- Downgrade Python version from 3.13 to 3.11.12 for compatibility
- Improve empty LLM response handling with better diagnostics and retry logic in AnalysisAgent
- Add detailed logging for empty response retries with token count and iteration tracking
- Implement fallback result generation instead of immediate failure on consecutive empty responses
- Enhance stream error handling with partial content recovery and error message propagation
- Add comprehensive exception handling in stream_llm_call to prevent error suppression
- Implement project scope filtering to ensure consistent filtered views across Orchestrator and sub-agents
- Track filtered files and directories separately when target_files are specified
- Add scope_limited flag and scope_message to project structure for transparency
- Remove manual progress_percentage setting and rely on computed property for COMPLETED status
- Improve code comments with diagnostic markers (🔥) for critical sections
- Change task phase from COMPLETED to REPORTING when agent task finishes
- Ensures proper phase progression through task lifecycle
- Aligns with agent workflow state management requirements
- Change logger.info to logger.debug in agent_tasks.py streaming and tree endpoints
- Disable SQLAlchemy echo mode in database session configuration
- Suppress uvicorn access logs and LiteLLM INFO level logging in main application
- Remove LogViewer component and LogsPage from frontend
- Add trailing newlines to multiple backend configuration and model files
- Update frontend routing to remove logs page reference
- Improve application startup logging clarity by filtering verbose third-party logs
- Add database migrations for agent checkpoints and tree node tracking
- Implement core agent execution framework with executor, state management, and message handling
- Create knowledge base system with framework-specific modules (Django, FastAPI, Flask, Express, React, Supabase)
- Add vulnerability knowledge modules covering authentication, cryptography, injection, XSS, XXE, SSRF, path traversal, deserialization, and race conditions
- Introduce new agent tools: thinking tool, reporting tool, and agent-specific utilities
- Implement LLM memory compression and prompt caching for improved performance
- Add agent registry and persistence layer for checkpoint management
- Refactor agent implementations (analysis, recon, verification, orchestrator) with enhanced capabilities
- Remove legacy agent implementations (analysis_v2, react_agent)
- Update API endpoints for agent task creation and project management
- Add frontend components for agent task creation and enhanced audit UI
- Consolidate agent service architecture with improved separation of concerns
- This refactoring provides a scalable foundation for multi-agent collaboration with knowledge-driven decision making and state persistence
- Implement dual-mode streaming: prioritize in-memory EventManager for running tasks with thinking_token support
- Add fallback to database polling for completed tasks without thinking_token replay capability
- Introduce SSE event formatter utility for consistent event serialization across streaming modes
- Add 10ms micro-delay for thinking_token events to ensure proper TCP packet separation and frontend incremental rendering
- Refactor stream_agent_with_thinking endpoint to support both runtime and historical event streaming
- Update event filtering logic to handle both in-memory and database event sources
- Improve logging with debug markers for thinking_token tracking and stream mode selection
- Optimize polling intervals: 0.3s for running tasks, 2.0s for completed tasks
- Reduce idle timeout from 10 minutes to 1 minute for completed task streams
- Update frontend useAgentStream hook to handle unified event format from dual-mode streaming
- Enhance AgentAudit UI to properly display streamed events from both sources
- Introduce LLM-driven decision-making across various agents, allowing for dynamic adjustments based on real-time analysis.
- Implement new event types for LLM thinking, decisions, actions, and observations to enrich the event streaming experience.
- Update agent task responses to include additional metrics for better tracking of task progress and outcomes.
- Refactor UI components to highlight LLM-related events and improve user interaction during audits.
- Enhance API endpoints to support new event structures and improve overall error handling.
- Introduce streaming capabilities for agent events, allowing real-time updates during audits.
- Add new hooks for managing agent stream events in React components.
- Enhance the AgentAudit page to display LLM thinking processes and tool call details in real-time.
- Update API endpoints to support streaming event data and improve error handling.
- Refactor UI components for better organization and user experience during audits.
- Rename 'finished_at' to 'completed_at' in AgentTaskResponse and related functions for clarity.
- Introduce 'RUNNING' status in AgentTaskStatus to better represent task states.
- Update task configuration handling in AgentRunner to improve initialization logic.
- Enhance UI to reflect new 'RUNNING' and 'REPORTING' statuses in the AgentAudit component.
- Simplify the creation of agent tasks by directly assigning parameters instead of using a config dictionary.
- Set default values for verification level, max iterations, and timeout seconds to enhance usability.
- Introduce new Agent audit functionality for autonomous code security analysis and vulnerability verification.
- Add API endpoints for managing Agent tasks and configurations.
- Implement UI components for Agent mode selection and embedding model configuration.
- Enhance the overall architecture with a focus on RAG (Retrieval-Augmented Generation) for improved code semantic search.
- Create a sandbox environment for secure execution of vulnerability tests.
- Update documentation to include details on the new Agent audit features and usage instructions.
- Add exclude_patterns parameter to get_project_files endpoint for custom file filtering
- Support JSON-formatted exclude patterns array in API requests
- Integrate custom exclude patterns into ZIP and repository file scanning workflows
- Update should_exclude and is_text_file functions to support user-defined patterns
- Pass exclude_patterns through scan configuration in both scan_zip and scan_stored_zip endpoints
- Add ScanRequest model field for exclude_patterns to support pattern specification
- Implement file filtering logic that respects both default and custom exclusion rules
- Add comprehensive unit and E2E tests for file selection and exclusion pattern functionality
- Enable users to customize which files are scanned by specifying glob patterns like ["node_modules/**", "*.log"]
- Consolidate instant analysis to always use analyze_code_with_rules method
- Add use_default_template parameter to automatically select database default template when none specified
- Implement fallback logic to use hardcoded defaults only when no database template available
- Auto-select default prompt template on frontend page load
- Add visual labels for language and template selection dropdowns
- Improve template selector UX by removing empty default option and showing default indicator
- Simplifies analysis flow by removing conditional branching between analyze_code and analyze_code_with_rules
- Add user configuration retrieval with LLM API key decryption in prompt testing endpoint
- Support output language parameter in prompt template testing
- Integrate rule sets and prompt templates into ZIP file scanning process
- Add rule_set_id and prompt_template_id parameters to ScanRequest model
- Implement analyze_code_with_rules method for custom rule-based code analysis
- Add prompt_template_id support to instant analysis endpoint
- Update scan configuration to include rule set and prompt template selection
- Enhance error handling and logging in prompt testing with traceback output
- Extend InstantAnalysisRequest with optional prompt template ID parameter
- Add test code samples utility for prompt template validation
- Add database migration (004) to create prompt_templates, audit_rule_sets, and audit_rules tables with proper indexes
- Create PromptTemplate and AuditRule models with relationships and validation
- Implement prompt template API endpoints for CRUD operations and testing
- Implement audit rules API endpoints for CRUD operations and rule set management
- Add prompt and rules schemas for request/response validation
- Create prompt template initialization service with default system templates
- Integrate LLM service with prompt template system for dynamic prompt selection
- Add frontend pages for PromptManager and AuditRules management
- Add API client utilities for prompts and rules endpoints
- Update API router to include new prompts and rules endpoints
- Update database initialization to seed default templates and rules
- Update sidebar navigation to include new management pages
- Update frontend routes to support new prompt and rules management pages
- Add normalize_path() utility function to convert backslashes to forward slashes
- Ensure consistent path separators across Windows, Unix, and Mac platforms
- Apply path normalization to relative paths extracted from ZIP files
- Normalize target file paths before matching against scan configuration
- Update file filtering logic to use normalized path set for accurate matching
- Add inline comments explaining cross-platform path handling requirements
- Add FileSelectionDialog component for granular file selection in audit tasks
- Extract task form logic into useTaskForm and useZipFile custom hooks
- Create modular components: BasicConfig, AdvancedOptions, ExcludePatterns, ProjectSelector, ZipFileSection
- Add file listing endpoint GET /projects/{id}/files with branch support
- Add branch listing endpoint GET /projects/{id}/branches for repository projects
- Implement ScanRequest model with file_paths, exclude_patterns, and branch_name fields
- Update scan endpoint to accept selective file scanning and exclude patterns
- Add branch_name and exclude_patterns fields to AuditTask model
- Enhance scanner service with GitHub and GitLab file/branch retrieval functions
- Improve CreateTaskDialog with better UX for repository and ZIP file scanning
- Support per-scan configuration storage in audit tasks
- Refactor repository scan services to handle file selection and branch parameters
- Add source_type field to projects model to distinguish between repository and ZIP sources
- Implement ZIP file storage service with save, load, delete, and metadata operations
- Add database migration to populate source_type for existing projects
- Create ZIP upload endpoint with file handling and metadata tracking
- Add ZIP download endpoint for project file retrieval
- Implement project ZIP info endpoint to check file status and metadata
- Update project creation to support both repository and ZIP source types
- Add project type constants and utility functions for source type handling
- Update database export/import to include source_type field
- Extend frontend components to support ZIP file uploads in project creation
- Add instant analysis page for direct ZIP file scanning without project creation
- Update .gitignore to exclude uploaded ZIP files and metadata
- Enhance project detail and task detail pages with ZIP file management UI
- Bypass LLMFactory cache during connection tests to ensure fresh API calls with latest configuration
- Directly instantiate native adapters (Baidu, Minimax, Doubao) and LiteLLM adapter based on provider type
- Add comprehensive error handling in LiteLLM adapter with specific exception catching for authentication, rate limiting, and connection errors
- Implement user-friendly error messages for common failure scenarios (invalid API key, authentication failure, timeout, connection issues)
- Add response validation to detect and report empty API responses
- Disable LiteLLM internal caching to guarantee actual API calls during testing
- Update available models list with 2025 latest models across all providers (Gemini, OpenAI, Claude, Qwen, DeepSeek, etc.)
- Improve error message clarity and debugging information in config endpoint
- Replace individual adapter implementations (OpenAI, Claude, Gemini, DeepSeek, Qwen, Zhipu, Moonshot, Ollama) with unified LiteLLM adapter
- Keep native adapters for providers with special API formats (Baidu, MiniMax, Doubao)
- Update LLM factory to route requests through LiteLLM for supported providers
- Add test-llm endpoint to validate LLM connections with configurable timeout and token limits
- Add get-llm-providers endpoint to retrieve supported providers and their configurations
- Update config.py to ignore extra environment variables (VITE_* frontend variables)
- Refactor Baidu adapter to use new complete() method signature and improve error handling
- Update pyproject.toml dependencies to include litellm package
- Update env.example with new configuration options
- Simplify adapter initialization and reduce code duplication across multiple provider implementations
- Filter projects endpoint to return only projects owned by current user
- Filter tasks endpoint to return only tasks from current user's projects
- Update statistics endpoint to calculate stats scoped to current user's data
- Add filtering logic for projects, tasks, and issues based on user ownership
- Improve data isolation and security by preventing cross-user data access
- Add paginated user list endpoint with search by email, name, and phone
- Implement role-based and status filtering for user queries
- Add total count to user list response for pagination UI
- Create new Account page component for user profile management
- Add PUT /me endpoint for users to update their own profile information
- Add GET /{user_id} endpoint to retrieve specific user details
- Add PUT /{user_id} endpoint for admin user updates with full control
- Add DELETE /{user_id} endpoint for admin user deletion with self-protection
- Add POST /{user_id}/toggle-status endpoint to enable/disable user accounts
- Implement admin-only access control on user creation and management endpoints
- Add phone field support to user schema and creation flow
- Update user list response schema with pagination metadata
- Improve query validation with min/max constraints on pagination parameters
- Add Chinese localization to user-facing error messages and docstrings
- Update frontend routes to include new Account page
- Update Sidebar navigation to support account management links
- Update Login page styling to match new UI design system
lintsinghua