- Downgrade Python version from 3.13 to 3.11.12 for compatibility
- Improve empty LLM response handling with better diagnostics and retry logic in AnalysisAgent
- Add detailed logging for empty response retries with token count and iteration tracking
- Implement fallback result generation instead of immediate failure on consecutive empty responses
- Enhance stream error handling with partial content recovery and error message propagation
- Add comprehensive exception handling in stream_llm_call to prevent error suppression
- Implement project scope filtering to ensure consistent filtered views across Orchestrator and sub-agents
- Track filtered files and directories separately when target_files are specified
- Add scope_limited flag and scope_message to project structure for transparency
- Remove manual progress_percentage setting and rely on computed property for COMPLETED status
- Improve code comments with diagnostic markers (🔥) for critical sections
- Change task phase from COMPLETED to REPORTING when agent task finishes
- Ensures proper phase progression through task lifecycle
- Aligns with agent workflow state management requirements
- Change logger.info to logger.debug in agent_tasks.py streaming and tree endpoints
- Disable SQLAlchemy echo mode in database session configuration
- Suppress uvicorn access logs and LiteLLM INFO level logging in main application
- Remove LogViewer component and LogsPage from frontend
- Add trailing newlines to multiple backend configuration and model files
- Update frontend routing to remove logs page reference
- Improve application startup logging clarity by filtering verbose third-party logs
- Add database migrations for agent checkpoints and tree node tracking
- Implement core agent execution framework with executor, state management, and message handling
- Create knowledge base system with framework-specific modules (Django, FastAPI, Flask, Express, React, Supabase)
- Add vulnerability knowledge modules covering authentication, cryptography, injection, XSS, XXE, SSRF, path traversal, deserialization, and race conditions
- Introduce new agent tools: thinking tool, reporting tool, and agent-specific utilities
- Implement LLM memory compression and prompt caching for improved performance
- Add agent registry and persistence layer for checkpoint management
- Refactor agent implementations (analysis, recon, verification, orchestrator) with enhanced capabilities
- Remove legacy agent implementations (analysis_v2, react_agent)
- Update API endpoints for agent task creation and project management
- Add frontend components for agent task creation and enhanced audit UI
- Consolidate agent service architecture with improved separation of concerns
- This refactoring provides a scalable foundation for multi-agent collaboration with knowledge-driven decision making and state persistence
- Implement dual-mode streaming: prioritize in-memory EventManager for running tasks with thinking_token support
- Add fallback to database polling for completed tasks without thinking_token replay capability
- Introduce SSE event formatter utility for consistent event serialization across streaming modes
- Add 10ms micro-delay for thinking_token events to ensure proper TCP packet separation and frontend incremental rendering
- Refactor stream_agent_with_thinking endpoint to support both runtime and historical event streaming
- Update event filtering logic to handle both in-memory and database event sources
- Improve logging with debug markers for thinking_token tracking and stream mode selection
- Optimize polling intervals: 0.3s for running tasks, 2.0s for completed tasks
- Reduce idle timeout from 10 minutes to 1 minute for completed task streams
- Update frontend useAgentStream hook to handle unified event format from dual-mode streaming
- Enhance AgentAudit UI to properly display streamed events from both sources
- Introduce LLM-driven decision-making across various agents, allowing for dynamic adjustments based on real-time analysis.
- Implement new event types for LLM thinking, decisions, actions, and observations to enrich the event streaming experience.
- Update agent task responses to include additional metrics for better tracking of task progress and outcomes.
- Refactor UI components to highlight LLM-related events and improve user interaction during audits.
- Enhance API endpoints to support new event structures and improve overall error handling.
- Introduce streaming capabilities for agent events, allowing real-time updates during audits.
- Add new hooks for managing agent stream events in React components.
- Enhance the AgentAudit page to display LLM thinking processes and tool call details in real-time.
- Update API endpoints to support streaming event data and improve error handling.
- Refactor UI components for better organization and user experience during audits.
- Rename 'finished_at' to 'completed_at' in AgentTaskResponse and related functions for clarity.
- Introduce 'RUNNING' status in AgentTaskStatus to better represent task states.
- Update task configuration handling in AgentRunner to improve initialization logic.
- Enhance UI to reflect new 'RUNNING' and 'REPORTING' statuses in the AgentAudit component.
- Rename 'metadata' columns to 'event_metadata' and 'finding_metadata' for clarity in database schema.
- Update AgentRunner to construct task configuration from task fields, ensuring default values are applied.
- Improve UI to handle potential null values for progress percentage and security score, enhancing user experience.
- Simplify the creation of agent tasks by directly assigning parameters instead of using a config dictionary.
- Set default values for verification level, max iterations, and timeout seconds to enhance usability.
- Introduce new Agent audit functionality for autonomous code security analysis and vulnerability verification.
- Add API endpoints for managing Agent tasks and configurations.
- Implement UI components for Agent mode selection and embedding model configuration.
- Enhance the overall architecture with a focus on RAG (Retrieval-Augmented Generation) for improved code semantic search.
- Create a sandbox environment for secure execution of vulnerability tests.
- Update documentation to include details on the new Agent audit features and usage instructions.
- Refactor DialogTitle structure to use flexbox gap instead of nested flex containers
- Consolidate icon, title, and badge into single flex row with improved spacing
- Add ml-auto to badge for automatic right alignment instead of justify-between
- Remove unnecessary nested div wrapper around icon and title text
- Add flex-shrink-0 to icon to prevent scaling in flex layout
- Add pr-8 padding to DialogTitle for better spacing with close button
- Improve code readability and reduce DOM nesting complexity
- Update demo data to mark running task as completed with audit results
- Add reset to defaults button for exclude patterns in CreateTaskDialog
- Implement quick-add buttons for common exclude patterns (.test., .spec., .min., coverage/, docs/, .md)
- Improve exclude patterns input with better placeholder text and visual feedback
- Refactor FileSelectionDialog with tree-based folder structure for better file organization
- Add file type icons (code files, config files, generic files) for improved visual distinction
- Implement folder expansion/collapse functionality with chevron indicators
- Add file filtering by extension and search capabilities
- Enhance UI with better spacing, visual hierarchy, and user guidance
- Improve accessibility with proper icon imports and component organization
- Add exclude_patterns parameter to get_project_files endpoint for custom file filtering
- Support JSON-formatted exclude patterns array in API requests
- Integrate custom exclude patterns into ZIP and repository file scanning workflows
- Update should_exclude and is_text_file functions to support user-defined patterns
- Pass exclude_patterns through scan configuration in both scan_zip and scan_stored_zip endpoints
- Add ScanRequest model field for exclude_patterns to support pattern specification
- Implement file filtering logic that respects both default and custom exclusion rules
- Add comprehensive unit and E2E tests for file selection and exclusion pattern functionality
- Enable users to customize which files are scanned by specifying glob patterns like ["node_modules/**", "*.log"]
- Add new feature showcase section for audit rules management and prompt templates
- Include screenshots for audit rules and prompt manager UI components
- Restructure core capabilities section using table format for better readability
- Update instant analysis description to reflect file upload capability
- Convert LLM platforms section to table format with platform categories
- Add API relay station note for network accessibility
- Reorganize documentation links into table format with descriptions
- Update configuration documentation reference to include audit rules and prompt templates
- Add CHANGELOG.md to documentation links
- Improve visual hierarchy and information organization throughout README
- Update version to 2.0.0-beta.7 in package.json, pyproject.toml, README.md
- Add audit rules and prompt templates to core features in README
- Remove 'custom rules' from roadmap (now implemented)
- Add comprehensive documentation for audit rules configuration
- Add complete system prompt examples and architecture explanation
- Document all built-in rule sets (OWASP Top 10, Code Quality, Performance)
- Document all built-in prompt templates with full content
- Add prompt composition structure diagram
- Auto-select default rule set on dialog load, fallback to first item if no default exists
- Auto-select default prompt template on dialog load, fallback to first item if no default exists
- Remove empty option from rule set and prompt template selectors
- Update placeholder text from "默认规则" to "选择规则集" and "默认提示词" to "选择提示词模板"
- Add visual indicator "(默认)" badge to default items in dropdown lists
- Update label text from "提示词" to "提示词模板" for clarity
- Add ruleSets and promptTemplates to useEffect dependency array to maintain default selections on dialog reopen
- Improve UX by ensuring users always have a valid selection without manual intervention
- Consolidate instant analysis to always use analyze_code_with_rules method
- Add use_default_template parameter to automatically select database default template when none specified
- Implement fallback logic to use hardcoded defaults only when no database template available
- Auto-select default prompt template on frontend page load
- Add visual labels for language and template selection dropdowns
- Improve template selector UX by removing empty default option and showing default indicator
- Simplifies analysis flow by removing conditional branching between analyze_code and analyze_code_with_rules
- Add user configuration retrieval with LLM API key decryption in prompt testing endpoint
- Support output language parameter in prompt template testing
- Integrate rule sets and prompt templates into ZIP file scanning process
- Add rule_set_id and prompt_template_id parameters to ScanRequest model
- Implement analyze_code_with_rules method for custom rule-based code analysis
- Add prompt_template_id support to instant analysis endpoint
- Update scan configuration to include rule set and prompt template selection
- Enhance error handling and logging in prompt testing with traceback output
- Extend InstantAnalysisRequest with optional prompt template ID parameter
- Add test code samples utility for prompt template validation
- Add database migration (004) to create prompt_templates, audit_rule_sets, and audit_rules tables with proper indexes
- Create PromptTemplate and AuditRule models with relationships and validation
- Implement prompt template API endpoints for CRUD operations and testing
- Implement audit rules API endpoints for CRUD operations and rule set management
- Add prompt and rules schemas for request/response validation
- Create prompt template initialization service with default system templates
- Integrate LLM service with prompt template system for dynamic prompt selection
- Add frontend pages for PromptManager and AuditRules management
- Add API client utilities for prompts and rules endpoints
- Update API router to include new prompts and rules endpoints
- Update database initialization to seed default templates and rules
- Update sidebar navigation to include new management pages
- Update frontend routes to support new prompt and rules management pages
- Remove redundant check for CUSTOM_BASE_URL_PROVIDERS
- Consolidate model name prefix logic into single code path
- Move prefix retrieval after model name validation
- Improve code clarity by eliminating unnecessary conditional branches
- Maintain backward compatibility with existing model name formats
- Add normalize_path() utility function to convert backslashes to forward slashes
- Ensure consistent path separators across Windows, Unix, and Mac platforms
- Apply path normalization to relative paths extracted from ZIP files
- Normalize target file paths before matching against scan configuration
- Update file filtering logic to use normalized path set for accurate matching
- Add inline comments explaining cross-platform path handling requirements
lintsinghua
lintsinghua