Leo/Arcrun
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
102 Commits 8 Branches 0 Tags
fb2d0b0c2d0520d5457b7ad3acfbbcc99f44de5c
Commit Graph

10 Commits

Author SHA1 Message Date
Leo fb2d0b0c2d feat(self-hosted): acr init --self-hosted installer + recipe push 把關 + commit 部署 wasm 
讓任何 CC 用自己的 CF 帳號一鍵 self-host arcrun(戰法轉 self-hosted 開源)。

Task 1 — acr init --self-hosted installer(用戶只給 CF Account ID + token,其餘自動):
- cli/src/lib/cf-api.ts: CfAccountClient(驗 token / 建 KV 冪等 / 建 R2 / 查 workers.dev subdomain)
- cli/src/lib/deploy.ts: 從 GitHub codeload tarball 拉部署物 → 注入用戶 KV id → wrangler deploy
  (tier1 component-builds 先、tier2 cypher-executor/registry 後;部分失敗誠實回報不假綠)
- cli/src/lib/api-recipe-seeds.ts: 10 個現役 API recipe 種子(KBDB 採 Supabase 模式)
- cli/src/commands/init.ts: initSelfHosted() 改寫成 installer 流程
- cli/src/commands/update.ts: acr update(拉新 ref 重部署)
- cypher-executor/scripts/seed-api-recipes.ts: prod 補灌腳本

Task 2 — recipe 入庫把關(封鎖自製零件後,CC 唯一能擴充的是 recipe):
- cli/src/commands/recipe.ts: 新增 probeRecipeEndpoint 打通檢查(提醒級不硬擋,
  含模板誠實說明待 run 才知,401/403 標多半缺 credential 非 bug)
- 資料外流提醒沿用既有 obtainExposureConsent(非 TTY 拒絕)

部署物產製:commit 預編譯 wasm 進 repo(推翻 rule 05「wasm 不 commit」):
- .gitignore: 放行 .component-builds/**/component.wasm(registry 中間產物仍排除)
- 只 commit 19 個正當零件 wasm;claude_api / km_writer / kbdb_upsert_block 排除
  (非薄殼、是把工作流硬塞進零件,違反 DECISIONS §1,待降級)
- rule 05 同步記錄此慣例變更 + 膨脹 trade-off

SDD: sdk-and-website/self-hosted-init.md(installer 定案)、
     component-gatekeeping/recipe-push-gatekeeping.md(recipe 把關)
README 重寫成單一 self-hosted 路徑。CLI typecheck exit 0。

未完(待 richblack):push 此 commit 到 GitHub 後 codeload 才拿得到 wasm;
用第二 CF 帳號端對端驗收 acr init --self-hosted。

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-02 18:44:41 +08:00
Leo 51d40ee515 fix(data-exfil-warning): 移除 CLI 旗標後門 + 修 hook 誤判(閉環修正) 
richblack 2026-05-30:arcrun 是 AI 的工具,AI 自己能加旗標 = 自己批准自己 = 閘門虛設
(違 DECISIONS §7 執行者不能驗證自己)。

- 移除 --confirm-exposure / --suppress-warning(CLI lib/commands/index.ts)
- 唯一通過 = 人類 TTY 互動輸入資源名;「以後不再問」改互動中詢問;非 TTY 一律拒絕「交給人類」
- hook 移除旗標放行捷徑 + 錨定指令開頭(修誤判:commit message 含字串不再被擋)

驗證:真執行=2、cd&&執行=2、commit/echo含字串=0、creds/run/ls=0;非TTY→RC1「交給人類」;CLI build 綠。
self-hosted 誠實限制:AI 直接動其 CF KV 仍可假造,無100%防法,閘門價值=拉高門檻+留痕究責。

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-05-30 17:15:45 +08:00
Leo 3e92d4acf6 feat(data-exfil-warning): 資料外流警示 — 暴露動作需人類明示同意 
新 SDD .agents/specs/data-exfil-warning/(richblack review 過)。
觸發策略:只在「資料變成可被外部呼叫」時警示(webhook 部署 / recipe push),
不管出站打別人 API(高頻低風險)。

- C 同意憑證(exposure-consent.ts):ExposureConsent{confirmed_by_human, understood,
  confirmed_at, suppress_future};同意=法律憑證,存 record 可審
- A API 層:webhook 部署 + recipe push 首次需 consent,缺→403;首次問記住(server 端)
- B CLI(exposure-warning.ts):仿 GCP 刪 project,要打資源名確認(比 y/n 硬);
  --confirm-exposure(非互動)/ --suppress-warning(不再警示,本選擇也 log);
  非 TTY 無旗標→拒絕(AI 不替人類確認暴露);本機 config 記住已同意(不重問)
- H hook:pre-bash 偵測 acr push/recipe push 無旗標→exit 2(creds push/run 不誤擋)
- 警示是「保護措施入口」:提示 arcrun 可幫加認證/權限/限流(資安優勢)

驗收:非 TTY 拒絕未送出(exit1)、hook 精準擋放、tsc 雙邊綠。

⚠️ A+B 必須一起 deploy(API 層擋 + CLI 帶 consent),否則 push 中間狀態壞。

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-05-30 14:45:43 +08:00
Leo 1084e0102a fix(mira): wikilink autocomplete 5s cache + 開下拉時 refetch 
leo 反饋:30s TTL 太久,wiki_synthesis 後台跑出新 entity,autocomplete 撈不到。
- TTL 30s → 5s
- WikilinkAutocomplete 在 matchInfo 從 null → 有值時主動 invalidate refetch
- 順手把 yaml-parser 對 FOREACH iterator relation 命名變體(「對每個 X」/「FOREACH X」)放行,graph-builder 早就支援,validate 卻擋掉

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-16 13:37:03 +08:00
Leo 066652f6e8 feat(cli): add recipe / auth-recipe commands + update push/creds/init 
- New: acr recipe (push/list/get a user recipe to RECIPES KV)
- New: acr auth-recipe (inspect platform-seeded auth recipes)
- push/creds/init/parts/config updated to match the new cypher-executor
  routing (/auth, /credentials, webhooks-named).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-20 17:40:57 +08:00
Leo 7b18387113 feat: config field in /cypher/execute — node-level component override 
- /cypher/execute now accepts separate `config` field:
  {node_name: {component: "cmp_19e62efd", ...staticParams}}
- graph-builder reads config[node].component to override componentId
  (supports cmp_ hash, rec_ hash, or canonical_id)
- config[node] other fields become node.data (static params merged at runtime)
- acr run now sends workflow.config as separate `config` (not flattened into context)
- context is now only --input dynamic params

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 18:42:26 +08:00
Leo 2594f8371d feat: add /register endpoint + fix acr run Mode 1 (inline YAML execution) 
- POST /register on cypher.arcrun.dev: HMAC-SHA256(email, ENCRYPTION_KEY) → ak_{32hex}, no DB needed
- acr run: Mode 1 (standard/local) now finds local YAML and POSTs to /cypher/execute inline
- acr init: fix register URL → cypher.arcrun.dev/register; fix local mode description
- acr init --local: creates hello.yaml example workflow
- cli v1.0.3 published

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 16:04:14 +08:00
Leo 7bd4ab0a6e fix(cli): address Gemini test report — local mode, validate bug, offline flag 
A. acr init --local: new local mode, no Cloudflare account required;
   config defaults to mode:local when ~/.arcrun/config.yaml missing

B. validate node-count bug: removed faulty input/output node heuristic
   that dropped start/end nodes from config check; now all nodes except
   reserved 'input' keyword must have config entries

C. acr validate --offline: skip remote component-existence and credentials
   checks; local mode also auto-skips these checks

D. parts.ts: replace require('node:fs') with static import (ES module fix)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 14:53:30 +08:00
Leo e630fca2df fix(arcrun): address PR #2 review findings 
Security:
- init.ts: remove cf_api_token from POST /register (only email sent to arcrun.dev)
- cf-api.ts: remove base64 fallback in encryptCredential, throw clear error if key missing

Correctness:
- submitComponent.ts: replace KBDB dependency with SUBMISSIONS_KV + R2 (standalone)
- registry/types.ts: remove KBDB_URL/KBDB_INTERNAL_TOKEN, add SUBMISSIONS_KV/ANALYTICS_KV
- webhooks.ts: add waitUntil(writeExecutionVerdict) for fire-and-forget analytics
- execution-logger.ts: create missing module (was imported but didn't exist)
- cypher-executor/types.ts + wrangler.toml: add ANALYTICS_KV binding
- gmail/telegram/google_sheets/line_notify/http_request: no_network_syscall false (api category)
- init.ts: replace require() with await import() for ES module compatibility

Cleanup:
- Remove arcrun/builtins/ (dead code — initComponents used old HTTP endpoint model,
  all 21 components now in TinyGo WASM under registry/components/)

Docs:
- tasks.md: update to reflect completed work and remaining items

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 13:07:28 +08:00
Claude 2707fca32b feat(arcrun): implement arcrun MVP — open-source AI workflow engine 
Phase 1-5 complete per .agents/specs/u6u-core-mvp/:

**Phase 1 — Cherry-pick & cleanup**
- Create arcrun/ from cypher-executor, credentials, builtins, registry
- Remove 9 InkStone Service Bindings (KBDB, REGISTRY, CLINIC_*, AICEO, MINI_ME)
- Rewrite component-loader: 3-layer (builtin → WASM_BUCKET R2 → error)
- Remove autoPublishMissing.ts, proxy.ts (AICEO), execution-logger.ts (KBDB)
- Clean all KV namespace IDs and InkStone internal URLs from config files

**Phase 2 — contract.yaml completeness**
- Add credentials_required to gmail, google_sheets, telegram, line_notify
- Add config_example to all 21 components with annotated field descriptions

**Phase 3 — Credential injection**
- Add credential-injector.ts: AES-GCM decrypt from CREDENTIALS_KV
- Integrate into GraphExecutor before WASM execution
- Structured errors with repair instructions when credential missing

**Phase 4 — CLI (acr)**
- cli/package.json: arcrun package, bin: acr, deps: commander/js-yaml/chalk/ora
- 8 commands: init, creds push, push, run, validate, parts, list, logs
- Standard mode: writes directly to user's CF KV via CF REST API
- acr init: interactive setup with arcrun.dev API Key registration

**Phase 5 — Open source release prep**
- README.md: 5-minute quickstart, component table, workflow YAML syntax
- CONTRIBUTING.md: TinyGo dev env, component scaffolding, submission flow
- Security audit: no InkStone internal URLs/IDs in committed files
- .gitignore: exclude credentials.yaml, .wrangler, *.wasm

https://claude.ai/code/session_01BnCdSLVH8tUed9VrrPavgT
 2026-04-16 04:06:25 +00:00