feat: 拆分 worker 架构并增强 assistant 安全保护
- 新增 daemon/channel/assistant/function/scheduler/logging worker 架构和 JetStream 消息协议 - 修复邮件通知误入 assistant、迁移 checksum、日志 subject 和工具调用无限循环风险 - 新增 assistant 工具轮次熔断、工具结果截断和提示词软收敛规则 - 补充邮件推送关键字、可信发件人配置、升级日志和验证测试
This commit is contained in:
@@ -0,0 +1,19 @@
|
||||
#[test]
|
||||
fn daemon_does_not_depend_on_business_crates() {
|
||||
let manifest = std::fs::read_to_string(concat!(env!("CARGO_MANIFEST_DIR"), "/Cargo.toml"))
|
||||
.expect("read ias-daemon Cargo.toml");
|
||||
// 解析 [dependencies] 表而不是字符串匹配,避免注释/路径里的同名子串误报,
|
||||
// 也能阻止以其他形式(如 build-dependencies)绕过业务 crate 依赖边界。
|
||||
let parsed: toml::Value = toml::from_str(&manifest).expect("parse ias-daemon Cargo.toml");
|
||||
let deps = parsed
|
||||
.get("dependencies")
|
||||
.and_then(|value| value.as_table())
|
||||
.expect("ias-daemon Cargo.toml 缺少 [dependencies] 表");
|
||||
|
||||
for forbidden in ["ias-ai", "ias-context", "ias-wechat", "ias-mail"] {
|
||||
assert!(
|
||||
!deps.contains_key(forbidden),
|
||||
"ias-daemon 不得依赖业务 crate: {forbidden}"
|
||||
);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user