4debdc1449
* feat: add security logging and fix framework regressions This commit implements comprehensive security event logging and resolves critical regressions in the core framework. Security Logging: - Enhanced `pkg/log` with a `Security` level and helper. - Added `log.Username()` to consistently identify the executing user. - Instrumented GitHub CLI auth, Agentic configuration, filesystem sandbox, MCP handlers, and MCP TCP transport with security logs. - Added `SecurityStyle` to the CLI for consistent visual representation of security events. UniFi Security (CodeQL): - Refactored `pkg/unifi` to remove hardcoded `InsecureSkipVerify`, resolving a high-severity alert. - Added a `--verify-tls` flag and configuration option to control TLS verification. - Updated command handlers to support the new verification parameter. Framework Fixes: - Restored original signatures for `MustServiceFor`, `Config()`, and `Display()` in `pkg/framework/core`, which had been corrupted during a merge. - Fixed `pkg/framework/framework.go` and `pkg/framework/core/runtime_pkg.go` to match the restored signatures. - These fixes resolve project-wide compilation errors caused by the signature mismatches. I encountered significant blockers due to a corrupted state of the `dev` branch after a merge, which introduced breaking changes in the core framework's DI system. I had to manually reconcile these signatures with the expected usage across the codebase to restore build stability. * feat(mcp): add RAG tools (query, ingest, collections) Add vector database tools to the MCP server for RAG operations: - rag_query: Search for relevant documentation using semantic similarity - rag_ingest: Ingest files or directories into the vector database - rag_collections: List available collections Uses existing internal/cmd/rag exports (QueryDocs, IngestDirectory, IngestFile) and pkg/rag for Qdrant client access. Default collection is "hostuk-docs" with topK=5 for queries. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(mcp): add metrics tools (record, query) Add MCP tools for recording and querying AI/security metrics events. The metrics_record tool writes events to daily JSONL files, and the metrics_query tool provides aggregated statistics by type, repo, and agent. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: add 'core mcp serve' command Add CLI command to start the MCP server for AI tool integration. - Create internal/cmd/mcpcmd package with serve subcommand - Support --workspace flag for directory restriction - Handle SIGINT/SIGTERM for clean shutdown - Register in full.go build variant Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(ws): add WebSocket hub package for real-time streaming Add pkg/ws package implementing a hub pattern for WebSocket connections: - Hub manages client connections, broadcasts, and channel subscriptions - Client struct represents connected WebSocket clients - Message types: process_output, process_status, event, error, ping/pong - Channel-based subscription system (subscribe/unsubscribe) - SendProcessOutput and SendProcessStatus for process streaming integration - Full test coverage including concurrency tests Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(mcp): add process management and WebSocket MCP tools Add MCP tools for process management: - process_start: Start a new external process - process_stop: Gracefully stop a running process - process_kill: Force kill a process - process_list: List all managed processes - process_output: Get captured process output - process_input: Send input to process stdin Add MCP tools for WebSocket: - ws_start: Start WebSocket server for real-time streaming - ws_info: Get hub statistics (clients, channels) Update Service struct with optional process.Service and ws.Hub fields, new WithProcessService and WithWSHub options, getter methods, and Shutdown method for cleanup. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(webview): add browser automation package via Chrome DevTools Protocol Add pkg/webview package for browser automation: - webview.go: Main interface with Connect, Navigate, Click, Type, QuerySelector, Screenshot, Evaluate - cdp.go: Chrome DevTools Protocol WebSocket client implementation - actions.go: DOM action types (Click, Type, Hover, Scroll, etc.) and ActionSequence builder - console.go: Console message capture and filtering with ConsoleWatcher and ExceptionWatcher - angular.go: Angular-specific helpers for router navigation, component access, and Zone.js stability Add MCP tools for webview: - webview_connect/disconnect: Connection management - webview_navigate: Page navigation - webview_click/type/query/wait: DOM interaction - webview_console: Console output capture - webview_eval: JavaScript execution - webview_screenshot: Screenshot capture Add documentation: - docs/mcp/angular-testing.md: Guide for Angular application testing Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: document new packages and BugSETI application - Update CLAUDE.md with documentation for: - pkg/ws (WebSocket hub for real-time streaming) - pkg/webview (Browser automation via CDP) - pkg/mcp (MCP server tools: process, ws, webview) - BugSETI application overview - Add comprehensive README for BugSETI with: - Installation and configuration guide - Usage workflow documentation - Architecture overview - Contributing guidelines Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(bugseti): add BugSETI system tray app with auto-update BugSETI - Distributed Bug Fixing like SETI@home but for code Features: - System tray app with Wails v3 - GitHub issue fetching with label filters - Issue queue with priority management - AI context seeding via seed-agent-developer skill - Automated PR submission flow - Stats tracking and leaderboard - Cross-platform notifications - Self-updating with stable/beta/nightly channels Includes: - cmd/bugseti: Main application with Angular frontend - internal/bugseti: Core services (fetcher, queue, seeder, submit, config, stats, notify) - internal/bugseti/updater: Auto-update system (checker, downloader, installer) - .github/workflows/bugseti-release.yml: CI/CD for all platforms Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: resolve import cycle and code duplication - Remove pkg/log import from pkg/io/local to break import cycle (pkg/log/rotation.go imports pkg/io, creating circular dependency) - Use stderr logging for security events in sandbox escape detection - Remove unused sync/atomic import from core.go - Fix duplicate LogSecurity function declarations in cli/log.go - Update workspace/service.go Crypt() call to match interface Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: update tests for new function signatures and format code - Update core_test.go: Config(), Display() now panic instead of returning error - Update runtime_pkg_test.go: sr.Config() now panics instead of returning error - Update MustServiceFor tests to use assert.Panics - Format BugSETI, MCP tools, and webview packages with gofmt Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Snider <631881+Snider@users.noreply.github.com> Co-authored-by: Claude <developers@lethean.io> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
5.1 KiB
5.1 KiB
Workflows
Common end-to-end workflows for Core CLI.
Go Project: Build and Release
Complete workflow from code to GitHub release.
# 1. Run tests
core go test
# 2. Check coverage (Statement and Branch)
core go cov --threshold 40 --branch-threshold 35
# 3. Format and lint
core go fmt --fix
core go lint
# 4. Build for all platforms
core build --targets linux/amd64,linux/arm64,darwin/arm64,windows/amd64
# 5. Preview release (dry-run)
core ci
# 6. Publish
core ci --we-are-go-for-launch
Output structure:
dist/
├── myapp-darwin-arm64.tar.gz
├── myapp-linux-amd64.tar.gz
├── myapp-linux-arm64.tar.gz
├── myapp-windows-amd64.zip
└── CHECKSUMS.txt
PHP Project: Development to Deployment
Local development through to production deployment.
# 1. Start development environment
core php dev
# 2. Run tests (in another terminal)
core php test --parallel
# 3. Check code quality
core php fmt --fix
core php analyse
# 4. Deploy to staging
core php deploy --staging --wait
# 5. Verify staging
# (manual testing)
# 6. Deploy to production
core php deploy --wait
# 7. Monitor
core php deploy:status
Rollback if needed:
core php deploy:rollback
Multi-Repo: Daily Workflow
Working across the host-uk monorepo.
Morning: Sync Everything
# Quick health check
core dev health
# Pull all repos that are behind
core dev pull --all
# Check for issues assigned to you
core dev issues --assignee @me
During Development
# Work on code...
# Check status across all repos
core dev work --status
# Commit changes (Claude-assisted messages)
core dev commit
# Push when ready
core dev push
End of Day
# Full workflow: status → commit → push
core dev work
# Check CI status
core dev ci
# Review any failed builds
core dev ci --failed
New Developer: Environment Setup
First-time setup for a new team member.
# 1. Verify prerequisites
core doctor
# 2. Create workspace directory
mkdir ~/Code/host-uk && cd ~/Code/host-uk
# 3. Bootstrap workspace (interactive)
core setup
# 4. Select packages in wizard
# Use arrow keys, space to select, enter to confirm
# 5. Verify setup
core dev health
# 6. Start working
core dev work --status
CI Pipeline: Automated Build
Example GitHub Actions workflow.
# .github/workflows/release.yml
name: Release
on:
push:
tags:
- 'v*'
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '1.23'
- name: Install Core
run: go install github.com/host-uk/core/cmd/core@latest
- name: Build
run: core build --ci
- name: Release
run: core ci --we-are-go-for-launch
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SDK Generation: API Client Updates
Generate SDK clients when API changes.
# 1. Validate OpenAPI spec
core sdk validate
# 2. Check for breaking changes
core sdk diff --base v1.0.0
# 3. Generate SDKs
core build sdk
# 4. Review generated code
git diff
# 5. Commit if satisfied
git add -A && git commit -m "chore: regenerate SDK clients"
Dependency Update: Cross-Repo Change
When updating a shared package like core-php.
# 1. Make changes in core-php
cd ~/Code/host-uk/core-php
# ... edit code ...
# 2. Run tests
core go test # or core php test
# 3. Check what depends on core-php
core dev impact core-php
# Output:
# core-tenant (direct)
# core-admin (via core-tenant)
# core-api (direct)
# ...
# 4. Commit core-php changes
core dev commit
# 5. Update dependent packages
cd ~/Code/host-uk
for pkg in core-tenant core-admin core-api; do
cd $pkg
composer update host-uk/core-php
core php test
cd ..
done
# 6. Commit all updates
core dev work
Hotfix: Emergency Production Fix
Fast path for critical fixes.
# 1. Create hotfix branch
git checkout -b hotfix/critical-bug main
# 2. Make fix
# ... edit code ...
# 3. Test
core go test --run TestCriticalPath
# 4. Build
core build
# 5. Preview release
core ci --prerelease
# 6. Publish hotfix
core ci --we-are-go-for-launch --prerelease
# 7. Merge back to main
git checkout main
git merge hotfix/critical-bug
git push
Documentation: Sync Across Repos
Keep documentation synchronised.
# 1. List all docs
core docs list
# 2. Sync to central location
core docs sync --output ./docs-site
# 3. Review changes
git diff docs-site/
# 4. Commit
git add docs-site/
git commit -m "docs: sync from packages"
Troubleshooting: Failed Build
When a build fails.
# 1. Check environment
core doctor
# 2. Clean previous artifacts
rm -rf dist/
# 3. Verbose build
core build -v
# 4. If Go-specific issues
core go mod tidy
core go mod verify
# 5. Check for test failures
core go test -v
# 6. Review configuration
cat .core/build.yaml
See Also
- Getting Started - First-time setup
- Troubleshooting - When things go wrong
- Configuration - Config file reference