Skip to content

Dev#678

Open
zhaojing1987 wants to merge 70 commits into
mainfrom
dev
Open

Dev#678
zhaojing1987 wants to merge 70 commits into
mainfrom
dev

Conversation

@zhaojing1987

@zhaojing1987 zhaojing1987 commented Mar 24, 2026

Copy link
Copy Markdown
Contributor

Description

Upgrade deployment and fix CVE-2026-33186 and CVE-2026-1229

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update
  • Code refactoring (no functional changes)
  • Performance improvement
  • Test coverage improvement
  • CI/CD improvement

Related Issue

Fixes #(issue number)

Changes Made

Testing

  • Unit tests pass locally (pytest)
  • Code coverage maintained or improved
  • Linting checks pass (black, isort, flake8)
  • Manual testing completed
  • Integration tests pass (if applicable)

Test Evidence

# Example: pytest output

Checklist

  • My code follows the project's code style guidelines
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings or errors
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published

Screenshots (if applicable)

Additional Notes

Deployment Notes

  • Requires database migrations
  • Requires environment variable changes
  • Requires Docker image rebuild
  • Requires configuration updates
  • No special deployment steps needed

For Reviewers:

  • Code quality and style
  • Test coverage adequate
  • Documentation updated
  • Security considerations addressed
  • Performance impact acceptable

@zhaojing1987
refactor(websoft9): update platform planning and module assets
b3bb4c9
@zhaojing1987
chore(git): track bmad output artifacts
324f4f5
@zhaojing1987
docs(process): define bilingual bmad document policy
0cafb7f
@zhaojing1987
docs(prd): add bilingual refactor prd
4691db3
@zhaojing1987
docs(prd): stop tracking chinese prd copy
ff242c5
@zhaojing1987
feat(product): converge single-container gateway runtime
fc35271
@zhaojing1987
feat(console): add embedded integration shell
b3a6d3e
@zhaojing1987
feat(console): finalize epic 2 integration flow and app store baseline
63224aa
@zhaojing1987
feat(console): complete native app management baseline
1ab554e
@zhaojing1987
feat(myapps): align legacy detail workflow and preserve integration s…
8f8beee 
…tate
@zhaojing1987
feat(product-auth): add operator bootstrap and protected routes
9d37117
@zhaojing1987
feat(product): refine auth and legacy console UX
e586e28
@zhaojing1987
feat(files): add native file management workspace
e2d8493
@zhaojing1987
fix(apphub): harden locale and service fallback handling
4c9202a
@zhaojing1987
feat(logs): standardize platform runtime log source
27ab02f
@zhaojing1987
fix(files): align runtime roots with docker metadata
81bce65
@zhaojing1987
feat(services): add native services workspace
80fbdb9
@zhaojing1987
feat(product): consolidate runtime metadata and gateway flows
5f8a2ea
@zhaojing1987
fix(product): restore runtime startup paths
2359562
@zhaojing1987
feat(console): add overview dashboard and session recovery
47dbcd5
@zhaojing1987
feat(websoft9): refresh shell and overview dashboard
c25820e
@zhaojing1987
chore(websoft9): checkpoint baseline before app IA refinement
f89150f
@zhaojing1987
feat(console): refine app store and my apps IA
481693e
@zhaojing1987
feat(app-deploy): unify deployment workflows and console surfaces
80cdd67
@zhaojing1987
chore: checkpoint current workspace changes
89759ba
@zhaojing1987
feat(myapps): refine access and compose deployment flow
e1e692a
@zhaojing1987
fix(product): stabilize runtime assets and session isolation
72a48ef
@zhaojing1987
chore: checkpoint before overview performance optimization
a9fadb0
@zhaojing1987
perf(console): speed up overview first load
bd1735e
@zhaojing1987
fix(console): hydrate auth state on refresh
fe6e666
@zhaojing1987
feat(appstore): upgrade refresh to v2 incremental sync with backgroun…
a86aa29 
…d UX

- platform-sync-runtime-assets.py: full v2 manifest path support with
  delta/full-package detection, remove transitional fallback
- AppStoreSyncManager: default incremental sync, zombie-resistant lock,
  background wrapper with proper lock cleanup
- app-store-page.tsx: manual refresh with confirmation dialog, background
  polling, top-aligned overlay matching favorites dialog style, refined
  favorite badge positioning and button hover sizing
- Dockerfile: simplified build-time app store sync with single channel ARG
- i18n: unified Chinese/English sync labels, plain-language confirm text,
  full timestamp in confirm dialog
- crontab: add daily app store cron entry
- settings-page: minor surface alignment
- devops docs: add app store refresh upgrade design doc and release
  governance notes
@zhaojing1987
Refine release artifacts and metadata flow
49d81c3
@github-advanced-security

github-advanced-security AI commented Jun 15, 2026

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@zhaojing1987
document image tag strategy
6aba3d4
@zhaojing1987
adopt two-stage image promotion flow
cba6e55
@zhaojing1987
print trivy vulnerability summary on failure
11e3901
@zhaojing1987
make trivy scan non-blocking
32a2405
@zhaojing1987
streamline published artifacts layout
20d8c6c
@zhaojing1987
align installer artifact URLs
3bbd94b
@zhaojing1987
rework release metadata and artifact publishing
26a0574
@zhaojing1987
standardize changelog and consume release manifest
f997dfd
@zhaojing1987
Refactor product metadata and runtime asset handling
d9604aa
@zhaojing1987
Fix dev artifact publishing metadata
3f9504d
@zhaojing1987
fix: align dark surfaces and browse behavior
dd10065
@zhaojing1987
refactor: polish console mobile and dark dialog surfaces
e3786f6
@zhaojing1987
docs: freeze install lifecycle baseline docs and simplify scripts
8f514b0 
- Add legacy-main-architecture-baseline.md (old Cockpit multi-container facts)
- Add current-product-architecture-baseline.md (new single-container facts)
- Add lifecycle-redesign.md (install/upgrade/migrate/uninstall redesign)
- Simplify install.sh and uninstall.sh to current-state stubs
- Update CI workflows, compose files, and gitignore
- Remove stale install/README.md (replaced by lifecycle-redesign entry)
@zhaojing1987
docs: restore install/README.md as lifecycle entry index
a2bd5e4
@zhaojing1987
docs: refine install lifecycle docs and scripts consistency
80f16ed
@zhaojing1987
chore: update compose dev config, install lifecycle scripts, and CI w…
044bfc1 
…orkflows
@zhaojing1987
fix: image pull mirror fallback and file manager subdirectory path re…
925d384 
…solution

- install/lib: add pull_image_with_mirrors() with mirror accelerator retry
- install/lib: check pull/up return values in install_start, upgrade paths
- apphub/src: fix files_agent helper script using target_path instead of ROOT for item path normalization
@zhaojing1987
fix: auto-close editor after save, disable toolbar during edit, dark …
b0ce15f 
…mode search, channel version binding

- files-page: disable nav/create/upload buttons and inputs during file editing
- product-auth: skip logout after setup, navigate directly to overview
- terminal: add sx overrides for dark mode search box in Portal menu
- install.sh: auto-bind image tag to channel for non-release channels
- install_docker.sh: restore official script first, custom as fallback
@zhaojing1987
feat: comprehensive platform refinements across console, backend, doc…
b02a2bf 
…ker, and install

- console: fix auth setup spacing, remove logout after init, default to /dashboard
- console: add xterm clipboard addon, dark mode search, disable toolbar during edit
- console: auto-close editor after save, remove save success toast
- console: sidebar overflow fix, footer support link to helpdesk
- console: compose modify now advances to step 2, myapps placeholder for empty platform apps
- console: container action tooltips removed, icon spacing reduced
- backend: hybrid restic backup (local list/delete + docker backup/restore)
- backend: restore stops containers before restore and restarts after
- backend: fix app_official detection via gitConfig, external app listing
- backend: remove compose-metadata.json, use Portainer-based compose app detection
- backend: fix library asset sync fullPackage string handling
- docker: add project name websoft9, hide-label for portainer, restic binary
- docker: channel-aware build args, asset sync timeout, non-fatal sync errors
- install: channel bake in build-bundle.sh, image mirror fallback, docker install flow
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@zhaojing1987 @github-advanced-security