pulsareon/dstalk
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

W23: close mailroom metadata and network validation tests
Some checks failed
CI / Determine matrix (push) Has been cancelled
Details
CI / ${{ matrix.os }} / ${{ matrix.build_type }} (push) Has been cancelled
Details
CI / Sanitizer (ASan+UBSan) / ubuntu-24.04 (push) Has been cancelled
Details
CI / Coverage (gcovr) / ubuntu-24.04 (push) Has been cancelled
Details

Browse Source 
- Refresh agents STATUS to W22.6 and exclude mailroom from metadata scans
- Add mailroom dispatch checklist and defensive rules
- Register F-23.D-1 and tag network input validation defense-in-depth
- Update network plugin tests for header length limits
- Fix LSP test metadata and remove orphan anthropic_internal.hpp

Verification:
- cmake --build build --config Release: 0 error, 0 warning
- ctest --test-dir build --output-on-failure: 10/10 passed
- ctest --test-dir build -R dstalk_smoke_test --output-on-failure: passed
- python scripts/check_agents_metadata.py --strict: passed

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
XiuChengWu
2026-06-03 17:56:45 +08:00
parent c0af9c65c7
commit 28ae90a6cc
11 changed files with 55 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
agents/audits/findings-registry.md
View File

@@ -2,7 +2,7 @@
> **维护人**: grp-quality-core (王测)
> **格式定义**: 见 `agents/WORKFLOW.md` §14.2
> **最后更新**: 2026-05-27 (W19 CEO 验收,关闭 plugin_loader 全部 5 条发现findings 归零)
> **最后更新**: 2026-06-03 (W23.D 登记 network 输入验证 defense-in-depth 发现)
---
@@ -10,7 +10,7 @@
| ID | Severity | Source | Title | Status | Assigned To | Fix Wave | Verified By |
|----|----------|--------|-------|--------|-------------|----------|-------------|
| — | — | — | 暂无 OPEN 发现 | — | — | — | — |
| F-23.D-1 | LOW | W23.D security-cao review | network_plugin request input validation defense-in-depth: headers_json length limits and host/target/port validation were absent | FIXED | security-cao | W23.D | CEO |
---
@@ -54,6 +54,7 @@
| Date | Change | Author |
|------|--------|--------|
| 2026-05-27 | W15.2 初始化,从 W11.1/W11.7 提取 10 条发现 | 王测 (qa-wang) |
| 2026-06-03 | W23.D: 登记 F-23.D-1 LOWnetwork_plugin 输入验证 defense-in-depthW23.D 代码已补 headers_json 长度限制与 host/target/port 校验,进入 FIXED 等待 CEO 验收 | CEO |
| 2026-05-27 | W16.1: F-11.7-1 状态 CLOSEDW12.4 已彻底修复 build 产物路径不一致,验证通过 | 曹武 (security-cao) |
| 2026-05-27 | W16.2: F-11.1-1 状态 FIXEDcontext_set_max_tokens / on_shutdown 添加 try/catch 包装 | 孙宇 (engineer-sun) |
| 2026-05-27 | W16.3: F-11.1-2 状态 FIXEDstrdup OOM 检查在 W12.1 strdup_message_fields() 已实现g_host->strdup 四调用含 nullptr 检查+oom 回滚,编译 0 error + ctest 4/4 pass 验证通过 | 陈风 (engineer-chen) |