OoO
9528d6c23e
fix(stability): 補強 scheduler 例外處理與 vendor 模板路徑
...
ADR-017 Phase 3f-3:移除 scheduler 裸 except,P1 任務失敗改走 EventRouter notify_failure 同步入口;清理 docker-compose vendor 死 mount;修正 vendor_bp template_folder 指向專案 web/templates。
2026-04-29 21:39:25 +08:00
OoO
13fa165ee2
refactor(cache): 統一 cache SOT 並啟用 gunicorn preload
...
ADR-017 Phase 3f-2:新增 services/cache_manager.py,讓 sales/import/export/daily/dashboard 共用同一份 in-memory cache;cache_service 改為相容 shim;Dockerfile/docker-compose 啟用 gunicorn --preload。
2026-04-29 21:35:56 +08:00
OoO
2550ab45b1
refactor(routes): 刪除模組化死碼開關
...
ADR-017 Phase 3f-1 dead-switch sprint;改為直接註冊 Blueprint,移除 USE_MODULAR_ROUTES/register_blueprints,並加入重複路由啟動自檢。
2026-04-29 21:26:58 +08:00
OoO
d51d8031f5
refactor(routes): 遷移公開系統與 ABC 路由
...
ADR-017 Phase 3f-1 system sprint;新增無 prefix system_public_bp,保留公開 URL 與 backup CSRF;ABC detail 併入 sales_bp。
2026-04-29 21:22:29 +08:00
OoO
567f138b2d
refactor(routes): 搬遷 sales 實作並刪除 app.py 重複路由
...
ADR-017 Phase 3f-1 sales sprint;sales_bp 改為真實實作,移除 app.py 7 條 sales duplicate route,保留 /growth_analysis Blueprint 版。
2026-04-29 21:16:55 +08:00
OoO
aa56479c66
refactor(routes): 刪除 dashboard brand_assets 重複路由
...
ADR-017 Phase 3f-1 dashboard/misc sprint
2026-04-29 21:09:26 +08:00
OoO
43a2c5f638
refactor(routes): 刪除 app.py export 重複路由
...
ADR-017 Phase 3f-1 export sprint
2026-04-29 21:03:54 +08:00
OoO
3971fd4020
fix(daily_sales): cache 失效改 DB fingerprint + clear_cache 加 @login_required
...
CD Pipeline / deploy (push) Successful in 1m12s
回應 critic 對 8fefea0 的 4 個 HIGH finding(debugger/web-researcher/migration-engineer 三方共識):
HIGH-3 修復:
- /api/daily_sales/clear_cache 加 @login_required,避免外部 DoS 攻擊清快取
HIGH-4 修復(核心):
- 新增 _get_data_fingerprint(engine):SELECT MAX(snapshot_date), COUNT(*) FROM daily_sales_snapshot
- _is_cache_valid 改雙閘:TTL(保險絲)+ DB fingerprint(強一致)
- 三個 cache 寫入點同步記錄 fingerprint
- 移除 services/import_service.py 的 4-worker N-POST hack(命中率僅 9.4%,
coupon collector 機率:4!/4^4 = 0.094)
- 資料寫入後指紋自動跳號,4 worker 下次 request 各自偵測失效並重載 → 強一致
附帶修:
- 統一 export/export_marketing 兩處 cache 寫入結構(補 timestamp/fingerprint),
解決 db-expert 標記的「export 端點 cache 缺 timestamp 導致主看板每次都重讀」瑕疵
未處理(留待後續):
- HIGH-2: app.py 仍有 43 處 _SALES_PROCESSED_CACHE(sales_analysis 等其他路由的獨立 cache)
待後續 P9 統一抽 services/cache_manager.py
[P7-COMPLETION]
方案: critic + debugger + web-researcher + migration-engineer 四方共識的方案 B
影響: routes/daily_sales_routes.py + services/import_service.py 兩檔
Regression: 每 request 多 1 次 SELECT MAX/COUNT(< 5ms),其餘行為等價
2026-04-29 09:10:23 +08:00
OoO
e6768408e1
refactor(app.py): 抽出 /api/test_url + /brand_assets 至 misc_routes Blueprint
...
CD Pipeline / deploy (push) Successful in 1m5s
- 新增 routes/misc_routes.py(40 行,2 routes:POST /api/test_url, GET /brand_assets)
- app.py 7012 → 6986(-26 行)
- requests 改為模組頂層 import(移除函數內 import 異味)
- 註冊位置貼齊 category_bp 後方
Phase 3e route handlers Blueprint 化第二棒,收納雜項小型 routes
2026-04-28 21:10:01 +08:00
OoO
8fce73bd4b
refactor(app.py): 抽出 /api/categories CRUD 至 category_routes Blueprint
...
CD Pipeline / deploy (push) Successful in 1m9s
- 新增 routes/category_routes.py(46 行,3 routes:POST/PUT/DELETE)
- app.py 7053 → 7012(-41 行)
- 沿用 services.json_storage.load_categories/save_categories
- 註冊位置貼齊 system_bp 後方
Phase 3e route handlers Blueprint 化首棒,邊界最小、無共用狀態
2026-04-28 21:04:40 +08:00
ooo
dea94d2e0f
refactor(p1-01d): routes/ 移除 safe_read_sql/validate_table_name/find_col 三份重複定義
...
CD Pipeline / deploy (push) Successful in 1m6s
- routes/sales_routes.py 移除 find_col、validate_table_name、safe_read_sql 各自實作(-40 行)
- routes/daily_sales_routes.py 移除 validate_table_name、safe_read_sql 各自實作(-26 行)
- 兩檔改為 from utils.security import ... 的 re-export,行為對齊單一權威來源
注意:原本 routes 自己的 validate_table_name 較寬鬆(只 regex),
改用 utils.security 後升級為「白名單 + SQL 關鍵字」雙重防護。
所有 call site 都用 'realtime_sales_monthly' 或 'daily_sales_snapshot',皆在白名單內,行為相容。
2026-04-28 15:50:21 +08:00
ooo
d4ea555030
refactor(p1-06/07): daily_sales 純函數抽到 services/
...
CD Pipeline / deploy (push) Successful in 1m14s
- 新增 utils/df_helpers.py 放共用 find_col(避免 routes/services 雙向依賴)
- 新增 services/daily_sales_service.py 收:
* get_taiwan_holiday(date)
* prepare_calendar_data(df, selected_month)
* prepare_marketing_summary(df, ...)
- routes/daily_sales_routes.py 改為 import service,行數 949 → 713(-236)
- 行為 100% 保留,僅檔案位置搬移
2026-04-28 15:37:07 +08:00
OoO
d276853e54
fix(post-3.5g): restore _is_authorized fail-closed for callback + message (CRIT-2 + HIGH-3)
...
從 4349db2~1 撈回 _is_authorized() 並重新套用到 callback 與 message handler。
問題:
- CRIT-2 (callback fail-open):原本只擋 group/supergroup 不匹配,
private chat 任何人都能觸發 callback 指令(按鈕 menu/await/cmd)。
- HIGH-3 (message short-circuit fail):`if ALLOWED_USERS and _uid not in ALLOWED_USERS`
在 OPENCLAW_ALLOWED_USERS 環境變數未設時 → ALLOWED_USERS 為空 set →
`if False and ...` 整段不執行 → 所有 private 訊息都通過。
修法(fail-closed 三檢查):
1. 在頂部 import 區下方還原 `_is_authorized(chat_type, chat_id, user_id)`:
- group/supergroup:chat_id 必須等於 ALLOWED_GROUP
- private:user_id 必須在 ALLOWED_USERS(空 set → 全拒)
- channel / 未知 / 缺欄位 → 拒絕
2. callback handler 替換為 `if not _is_authorized(chat_type, chat_id, cq_from_id)`
並從 cq.get('from') 取 user_id(之前完全沒取)。
3. message handler 替換為統一檢查,未授權回 403 + 靜默(不回 Telegram 避免偵察)。
驗證:
- AST parse OK
- 模擬測試:999999 私訊 → False;111(在白名單)私訊 → True;
錯誤群組 → False;channel → False;None → False
- grep 結果:剩下兩處 `_is_authorized` 呼叫(callback 5195, message 5255),
舊的 `ALLOWED_USERS and _uid not in ALLOWED_USERS` 已移除(只留註解描述歷史)。
Critic findings: CRIT-2 + HIGH-3
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-04-28 14:40:22 +08:00
OoO
af260c4a01
feat: 新增三個促銷活動爬蟲支援(母親節、520情人節、勞動節)
...
CD Pipeline / deploy (push) Successful in 1m12s
- 新增通用促銷活動爬蟲函式 run_promo_event_task()
- 更新 crawler_config_loader.py 新增三個活動配置
- 更新 run_scheduler.py 動態註冊促銷活動爬蟲
- 新增 API 端點 /api/run_promo_event_task
- 新增三個前端儀表板路由(/edm/mothers_day, /edm/valentine_520, /edm/labor_day)
- 更新所有儀表板頁籤列表
- 新增配置檔案 services/data/crawler_config.json
- 新增使用文件 docs/guides/promo_event_crawler_guide.md
- 更新 agent_actions.py 允許重試列表
2026-04-28 13:57:44 +08:00
OoO
7bb97ed252
fix: remove hardcoded Telegram Bot token to resolve AiderHeal security warning
CD Pipeline / deploy (push) Successful in 1m21s
2026-04-28 12:34:29 +08:00
OoO
7125ba09d3
fix(post-3.5e): openclaw_answer 三個 store_conversation 呼叫點對齊新簽章
...
CD Pipeline / deploy (push) Successful in 1m16s
承接前一個 commit「store_conversation 簽章改 6 參數」後,遠端先前
b766edf 的「呼叫端縮成 3 args + 改用 chat_id」修法有兩個問題:
1. openclaw_answer(question) 函式 scope 中根本沒有 chat_id 變數,
原本的 args=(chat_id, ...) 在執行時會 NameError,
被 thread 內 except 吞掉,bug 還是發生(剛好相反方向)。
2. b766edf 漏改 L4166(Gemini 直接路徑),三個呼叫點不一致。
本 commit 將 L4113 / L4214 改回 6 個 positional args:
(user_id=0, chat_id=0, question, response, source, used_sources)
對齊新簽章 (user_id, chat_id, user_message, bot_response, source='', used_sources=None)
全部 metadata(source / used_sources / chat_id)保留進 ai_insights.metadata_json。
Out-of-scope(暫不處理):
- user_id / chat_id 寫死 0 不修(待 openclaw_answer 函式接收 chat_id 參數的後續重構)
2026-04-28 12:29:48 +08:00
OoO
433e37d241
fix: remove strict 30s timeout for Ollama chat
CD Pipeline / deploy (push) Has been cancelled
2026-04-28 12:28:57 +08:00
OoO
b766edfde2
fix: store_conversation signature, MCP model, and AI fallback message
CD Pipeline / deploy (push) Successful in 1m18s
2026-04-28 12:26:49 +08:00
OoO
dff19ee835
fix(post-3.5c): ai_routes hermes_stats model 顯示字串清理
...
Item #9:
- routes/ai_routes.py:1640 hermes_stats['model'] 寫死 'hermes3:latest'
- 改為 'Hermes 3' 更易讀;保留語意(model identifier 給未來可能的下游讀者)
調查確認此 key 為 dead code:
- _build_footprint_block / _build_footprint_json (nemoton_dispatcher_service.py:276,303)
只讀 duration_sec 和 tokens,不讀 model key
- hermes_analyst_service.py:419 自組 _last_stats 也不放 model key
- 改動不影響 footprint 顯示與 DB 寫入
2026-04-28 12:15:59 +08:00
OoO
4349db2015
feat: AiderHeal 支援 ssh 與 Ollama 設為首選 AI 引擎
CD Pipeline / deploy (push) Successful in 8m40s
2026-04-28 11:41:12 +08:00
ogt
4a648ea6bf
refactor: fix reverse dependencies — logger_manager→utils, dashboard_service extraction
...
- Move SystemLogger implementation to utils/logger_manager.py (pure utility, no deps)
- services/logger_manager.py becomes a backward-compat re-export shim
- database/manager.py and database/vendor_manager.py now import from utils layer
- Extract get_dashboard_stats() to services/dashboard_service.py
- services/task_runner.py no longer imports from routes layer
- routes/dashboard_routes.py get_dashboard_stats() delegates to service layer
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-27 21:28:23 +08:00
ogt
b0fbd063c8
fix: pchome_routes.py — permission_required 改用 role_required(auth.py 無此函數)
...
CD Pipeline / deploy (push) Successful in 1m16s
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-27 21:20:52 +08:00
ogt
237d3af76f
fix: Phase 2 P0 全清零 — 14 項安全與功能修復完成
...
CD Pipeline / deploy (push) Failing after 2m59s
P0-06: google_drive_service.py — pickle.load() 改 JSON token(消除 RCE 風險)
P0-07: bot_api_routes.py:30 — BOT_API_TOKEN 移除硬編碼預設值 clawdbot_momo_2026
P0-08: auto_import_index.html — showAlert innerHTML 改 createTextNode(XSS 修復)
P0-09: abc_analysis_detail.html + dashboard.html + daily_sales.html — Jinja2 | e 轉義
P0-10: openclaw_bot_routes.py:2634 — vendor PPT 補 return ppt_path(廠商報告恢復)
P0-11: telegram_bot_service.py:177-214 — cmd_start/cmd_help 補 try/except
P0-12: app.py:689-712 — 10 個 Blueprint 補齊 register(消滅 404 路由)
P0-13: auto_heal_service.py — 實作 _write_heal_log(),AIOps 稽核閉環補完
P0-14: monitoring/prometheus.yml — 取消 alert_rules comment;新增 alert_rules.yml
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-27 21:11:52 +08:00
ogt
c299abba5d
fix: restore Hermes to 111+hermes3 + add NVIDIA NIM auto-fallback for OpenClaw
...
CD Pipeline / deploy (push) Successful in 3m0s
Hermes was wrongly redirected to 188 (CPU-only, 60s+ timeout).
111 has hermes3:latest with GPU acceleration (~10s response).
OpenClaw now auto-detects:
1. Gemini (primary, when GEMINI_API_KEY set)
2. NVIDIA NIM nemotron-ultra (auto-fallback, NVIDIA_API_KEY already set)
3. Friendly error only when both are unavailable
This implements the user-requested auto-failover pattern: always try
primary first, silently fall back, restore automatically when primary recovers.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-25 10:31:00 +08:00
ogt
d5c0feab5e
fix: Telegram bot 全功能修復 — 16個await按鈕/AI對話/模型遷移/DB schema
...
CD Pipeline / deploy (push) Successful in 1m35s
## Telegram Bot 功能修復
- 補全 16 個 await: 按鈕的 handler(日期選擇/目標設定/促銷追蹤等),
新增 _handle_await_callback + _process_await_input 完整狀態機
- cmd: 按鈕加入 ⏳ 即時回饋 + try/except 防 BadRequest
- handle_callback 加頂層 try/except 錯誤兜底
- 補 momo:cmd:suggestion + momo:menu:main callback handler
- 修復 _enhanced_keyword_matching context NameError
## AI 模型遷移(hermes3@111 → qwen2.5@188)
- hermes_analyst_service: URL 192.168.0.111→188, hermes3→qwen2.5:7b-instruct
- code_review_pipeline: 改用 HERMES_URL/HERMES_MODEL 常數
- elephant_alpha_orchestrator / nemoton_dispatcher: registry/footprint 同步
- aider_heal_executor: OLLAMA_API_BASE fallback 改 188
- ai_routes: footprint display 字串改 qwen2.5:7b-instruct
## ElephantAlpha 404 修復
- elephant_service: openrouter→NVIDIA NIM, nvidia/llama-3.1-nemotron-ultra-253b-v1
- ai_provider: 模型 ID 同步更新
## TELEGRAM_CHAT_ID 環境變數修正
- cicd_routes + aider_heal_executor: 優先讀 TELEGRAM_CHAT_IDS[0],
fallback TELEGRAM_CHAT_ID,修復通知靜默失敗
## AI 對話 logging 改善
- telegram_ai_integration: Hermes 降級改 WARNING,OpenClaw 失敗加 exc_info
- hermes_analyst_service: 連線失敗 log 加 host/model context
## DB Schema 修復
- migrations/019: action_plans 補齊全欄位,DROP NOT NULL action_type
- autoheal_models: ActionPlan ORM 同步為超集 schema
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-25 03:30:14 +08:00
ogt
3f7fc0aba0
[V10.4-B] Telegram 按鈕安全強化:C2/C3/H4/H6 修復
...
修復 P9-1 全景盤點所發現的四項高優先問題:
- routes/openclaw_bot_routes.py:
C3: ALLOWED_USERS/ALLOWED_GROUP 白名單 fail-closed,阻擋非授權 chat
H4: _seen_update_ids 改用 deque(maxlen=500) LRU 防記憶體洩漏
- services/telegram_bot_service.py:
C2: 新增 momo:bpa/bpr/eig 三個 callback 分支 + handler 實作
H6: callback 滑動視窗速率限制(30次/分鐘/用戶)
- services/telegram_templates.py:
修正 decision_result / ops_action_result ImportError BLOCKER
新增 _now_taipei_hhmm / _html_escape 輔助函式
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-25 01:42:58 +08:00
ogt
a96306fba2
Fix Telegram bot natural language communication issue
...
- Install python-telegram-bot dependency
- Start Telegram bot service successfully
- Confirm correct group ID (MOMO PRO - small shrimp group)
- Bot now running with all commands and button interface functional
- Natural language processing restored with keyword matching
Fixes issue where Telegram group could not communicate using natural language.
2026-04-22 14:27:50 +08:00
ogt
efd05a2f65
fix(bot): 修復 /bot/internal/cmd 呼叫未定義 verify_internal_token
...
CD Pipeline / deploy (push) Successful in 1m20s
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-22 09:46:07 +08:00
ogt
28acdc19ae
fix(scheduler): 修復 Gunicorn 4 workers 重複發送排程通知
...
CD Pipeline / deploy (push) Has been cancelled
根因:APScheduler 在 openclaw_bot_routes.py 透過 record_once 啟動,
但 record_once 只防止同一 process 內重複;Gunicorn --workers 4 有
4 個獨立 worker process,各自啟動一個 scheduler,導致早報/晚報/Excel
每次觸發都送出 4 份。
修復:start_scheduler() 改用 fcntl.LOCK_EX|LOCK_NB 搶佔 /tmp/openclaw_scheduler.lock,
只有搶到鎖的 worker 啟動排程,其餘 3 個 worker 靜默跳過。
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-22 09:21:24 +08:00
ogt
b11789db77
fix(telegram+review): 修復 PPT 按鈕無反應 + Code Review 頁面空白
...
CD Pipeline / deploy (push) Successful in 1m28s
PPT 按鈕:
- telegram_bot_service.py 新增 cmd:* handler,透過 Thread 轉發到
OpenClaw Flask 內部 API(/bot/internal/cmd)
- openclaw_bot_routes.py 新增 /bot/internal/cmd 端點,背景執行 handle_cmd()
Code Review 頁面:
- get_history() 補回 findings / openclaw_report 欄位
- code_review.html history 項目可點擊,自動載入詳細內容
- poll() 無 active pipeline 時自動顯示最新歷史記錄
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-22 08:56:10 +08:00
ogt
2e0de960ce
feat(code-review): 重建為 Post-Deploy AI Agent Pipeline
...
CD Pipeline / deploy (push) Successful in 1m21s
架構重建:
- 移除 pre-commit hook(本機 commit 不再阻塞)
- 改為 CD 健康檢查通過後自動觸發 webhook
新建 services/code_review_pipeline_service.py:
5-Step Pipeline(後台 daemon thread)
Step1 system 讀取部署後變更檔案內容
Step2 Hermes 程式碼掃描(bugs/security/perf,hermes3:latest)
Step3 OpenClaw 架構品質評估(Gemini 2.5 Flash)
Step4 ElephantAlpha 決策協調(severity + auto_fix 裁量)
Step5 NemoTron action_plans 寫入 + AiderHeal 觸發
全程 Telegram 告警(啟動/完成/錯誤)+ ai_insights DB 持久化
重建 routes/code_review_routes.py:
POST /code-review/api/internal/trigger CD webhook(X-Internal-Token)
GET /code-review/api/status 前端即時 polling
GET /code-review/api/history 歷史清單
GET /code-review/ 前端儀表板
重建 templates/code_review.html:
深色儀表板,Pipeline 即時進度 + Severity 分佈 + 問題清單 + EA 決策
3s polling(running)/ 30s(idle)
.gitea/workflows/cd.yaml:
健康檢查通過後注入「觸發 AI Code Review」step
continue-on-error: true(不影響部署結果)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-21 20:55:23 +08:00
ogt
4f4e7ef062
feat: 實作 PPT 簡報資料庫持久化機制
...
CD Pipeline / deploy (push) Successful in 1m14s
- 新增 PPTReport 模型,支援快取查詢結果和檔案路徑
- 實作 growth/vendor/bcg 三種報告的快取機制
- 24 小時過期設定,避免重複計算
- 自動清理過期快取記錄
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-20 22:59:04 +08:00
ogt
b8e6f752fa
fix: 修復 Telegram Bot /menu 指令無響應及重複訊息問題
...
CD Pipeline / deploy (push) Failing after 55s
- telegram_bot_service: 新增 /menu 指令處理器,映射到 cmd_start
- openclaw_bot_routes: 優化「今日業績資料尚未匯入」訊息邏輯
- 區分「資料載入異常」vs「確實未匯入」
- 避免在已有今日資料時仍顯示未匯入訊息
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-20 22:48:07 +08:00
ogt
b37658f7be
fix: 修復 growth_analysis/abc_analysis 全表掃描 hang + elephant_alpha Blueprint stub
...
CD Pipeline / deploy (push) Failing after 51s
- growth_analysis: 改用 SQL 月度聚合 (3 個 targeted queries) 取代讀取 748k 行進 pandas
- _get_filtered_sales_data: 冷快取補載時 months=0 改為 months=12,避免全表掃描 hang
- elephant_alpha_routes: 補建 Blueprint stub 解除啟動 import 失敗警告
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-20 20:41:06 +08:00
ogt
74de1dc68a
fix: add python-pptx to requirements + fix BCG empty name filter
...
CD Pipeline / deploy (push) Has been cancelled
- requirements.txt: 加入 python-pptx(ADR-014 PPT 系統必要依賴,前次漏加)
- openclaw_bot_routes.py: BCG SQL 補 brand_name/area_name IS NOT NULL 過濾
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-20 20:38:04 +08:00
ogt
48804553cd
feat: PPT 簡報系統 V2 — 新增 growth/vendor/bcg 三種報告 + 原生圖表升級
...
CD Pipeline / deploy (push) Successful in 1m15s
- ppt_generator.py: 新增 generate_growth_ppt(6頁)、generate_vendor_ppt(5頁)、generate_bcg_ppt(5頁)
- openclaw_bot_routes.py: 新增 query_growth_data()、query_vendor_bcg_data()、_generate_ppt_cmd 三路分支、_submenu_reports 4顆新按鈕、type_labels、await:date_ppt_vendor 流程
- ADR-014: 記錄 V2 完整架構(9種報告類型、圖表技術方案、callback_data 格式)
- CLAUDE.md: 新增 PPT 簡報系統索引表
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-20 20:26:47 +08:00
ogt
e0d3b54527
feat: add PPT shortcut buttons after sales & trend query results
...
CD Pipeline / deploy (push) Failing after 1m1s
Previously after querying sales or trend data, there were no direct
PPT generation buttons — users had to navigate back to 簡報報表 menu.
Changes:
1. sales_quick_kb(date_str):
+ [📊 產出日報 PPT] → cmd:ppt:daily <date>
+ [📄 策略簡報] → cmd:ppt:strategy <date>
2. trend ≤35 days (weekly/monthly view):
+ [📊 產出趨勢簡報] → cmd:ppt:strategy <start_date>
+ [📅 產出日報 PPT] → cmd:ppt:daily <end_date>
+ [← 返回業績查詢] → menu:sales
3. trend >35 days (quarterly/half-year/yearly view):
+ [📊 產出趨勢簡報] → cmd:ppt:strategy <period>
+ [📅 月報 PPT] → cmd:ppt:monthly <month>
+ [← 返回業績查詢] → menu:sales
2026-04-20 06:14:39 +08:00
ogt
043ad3e6d9
fix: /menu@BotName in group chat not parsed correctly
...
CD Pipeline / deploy (push) Successful in 1m21s
Root cause: Telegram appends @BotUsername to commands in group chats:
/menu@OpenClawAwoool_Bot
The parser did:
q = question.lstrip('/') → 'menu@OpenClawAwoool_Bot'
cmd = q.split()[0].lower() → 'menu@openclawawoool_bot'
This did NOT match 'menu' in KNOWN set, so the command fell through
to openclaw_answer() (natural language mode) → no menu appeared.
Fix: cmd = raw_cmd.split('@')[0]
→ strips @mention suffix before KNOWN lookup
→ /menu@OpenClawAwoool_Bot now correctly dispatches to handle_cmd('menu')
Affects all slash commands in group chat mode.
2026-04-20 05:55:00 +08:00
ogt
38586deff1
security: harden alert_routes.py — auth coverage + input validation
...
CD Pipeline / deploy (push) Successful in 1m19s
Issues fixed:
1. [CRITICAL] /api/alert/fix unauthenticated (CWE-306)
POST /api/alert/fix had no @check_alert_auth and was CSRF-exempt.
Any unauthenticated caller could trigger docker restart or
docker exec on arbitrary container names (container_name is validated
by is_valid_container_name but restart of any valid name is still
a DoS vector). Fix: @check_alert_auth added.
2. [HIGH] Hardcoded ALERT_WEBHOOK_PASSWORD fallback (CWE-798)
Default 'wooo_alert_2026' exposed in source. Fix: default='',
startup warning if unset. check_alert_auth now fail-secure:
returns 503 if password not configured.
3. [MEDIUM] /api/alert/history and /api/alert/analyze unauthenticated
Both endpoints expose container names, memory usage, CPU stats,
system recommendations. Fix: @check_alert_auth added to both.
4. [MEDIUM] issue_type unvalidated in manual_fix (CWE-20)
Any string value could be passed through to auto_fix_container.
Fix: ALLOWED_ISSUE_TYPES frozenset — only memory/cpu variants allowed.
5. [LOW] limit parameter unbounded in get_alert_history
Arbitrarily large limit → large list slice → memory pressure.
Fix: clamped to [1, 200].
NOTE: L177 docker stats command (original report) is SAFE as-is —
list argv, fixed arguments, no user input. nosec B603 correctly placed.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-20 05:49:04 +08:00
ogt
96e19b6b72
security: harden system_routes.py — auth + input validation
...
CD Pipeline / deploy (push) Successful in 1m18s
Issues fixed:
1. [CRITICAL] No authentication on destructive routes (CWE-306)
POST /api/system/cleanup/docker was unauthenticated (system_bp is
CSRF-exempt, before_request only refreshes session, no login check).
Any unauthenticated HTTP client could trigger docker system prune.
Fix: _require_internal_key() checks X-Internal-Key header against
INTERNAL_API_KEY env var on all 4 routes; fail-secure if key unset.
2. [MEDIUM] Unvalidated numeric inputs in find commands (CWE-20)
max_size_mb / older_than_hours came from POST body and were
interpolated into find -size / -mmin args. Negative/huge values
could cause unexpected behavior.
Fix: _validate_int() clamps to [1..10000] / [1..8760] with defaults.
3. [LOW] find -mmin arg missing leading '+' (logic bug)
'-mmin 168' matches FILES EXACTLY 168 min old, not older-than.
Fix: '-mmin', f'+{older_than_hours * 60}' (+ = older than)
4. [LOW] subprocess(['date', ...]) in health_check replaced
with Python datetime.now(UTC).isoformat() — no subprocess needed.
INTERNAL_API_KEY added to .env.example with generation instructions.
Generate with: openssl rand -hex 32
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-20 05:47:04 +08:00
ogt
1c03d213ac
security: fix shell injection + hardcoded credentials in cicd_routes.py
...
CD Pipeline / deploy (push) Successful in 1m22s
CVE-class issues fixed:
1. [HIGH] Shell Injection in gitlab_api_via_ssh (CWE-78)
endpoint and json_data were interpolated into f-string cmd and passed
as a single SSH remote command string → shell parses it → injection.
Fix: build remote_argv as list; each curl argument is a separate item,
SSH receives them as independent argv (no shell parsing of user data).
2. [HIGH] Hardcoded credentials in source code (CWE-798)
GITLAB_TOKEN, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID all had live
secrets as default fallback values. Tokens are now '' (empty) with a
startup warning if env vars are missing.
3. [MEDIUM] Missing pre-validation allowlist on fix_action (CWE-20)
ALLOWED_FIX_ACTIONS frozenset added before route handler; any unknown
action is rejected with 400 before reaching execution logic.
Note: fix_registry/fix_pods/execute_*_rollback use static SSH commands
(no user input in cmd strings) so they are not injection risks.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-20 05:44:18 +08:00
ogt
ba86f98514
feat: integrate Elephant Alpha ecosystem with full ADR-012/013 compliance
...
CD Pipeline / deploy (push) Has been cancelled
- Add ElephantService, AutonomousEngine, Orchestrator, DecisionRouter (EA 4-file stack)
- Fix 10 bugs: URL typo, SQL schema mismatches (price_records JOIN), enum mapping,
metadata_json, NemoTron PriceThreat dispatch, async/await mismatch, broken imports
- Wire ADR-012 Agent Action Ladder: EventRouter L2 → EA first + AIOrch fallback;
all decisions dual-write DB + triaged_alert Telegram; momo: callback prefix
- Wire ADR-013 AutoHeal: resource_optimization trigger → AutoHealService
- Add W3 guards: connection cache 300s TTL, $5/hr cost hard limit
- Add W4 persistence: routing decisions + agent performance snapshots → ai_insights
- Add Migration 015: confidence + created_by columns on ai_insights
- Fix run_scheduler.py broken imports (DecisionTracker service didn't exist)
- Fix verify_elephant_integration.py: check_status() → check_connection()
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-20 04:28:26 +08:00
ogt
1fd1622007
feat(telegram): 全面切換 HTML parse_mode + 三層式視覺分隔
...
CD Pipeline / deploy (push) Successful in 1m12s
起因:Markdown 舊版 parse_mode 導致 \[Demo] / task\_name 反斜線外漏,
且三層結構(事件資訊 / AI 加工區 / 原始技術細節)分隔線不夠明顯。
切換 HTML parse_mode(只需 escape & < >,不會有反斜線副作用):
- telegram_templates.py 全模板重寫為 HTML
* <b>粗體</b> / <code>module</code> / <pre>trace</pre>
* H_DIV (━×20) 節間強分隔 / L_DIV (─×18) 節內弱分隔
* 新增 triaged_alert() 實作 ADR-012 §④ 三層式結構
[事件資訊] → ━━━ → [🤖 AI 分析] → ━━━ → [🔍 原始技術細節]
event_router.py:
- _hermes_observe_parsed() 回結構化 dict {summary, cause, actions}
取代舊的字串版本
- _render_l1/l2_with_fallback 改用 tpl.triaged_alert() 統一格式
- _send() parse_mode 改 HTML
Call sites 同步改 HTML:
- routes/bot_api_routes.py price_decision_notify
- services/openclaw_strategist_service.py 兩個發送處
- services/telegram_bot_service.py 三個 edit_message_text
(_handle_price_approve / _handle_price_reject / _handle_ops_callback)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-19 13:54:44 +08:00
ogt
528a6c0468
feat(telegram): 統一訊息格式模板(六類 + callback prefix)
...
CD Pipeline / deploy (push) Successful in 1m12s
新增 services/telegram_templates.py:
- alert() 🚨 告警 / warning() ⚠️ 警告 / info() ℹ️ 資訊
- success() ✅ 成功 / report() 📊 報告 / price_decision() 💰 決策
- decision_result() 回執(edit_message 用)
- 全訊息標 [EwoooC] 前綴(跨專案共用 bot 識別來源,見 ADR-011)
- _escape_md() 處理 user input,避免 Markdown 破版
- _tail() 取 trace 末段,避開曠日 stack trace
接入點改用模板(P2/P3):
- routes/bot_api_routes.py price_decision_notify
- services/openclaw_strategist_service.py _send_price_decision_requests
- services/telegram_bot_service.py _handle_price_approve/reject
callback_data 改用 momo: prefix(舊 pa:/pr: 向下相容)
尚未接入(待下次迭代):
- scheduler.py 各 task 錯誤通知
- _notify_telegram_group() 週報推播
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-19 12:28:23 +08:00
ogt
8d0b79cd00
feat(ops): restore Telegram chain + P2/P3 price decisions + ADR-011
...
CD Pipeline / deploy (push) Successful in 1m19s
P2 (Inline Keyboard 降價決策):
- routes/bot_api_routes.py: POST /bot/api/price-decision/notify
- services/telegram_bot_service.py: pa:/pr: callback handlers
P3 (OpenClaw 自動觸發):
- services/openclaw_strategist_service.py: Gemini 週報末尾輸出
PRICE_DECISIONS_JSON,解析後自動推送 inline keyboard 給 admin
Ops 修復(跨專案隔離與容器斷訊根因):
- ADR-011 全面規範多專案共存邊界、禁用 --remove-orphans
- .gitea/workflows/cd.yaml: sync 模式一次重啟三容器
(原本僅 momo-pro-system,scheduler/telegram-bot 靜默落伍)
- run_telegram_bot.py: 從 scripts/tools/ 複製到根目錄
(消滅 docker-compose mount 建空目錄的陷阱)
- CLAUDE.md: 補核心容器表、診斷黃金三句、緊急指令
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-19 12:25:04 +08:00
ogt
1b4f3a7bbe
feat: EwoooC 初始化 — 完整專案推版至 Gitea
...
CD Pipeline / deploy (push) Failing after 59s
- 建立 Gitea Actions CD pipeline (.gitea/workflows/cd.yaml)
- 部署模式: rsync Python 檔案至 188 → docker restart (volume mount)
- Dockerfile/requirements 變動時自動重建 Docker image
- 部署通知: Telegram (開始/成功/失敗)
- 健康檢查: https://mo.wooo.work/health (最多 5 次重試)
- 同步最新 CLAUDE.md / ADR-008 / memory (2026-04-19)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-19 01:21:13 +08:00