Skip to content

v2026.07.15#557

Merged
duguwanglong merged 76 commits into
mainfrom
dev
Jul 15, 2026
Merged

v2026.07.15#557
duguwanglong merged 76 commits into
mainfrom
dev

Conversation

@stephamie7

Copy link
Copy Markdown
Contributor

No description provided.

github-actions Bot and others added 30 commits July 8, 2026 08:25
…n-6a1bb22fd8b3

chore: sync main into dev after main-6a1bb22fd8b3
fix(webui): serve static assets with stable MIME types
docs(onesig): align skill with strategy api v2.5.3
Add shared frontend resources for common data hooks, consolidate SessionChat feature logic, lazy-load heavier UI paths, and bound SSE fan-out/backpressure so concurrent sessions and workflows create less browser and server load.
Reuse lightweight tool summaries for paginated search/filter requests and invalidate the snapshot when tool or API service state changes.

Add route coverage for cache reuse on the tools page.
- enforce session ownership and admin boundaries across shared APIs
- prevent stale caches, dropped events, and lazy chunk recovery failures
- keep cold-start registries concurrent and add regression coverage
Fail closed when the live primary database is moved or replaced, and defer unsafe online recovery to startup.

Preserve quarantined WAL evidence and make offline recovery atomic, non-destructive, and fully validated.
The health check previously required 5 steps (process alive → TCP port → /api/health → GET / SPA). HTTP-level checks (DNS, proxy, filesystem) could intermittently timeout and trigger a false-positive restart after only 2 failures (~10s).

Now only checks:
- process.poll() is None → process alive
- socket.create_connection() succeeds → TCP port open

Both must fail for a restart to trigger. HTTP-level timeouts no longer cause daemon to kill the backend.

Closes #537
fix(supervisor): remove HTTP health check, use pure liveness probe
Preserve last-known-good tool state and expose structured partial refresh outcomes.

Serialize concurrent loading paths and keep UI feedback aligned with active requests.
duguwanglong and others added 22 commits July 14, 2026 18:32
Persist only verified first-seen alerts with globally unique dedup keys while preserving original event metadata on triage refreshes. Correct legacy single-alert duplicate metrics and keep dashboard facts synchronized after record updates.
Keep page-level builtins imports behind the guarded importer and cover the explicit bypass path. Preserve verified first-seen alerts during SOC schema migration while removing follower and orphan duplicate survivors, including databases migrated by the previous implementation.
fix(browser): harden daemon runtime lifecycle
…ity-prompts

fix: expose extended messaging channels to Rex
feat(tdp): add realtime threat and custom rule APIs
fix(browser): reuse connected daemon for state save
…arning

Improve email host mismatch guidance
…stdout

fix(cli): handle missing Windows netstat output
@duguwanglong
duguwanglong merged commit 32e89ea into main Jul 15, 2026
1 of 2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants