refactor audit chain & risk routing; add 1.0.3 migration#22
Closed
refactor audit chain & risk routing; add 1.0.3 migration#22
Conversation
added 5 commits
April 21, 2026 14:25
Contributor
Author
|
Closing per request: mitigation routing regression (asset_id required) blocks risk disposal flow. |
Collaborator
|
24统一合并 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
改了什么
1) 审计日志链路重构(Go + UI)
role=user消息”创建一条审计链,后续tool_call -> tool_result -> assistant通过tool_call_id关联到同一log_uuid。tool_call_id归一化与缺失补齐能力,降低不同 provider / 协议差异带来的关联失败。2) 风险处置路由改造为
asset_idsource_plugin切换为asset_id(实例级路由)。Risk/RiskInfo增加并透传asset_id;Flutter Web/Desktop 处置请求统一携带asset_id。asset_id(可唯一判定时),并在PluginManager中清理同插件历史实例,避免旧实例残留导致无法注入asset_id。3) 1.0.3 启动迁移
1.0.2 -> 1.0.3。audit_logs直接删除重建。scans/assets/risks/skill_scans)评估后同样删除重建(旧结构与新语义缺少稳定映射,保留迁移风险高)。1.0.3(pubspec.yaml),并同步 Web 默认current_version。4) 规范与文档同步
asset_id)。为什么改
asset_id才能确保精确路由。影响范围
core/proxy审计链路、core/plugin_manager风险处置路由、core/repository启动迁移、core/service扫描结果处理。1.0.3时会清空旧审计与旧风险扫描历史(由新结构重建后重新累积)。如何验证
go test ./... -count=1dart analyze lib/models/risk_model.dart lib/services/plugin_service_io.dart lib/services/plugin_service_web.dart lib/services/scan_database_service.dart lib/services/scanner_service.dart lib/web/web_home_page.dartasset_id,不再依赖source_plugin。1.0.2旧库启动1.0.3,确认执行1.0.2 -> 1.0.3迁移,旧审计/风险数据清空并按新结构重建。./scripts/build_go.sh./scripts/run_with_pprof.sh