feat: security hardening, tests, doctor command, CI update, CHANGELOG
All checks were successful
CI / build (push) Successful in 2m37s
All checks were successful
CI / build (push) Successful in 2m37s
- Add AES-256-GCM encryption for API keys (internal/secret) - Add dangerous command detection in terminal - Add muyue doctor command for system health checks - Add scanner TTL cache, orchestrator history mutex, shared HTTP client - Deduplicate MCP config generation, refactor skills YAML parser - Add XDG-compliant config dir with legacy migration - Add cleanup on all TUI quit paths - Add 8 test files (config, workflow, skills, orchestrator, version, platform, scanner, secret) - Update CI to actions/setup-go@v5 - Add CHANGELOG.md, update README and Makefile 🤖 Generated with Crush Assisted-by: GLM-5.1 via Crush <crush@charm.land>
This commit is contained in:
Augustin
34
CHANGELOG.md
Normal file
34
CHANGELOG.md
Normal file
@@ -0,0 +1,34 @@
|
||||
# Changelog
|
||||
|
||||
All notable changes to this project will be documented in this file.
|
||||
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
|
||||
|
||||
## [0.2.0] - 2026-04-20
|
||||
|
||||
### Added
|
||||
|
||||
- **Security**: AES-256-GCM encryption for API keys stored in config (`internal/secret`). Per-machine random key at `~/.muyue_key` with 0600 permissions.
|
||||
- **Security**: Dangerous command detection in integrated terminal (rm -rf, mkfs, dd, fork bombs, shutdown/reboot, redirects to system dirs).
|
||||
- **Security**: MCP config files now written with 0600 permissions, directories with 0700.
|
||||
- **Command**: `muyue doctor` — checks config, API key, tools, LSP/MCP servers, and skills installation.
|
||||
- **Config**: XDG-compliant config directory via `os.UserConfigDir()` with automatic migration from legacy `~/.muyue`.
|
||||
- **Performance**: Scanner results cached with 5-minute TTL and `InvalidateCache()` for forced refresh.
|
||||
- **Performance**: Shared HTTP client for orchestrator and updater (10s timeout, connection pooling).
|
||||
- **Tests**: 8 test files covering config, workflow, skills, orchestrator, version, platform, scanner, and secret packages.
|
||||
- **CI**: Updated to use `actions/setup-go@v5` instead of manual Go download.
|
||||
- **Makefile**: Added `test-short` (with `-short -timeout 60s`) and `vet` targets.
|
||||
|
||||
### Changed
|
||||
|
||||
- **Architecture**: MCP config generation deduplicated — shared `writeMCPConfig()` with `mcpEntry` type replaces two near-identical functions.
|
||||
- **Architecture**: Skills YAML frontmatter parser now uses `gopkg.in/yaml.v3` instead of manual line-by-line parsing.
|
||||
- **Concurrency**: Orchestrator history protected by `sync.Mutex` to prevent races from tea.Cmd goroutines.
|
||||
- **TUI**: `cleanup(m Model)` now called on all quit paths (confirm, ctrl+c force, ctrl+c in quit overlay) to stop daemon, preview server, and proxy agents.
|
||||
- **README**: Complete rewrite documenting all CLI commands, LSP/MCP/Skills management, security, and XDG paths.
|
||||
|
||||
## [0.1.0] - 2026-04-18
|
||||
|
||||
### Added
|
||||
|
||||
- Initial release with Bubble Tea TUI, AI chat orchestration, system scanning, tool installation, LSP/MCP management, skills system, and multi-platform CI/release pipeline.
|
||||
Reference in New Issue
Block a user