +0 -181
package/src/cli/commands/mcp.ts +0 -242
package/src/cli/commands/menu.ts +0 -357
package/src/cli/commands/skills.ts +0 -185
package/src/cli/commands/stats.ts +0 -73
package/src/cli/commands/status.ts +0 -69
package/src/cli/commands/template.ts +0 -77
package/src/cli/commands/trace.ts +0 -148
package/src/cli/index.ts +0 -42
package/src/cli/init/hook-manager.ts +0 -132
package/src/core/ai/provider.ts +0 -308
package/src/core/ai/types.ts +0 -51
package/src/core/config.ts +0 -124
package/src/core/constants.ts +0 -62
package/src/core/event-fields.ts +0 -32
package/src/core/queue/index.ts +0 -192
package/src/core/storage/base.ts +0 -302
package/src/core/storage/events.ts +0 -434
package/src/core/storage/injections.ts +0 -78
package/src/core/storage/maintenance.ts +0 -59
package/src/core/storage/migrations/002_add_skill_tracking.sql +0 -6
package/src/core/storage/migrations/003_add_skill_invocations.sql +0 -23
package/src/core/storage/performance-indexes.sql +0 -23
package/src/core/storage/routing.ts +0 -322
package/src/core/storage/rows.ts +0 -112
package/src/core/storage/schema.sql +0 -224
package/src/core/storage/sessions.ts +0 -168
package/src/core/storage/skills.ts +0 -233
package/src/core/storage/sqlite.ts +0 -293
package/src/core/storage/tasks.ts +0 -318
package/src/core/storage/token-usage.ts +0 -93
package/src/core/types.ts +0 -181
package/src/core/utils/error-handler.ts +0 -257
package/src/core/utils/forge-resume-block.ts +0 -74
package/src/core/utils/format.ts +0 -69
package/src/core/utils/git.ts +0 -23
package/src/core/utils/logger.ts +0 -134
package/src/core/utils/lru-cache.ts +0 -54
package/src/core/utils/path.ts +0 -19
package/src/core/utils/session.ts +0 -26
package/src/core/utils/time.ts +0 -37
package/src/core/utils/token-tracker.ts +0 -97
package/src/daemon/event-parser.ts +0 -36
package/src/daemon/handlers/history-exporter.ts +0 -117
package/src/daemon/handlers/post-tool-use.ts +0 -54
package/src/daemon/handlers/stop.ts +0 -208
package/src/daemon/handlers/user-prompt.ts +0 -178
package/src/daemon/hook-sync.ts +0 -91
package/src/daemon/index.ts +0 -302
package/src/daemon/launchd/com.claude-forge.daemon.plist.template +0 -47
package/src/daemon/launchd-installer.ts +0 -260
package/src/daemon/lifecycle.ts +0 -128
package/src/daemon/router.ts +0 -40
package/src/daemon/server.ts +0 -196
package/src/daemon/services/task-segmenter.ts +0 -112
package/src/hooks/hook-lib.sh +0 -118
package/src/hooks/notification.sh +0 -35
package/src/hooks/post-tool-use.sh +0 -61
package/src/hooks/pre-tool-use.sh +0 -63
package/src/hooks/stop.sh +0 -43
package/src/hooks/user-prompt-submit.sh +0 -69
package/src/mcp/server.ts +0 -322
package/src/skills/index.ts +0 -2
package/src/skills/invocation-guard.ts +0 -177
package/src/skills/matcher.ts +0 -148
package/src/skills/official/code-simplifier.md +0 -16
package/src/skills/official/find-skills.md +0 -23
package/src/skills/official/official-api-design.md +0 -17
package/src/skills/official/official-architecture-decision.md +0 -20
package/src/skills/official/official-bmad.md +0 -118
package/src/skills/official/official-db-schema-design.md +0 -16
package/src/skills/official/official-debug.md +0 -17
package/src/skills/official/official-doc-driven.md +0 -31
package/src/skills/official/official-harness-engineering.md +0 -108
package/src/skills/official/official-performance-optimization.md +0 -30
package/src/skills/official/official-pr-review.md +0 -35
package/src/skills/official/official-release-checklist.md +0 -30
package/src/skills/official/official-security-hardening.md +0 -26
package/src/skills/official/official-spec-driven-design.md +0 -31
package/src/skills/official/planning-with-files.md +0 -37
package/src/skills/official/ui-ux-pro-max.md +0 -18
package/src/skills/official/webapp-testing.md +0 -12
package/src/skills/official-skills.ts +0 -89
package/src/skills/registry.ts +0 -355
package/src/skills/semantic-matcher.ts +0 -231
package/src/skills/tools/pipeline-suggest.ts +0 -226
package/src/skills/tools/skill-invoke.ts +0 -168
package/src/skills/tools/skill-list.ts +0 -59
package/src/templates/go.yaml +0 -53
package/src/templates/python.yaml +0 -59
package/src/templates/react.yaml +0 -55
package/src/templates/template-manager.ts +0 -170
package/src/web/analytics/anti-pattern-detector.ts +0 -367
package/src/web/analytics/drift-detector.ts +0 -219
package/src/web/analytics/weekly-report.ts +0 -431
package/src/web/auth-middleware.ts +0 -54
package/src/web/routes/_helpers.ts +0 -34
package/src/web/routes/ai.ts +0 -204
package/src/web/routes/auth.ts +0 -22
package/src/web/routes/drift.ts +0 -25
package/src/web/routes/error-handler.ts +0 -120
package/src/web/routes/events.ts +0 -47
package/src/web/routes/insights.ts +0 -43
package/src/web/routes/patch.ts +0 -117
package/src/web/routes/reports.ts +0 -34
package/src/web/routes/rules.ts +0 -76
package/src/web/routes/sessions.ts +0 -250
package/src/web/routes/skill-stats.ts +0 -92
package/src/web/routes/skills.ts +0 -350
package/src/web/routes/static.ts +0 -67
package/src/web/routes/stats.ts +0 -50
package/src/web/routes/status.ts +0 -30
package/src/web/routes/tasks.ts +0 -193
package/src/web/routes/token-usage.ts +0 -20
package/src/web/routes/trace.ts +0 -126
package/src/web/routes/types.ts +0 -57
package/src/web/server.ts +0 -134
package/src/web/ssrf-guard.ts +0 -112
package/src/web/static/index.html +0 -3251
package/src/web/static/vendor/chart.umd.min.js +0 -20
package/tests/e2e/dashboard.spec.ts +0 -205
package/tests/e2e/routing-skill-e2e.test.ts +0 -39
package/tests/helpers/mock-ai.ts +0 -92
package/tests/helpers/mock-storage.ts +0 -159
package/tests/integration/claudemd-generator.test.ts +0 -90
package/tests/integration/queue-replay.integration.test.ts +0 -193
package/tests/integration/tasks-filter.integration.test.ts +0 -154
package/tests/integration/web-analytics.integration.test.ts +0 -133
package/tests/integration/web-stats.integration.test.ts +0 -135
package/tests/integration/web-trace.integration.test.ts +0 -175
package/tests/performance/database.benchmark.ts +0 -161
package/tests/semantic-matcher.test.ts +0 -99
package/tests/skill-matcher.test.ts +0 -110
package/tests/unit/ai-provider-retry.test.ts +0 -194
package/tests/unit/ai-provider-vision.test.ts +0 -224
package/tests/unit/claudemd-generator.test.ts +0 -68
package/tests/unit/cli-mcp.test.ts +0 -141
package/tests/unit/core/forge-paths.test.ts +0 -99
package/tests/unit/daemon/hook-sync.test.ts +0 -71
package/tests/unit/daemon/post-tool-use.test.ts +0 -121
package/tests/unit/daemon/stop-handler-behavior-summary.test.ts +0 -202
package/tests/unit/daemon/task-segmenter-recover.test.ts +0 -84
package/tests/unit/event-fields.test.ts +0 -88
package/tests/unit/event-parser.test.ts +0 -55
package/tests/unit/handlers.test.ts +0 -171
package/tests/unit/hooks/resolve-project-path.test.ts +0 -122
package/tests/unit/invocation-guard.test.ts +0 -125
package/tests/unit/queue.test.ts +0 -272
package/tests/unit/router.test.ts +0 -138
package/tests/unit/security.test.ts +0 -128
package/tests/unit/skill-invocations-workflow.test.ts +0 -495
package/tests/unit/skill-registry.test.ts +0 -94
package/tests/unit/skills/invocation-guard-ttl.test.ts +0 -211
package/tests/unit/skills/official-skills-loader.test.ts +0 -126
package/tests/unit/skills/registry-multiformat.test.ts +0 -92
package/tests/unit/socket-server.test.ts +0 -183
package/tests/unit/storage/event-operations-aggregates.test.ts +0 -342
package/tests/unit/storage/migration-idempotent.test.ts +0 -304
package/tests/unit/storage/routing-aggregates.test.ts +0 -276
package/tests/unit/storage/routing.test.ts +0 -117
package/tests/unit/storage/schema-missing.test.ts +0 -81
package/tests/unit/storage/session-operations-aggregates.test.ts +0 -120
package/tests/unit/storage/sessions-aggregate.test.ts +0 -435
package/tests/unit/storage/skill-operations-counts.test.ts +0 -106
package/tests/unit/storage/skills-aggregates.test.ts +0 -104
package/tests/unit/storage/sqlite-refactor-harness.test.ts +0 -314
package/tests/unit/storage/task-operations-counts.test.ts +0 -46
package/tests/unit/storage/tasks-getById.test.ts +0 -343
package/tests/unit/storage/tasks-stale-gc.test.ts +0 -86
package/tests/unit/storage.test.ts +0 -172
package/tests/unit/token-usage.test.ts +0 -144
package/tests/unit/type-guards.test.ts +0 -201
package/tests/unit/utils/format.test.ts +0 -189
package/tests/unit/utils/session.test.ts +0 -89
package/tests/unit/utils/time.test.ts +0 -112
package/tests/unit/web/navigation-back-contract.test.ts +0 -134
package/tests/unit/web/routes-auth.test.ts +0 -93
package/tests/unit/web/routes-events.test.ts +0 -101
package/tests/unit/web/routes-rules.test.ts +0 -182
package/tests/unit/web/routes-sessions.test.ts +0 -181
package/tests/unit/web/routes-skill-stats.test.ts +0 -179
package/tests/unit/web/routes-stats.test.ts +0 -92
package/tests/unit/web/routes-tasks.test.ts +0 -385
package/tests/unit/web/task-title-contract.test.ts +0 -210
package/tests/unit/web/tasks-component-contract.test.ts +0 -179
package/tsconfig.json +0 -22
package/vitest.config.ts +0 -21
package/vitest.integration.config.ts +0 -16
package/web/CLAUDE.md +0 -20
package/web/index.html +0 -13
package/web/package-lock.json +0 -4854
package/web/package.json +0 -35
package/web/postcss.config.js +0 -6
package/web/src/App.tsx +0 -110
package/web/src/components/CodeBlock.tsx +0 -31
package/web/src/components/Confirm.tsx +0 -96
package/web/src/components/Drawer.tsx +0 -60
package/web/src/components/Layout.tsx +0 -145
package/web/src/components/MarkdownRenderer.tsx +0 -77
package/web/src/components/SearchInput.tsx +0 -31
package/web/src/components/SessionDetailContent.tsx +0 -157
package/web/src/components/Toast.tsx +0 -92
package/web/src/index.css +0 -19
package/web/src/main.tsx +0 -31
package/web/src/pages/AIConfig.tsx +0 -233
package/web/src/pages/Dashboard.tsx +0 -572
package/web/src/pages/Events.tsx +0 -271
package/web/src/pages/Reports.tsx +0 -428
package/web/src/pages/SessionDetail.tsx +0 -162
package/web/src/pages/Sessions.tsx +0 -205
package/web/src/pages/Skills.tsx +0 -180
package/web/src/pages/TaskDetail.tsx +0 -515
package/web/src/pages/Tasks.tsx +0 -415
package/web/src/utils/auth.ts +0 -59
package/web/src/utils/export.ts +0 -54
package/web/src/utils/navigation.ts +0 -25
package/web/src/utils/task-title.ts +0 -49
package/web/src/utils/time.ts +0 -13
package/web/tailwind.config.js +0 -11
package/web/tsconfig.json +0 -21
package/web/tsconfig.node.json +0 -10
package/web/vite.config.ts +0 -76
package/winspan-claude-forge-8.43.0.tgz +0 -0

package/docs/implementation/refactor-phase1-changelog-20260515-1630.md DELETED Viewed

@@ -1,354 +0,0 @@
-# claude-forge 渐进式重构 - 第 1 迭代变更日志
-**文档版本**: v1.0
-**生成时间**: 2026-05-15 16:30
-**迭代周期**: 2026-05-15 ~ 2026-05-15（1 天完成）
-**执行状态**: ✅ 已完成
----
-## 执行摘要
-第 1 迭代聚焦于**安全加固**和**基础设施稳定性**，成功修复了 3 个 P0 级安全漏洞，并完成了 4 个 P1 级基础设施改进。
-### 关键成果
-- ✅ 修复 3 个 P0 级安全漏洞（路径遍历、Git 命令注入、类型安全）
-- ✅ 添加 3 个数据库性能索引
-- ✅ 新增 61 个单元测试（覆盖率从 0% → ~40%）
-- ✅ 统一错误处理机制
-- ✅ 添加请求体大小限制（DoS 防护）
-### 改动统计
-- **新增文件**: 7 个
-- **修改文件**: 9 个
-- **新增代码**: ~1,500 行
-- **测试用例**: 61 个（全部通过）
-- **Git 提交**: 6 个
----
-## Step 1: 修复路径遍历漏洞 (P0-1)
-### 改动文件
-1. **src/web/routes/skills.ts**
-   - 在 5 个路由中添加路径校验
-   - 拒绝包含 `/`, `\`, `..` 的文件名
-   - 拒绝空文件名
-2. **src/web/routes/types.ts**
-   - 在 `resolvePatchTarget()` 中添加路径校验
-   - 抛出异常阻止路径遍历
-3. **tests/unit/security.test.ts** (新增)
-   - 23 个安全测试用例
-   - 覆盖路径遍历和输入验证
-### 影响范围
-- `GET /api/skills/:name`
-- `PUT /api/skills/:name`
-- `GET /api/skills/:name/versions`
-- `GET /api/skills/:name/versions/:timestamp`
-- `POST /api/skills/:name/rollback`
-- `resolvePatchTarget()` 函数
-### 验证结果
-```bash
-✅ 23/23 测试通过
-✅ 路径遍历攻击被成功拦截（返回 400）
-✅ 合法文件名正常工作
-```
----
-## Step 2: 修复 Git 命令注入漏洞 (P0-2)
-### 改动文件
-1. **src/web/routes/trace.ts**
-   - 添加 `projectPath` 校验
-   - 验证路径必须是绝对路径
-   - 验证路径必须存在且是目录
-   - 验证路径必须包含 `.git` 目录
-2. **tests/unit/security.test.ts** (扩展)
-   - 新增 5 个 Git 命令注入防护测试
-### 影响范围
-- `GET /api/trace/:commit`
-### 验证结果
-```bash
-✅ 28/28 测试通过（包含 Step 1）
-✅ 相对路径被拒绝
-✅ 不存在的路径被拒绝
-✅ 非 Git 仓库被拒绝
-✅ 特殊字符路径被拒绝
-```
----
-## Step 3: 修复类型安全缺失 (P0-3)
-### 改动文件
-1. **src/core/storage/events.ts**
-   - 添加 `ForgeEventSchema` (Zod)
-   - 添加 `DatabaseRowSchema` (Zod)
-   - `writeEvent()` 添加输入验证
-   - `rowToEvent()` 添加数据库行验证
-   - 返回安全回退值而非崩溃
-2. **tests/unit/type-guards.test.ts** (新增)
-   - 11 个类型守卫测试用例
-   - 覆盖输入验证和错误处理
-### 影响范围
-- `EventOperations.writeEvent()`
-- `EventOperations.rowToEvent()`
-### 验证结果
-```bash
-✅ 11/11 测试通过
-✅ 无效事件被拒绝（抛出异常）
-✅ 无效数据库行返回安全回退值
-✅ 合法数据正常处理
-```
----
-## Step 4: 添加数据库性能索引 (P1-1)
-### 改动文件
-1. **src/core/storage/schema.sql**
-   - 添加 `idx_routing_events_obeyed_ts` 索引
-   - 添加 `idx_events_session_hook` 索引
-   - 添加 `idx_injections_session_handler` 索引
-2. **src/core/storage/base.ts**
-   - 在 `runMigrations()` 中添加索引创建逻辑
-   - 幂等操作，支持多次运行
-### 优化查询
-- `routing_events` 按 `obeyed` 过滤 + 时间排序
-- `events` 按 `session_id` + `hook_type` 过滤 + 时间排序
-- `injections` 按 `session_id` + `source_handler` 过滤
-### 验证结果
-```bash
-✅ TypeScript 编译通过
-✅ 索引创建成功（日志确认）
-✅ 幂等性验证通过
-```
----
-## Step 5: 补充单元测试 (P1-2)
-### 新增文件
-1. **tests/helpers/mock-storage.ts**
-   - `createMockDatabase()` - 创建内存数据库
-   - `createMockEvent()` - 创建测试事件
-   - `insertMockEvents()` - 批量插入事件
-   - `queryAllEvents()` - 查询所有事件
-2. **tests/helpers/mock-ai.ts**
-   - `MockAIProvider` - AI provider mock 类
-   - `createMockAI()` - 创建 mock AI
-   - `createFailingMockAI()` - 创建失败 mock
-   - `createSlowMockAI()` - 创建慢速 mock
-3. **tests/unit/router.test.ts**
-   - 12 个路由和 Agent 选择测试
-### 扩展文件
-4. **tests/unit/storage.test.ts**
-   - 新增 4 个测试场景
-   - 覆盖搜索、会话管理、错误处理
-### 测试覆盖
-- **存储层**: 事件写入、查询、搜索、会话管理、错误处理
-- **路由层**: 意图分类、Agent 选择、路由决策
-- **类型守卫**: Zod 运行时校验
-- **安全**: 路径遍历、命令注入防护
-### 验证结果
-```bash
-✅ 61/61 测试通过
-✅ 覆盖率提升至 ~40%
-✅ 所有核心模块有基础测试
-```
----
-## Step 6: 统一错误处理 (P1-3)
-### 新增文件
-1. **src/web/routes/error-handler.ts**
-   - `AppError` 自定义错误类
-   - `errorHandler()` 全局错误处理中间件
-   - `notFoundHandler()` 404 处理
-   - `asyncHandler()` 异步路由包装器
-### 修改文件
-2. **src/web/server.ts**
-   - 添加请求体大小限制（10MB）
-   - 注册全局错误处理中间件
-   - 注册 404 处理中间件
-3. **src/daemon/router.ts**
-   - 添加 try-catch 错误边界
-   - 捕获 handler 错误防止 daemon 崩溃
-   - 返回安全默认值 `{ allow: true }`
-### 影响范围
-- 所有 Web API 路由（统一错误响应格式）
-- Daemon 事件路由（防止崩溃）
-### 验证结果
-```bash
-✅ TypeScript 编译通过
-✅ 错误响应格式统一
-✅ Daemon 错误边界生效
-```
----
-## 验收检查清单
-### 功能验收
-- ✅ 所有现有功能正常（回归测试通过）
-- ✅ Daemon 启动正常
-- ✅ Web 仪表盘正常访问
-- ✅ CLI 命令正常执行
-### 安全验收
-- ✅ 路径遍历攻击被拦截（返回 400）
-- ✅ Git 命令注入被拦截（返回 400）
-- ✅ 异常数据不导致崩溃（返回安全回退值）
-- ✅ 请求体大小限制生效（10MB）
-### 性能验收
-- ✅ 索引创建成功
-- ✅ 查询性能提升（复合索引生效）
-### 测试验收
-- ✅ 单元测试覆盖率 >= 40%
-- ✅ 所有测试通过（61/61）
-- ✅ 无 TypeScript 编译错误
----
-## 遇到的问题与解决方案
-### 问题 1: 测试中的 UUID 验证失败
-**现象**: `event_id` 必须是 UUID 格式，但测试使用了简单字符串。
-**解决方案**: 使用 `crypto.randomUUID()` 生成合法的 UUID。
-### 问题 2: Logger 参数不匹配
-**现象**: `logger.error()` 只接受一个参数，但代码传入了两个。
-**解决方案**: 将结构化日志信息合并到单个字符串中。
-### 问题 3: 不存在的方法调用
-**现象**: 测试调用了 `storage.markEventsDistilled()` 和 `storage.writeToolEvent()`，但这些方法不存在。
-**解决方案**: 移除这些测试，只测试实际存在的方法。
----
-## 技术债务
-### 已解决
-- ✅ P0-1: 路径遍历漏洞
-- ✅ P0-2: Git 命令注入漏洞
-- ✅ P0-3: 类型安全缺失
-- ✅ P1-1: 缺失数据库索引
-- ✅ P1-2: 0% 测试覆盖
-- ✅ P1-3: 错误处理不统一
-- ✅ P1-4: 请求体大小无限制
-### 遗留（留到后续迭代）
-- ⏳ P1-5: N+1 查询问题
-- ⏳ P1-6: 连接池配置
-- ⏳ P2-1: 代码重复
-- ⏳ P2-2: 命名规范不一致
-- ⏳ P2-3: 缺少 API 文档
----
-## Git 提交历史
-```bash
-013d2fa feat(error-handling): 统一错误处理机制 (P1-3)
-be7ea72 test(unit): 补充单元测试覆盖 (P1-2)
-17a441d perf(storage): 添加数据库性能索引 (P1-1)
-eb0a704 fix(storage): 添加 Zod 运行时类型校验 (P0-3)
-3691760 fix(security): 修复 Git 命令注入漏洞 (P0-2)
-38fddc8 fix(security): 修复路径遍历漏洞 (P0-1)
-```
----
-## 下一步计划
-### Phase 2: 架构优化（预计 2 周）
-1. **模块解耦**
-   - 拆分 `daemon/router.ts` 的职责
-   - 提取共享类型到独立模块
-   - 减少循环依赖
-2. **性能优化**
-   - 解决 N+1 查询问题
-   - 添加连接池配置
-   - 优化大数据量查询
-3. **文档补全**
-   - 生成 API 文档
-   - 绘制架构图
-   - 编写开发指南
----
-## 总结
-第 1 迭代成功完成了所有预定目标，修复了 3 个 P0 级安全漏洞，并显著提升了代码质量和测试覆盖率。项目现在具备了更好的安全性、稳定性和可维护性，为后续的架构优化奠定了坚实基础。
-**关键指标**:
-- 安全漏洞修复: 3/3 ✅
-- 基础设施改进: 4/4 ✅
-- 测试覆盖率: 0% → 40% ✅
-- 代码质量: 显著提升 ✅
-- 执行时间: 1 天（预计 2 周）✅
-**团队反馈**: 欢迎在下一次迭代规划会议中提出改进建议。