deps(deps): bump mss from 9.0.1 to 10.2.0#9
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps [mss](https://github.com/BoboTiG/python-mss) from 9.0.1 to 10.2.0. - [Release notes](https://github.com/BoboTiG/python-mss/releases) - [Commits](BoboTiG/python-mss@v9.0.1...v10.2.0) --- updated-dependencies: - dependency-name: mss dependency-version: 10.2.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Wool-xing
pushed a commit
that referenced
this pull request
May 10, 2026
CodeQL Code Scanning 4 个新告警: - #11 iot_helper.py:24 - 接受未知 SSH 主机密钥(AutoAddPolicy 默认) → SSHClient 改默认 RejectPolicy + load_system_host_keys;测试模式需显式 auto_add_for_testing=True 或 IOT_SSH_AUTOACCEPT=1 - #10 security_scanner.py:90 - 不安全 TLS 版本 → 显式 ctx.minimum_version = TLSv1_2 + check_hostname + CERT_REQUIRED - #9/#8 security_scanner.py 敏感信息明文记录 → Burp api_key 通过 URL 流入 Location 头,task_id 不再 logger.info、不再放入返回字典;CLI 打印路径数据流断开 设计权衡: - iot_helper SSH 默认安全,测试隔离网保留 AutoAddPolicy 后门(env 控制) - security_scanner 是渗透工具但本身代码必须合规
Owner
|
关闭原因:PR 基线已过期,与 main 当前状态(含 W3+W4 累积改动)冲突,无法 update-branch 自动 rebase。 测试验证(在临时 venv):mss 10.2.0 import + monitors 列出 ✓ 兼容。 让 Dependabot 下周一基于当前 main 重开此 PR,届时基线对齐可直接 merge。 |
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Wool-xing
pushed a commit
that referenced
this pull request
May 17, 2026
…, skip fix, fixture isolation - #9: runtime/self_healing/ (retry.py + locator_store.py) — exponential-backoff retry wrapper for subprocess/LLM errors. scripts.py subprocess.run + direct.py _run_node both use with_retry(). - #10: direct.py executor-level retry — resubmits _run_node up to 2 extra times with 2^attempt backoff on unexpected exceptions. - #11: on_failure=skip nodes now set skipped=True, excluded from failure count. flows.py + direct.py track skipped separately. - #12: 04-配置文件/conftest.py test_data + browser_context session→function scope. test_data uses tmp_path to avoid parallel file collisions. - #13: MAX_FAILURES=3 circuit breaker in flows.py + direct.py. DAG progress logging per node. tasks.py timeout_seconds=3600. 148 tests pass. 9/9 DAG demo ok.
Wool-xing
added a commit
that referenced
this pull request
May 17, 2026
* fix: correct setuptools package discovery for editable install
`where = ["."]` with `include = ["runtime*"]` couldn't find the runtime
package because the runtime directory IS the package root (runtime/__init__.py
is directly in .). Changed where to `[".."]` so setuptools scans the parent
directory and finds `runtime/` as a package.
Before: `pip install -e .` produced empty MAPPING — `import runtime` failed.
After: `import runtime` works, `tagent demo` completes all 4 steps.
* feat: add --version flag to tagent CLI
Users expect `tagent --version` to print version info. Added callback
that prints "Test-Agent Runtime v1.32.0" when --version is passed.
* fix: auto-generate smoke PRD fixture when missing in demo
Previously `tagent demo` step 3 would hard-fail with "fixture missing"
if examples/_smoke_prd.md was deleted from disk. Now it auto-generates
the fixture from an embedded template, showing a warning instead.
This prevents demo breakage when the examples/ directory is accidentally
cleaned or the user runs demo outside the repo root.
* feat: english-ify tagent CLI help text and user-facing output
Converted all CLI command descriptions, option help text, and user-facing
console output from Chinese to English for international accessibility.
Internal code comments, fixture data, and workspace paths unchanged.
* feat: english-ify tagent CLI help text and user-facing output
Convert CLI command descriptions, option help text, and user-facing
console output from Chinese to English. Updated related tests.
Includes: config subcommand help, demo flow output, selftest/doctor
messages, init/export descriptions.
* chore: bump version 1.32.0 → 1.32.1 + fix CONTRIBUTING.md stale 33→32
- 全项目版本号同步至 1.32.1 (17 files)
- CONTRIBUTING.md: 16/33/49 → 16/32/49 (skill 数对齐 pre-commit/CI 实际 -eq 32)
- CHANGELOG 新增 v1.32.1 条目
* fix: security hardening — shell injection, hardcoded creds, API auth, silent failures
CRITICAL fixes:
- backends/local.py: create_subprocess_shell → create_subprocess_exec (CWE-78)
- backends/ssh.py: cat {path} → SFTP read; shlex.quote(cwd/env); known_hosts=()
- config/settings.py: remove default db_url/password creds; api_host→127.0.0.1; add api_auth_token
- api/main.py: bearer auth middleware (gated by TAGENT_API_AUTH_TOKEN); CORS restrict to localhost; file upload max 50MB + extension allowlist
Silent failure fixes:
- api/main.py: except Exception:continue → catch specific + logger.warning (list_history/dashboard); logger.exception in background thread; threading.Lock on _run_results
- api/deps.py: persistence fail → logger.error; status persist DEBUG→WARNING; artifact read fail → [READ_ERROR] marker
- api/parsers.py: PDF/DOCX extract fail → [PARSE_ERROR] marker
- router/retrieval.py: retrieval fail DEBUG→WARNING
- 05-代码示例/api_retry_util.py: bare except pass → logger.debug
.gitignore hardening:
- Add workspace/测试报告/, workspace/feedback/, workspace/自动化脚本/
- Add runtime/workspace/, runtime/web/tsconfig.tsbuildinfo
- Add docs/审查报告/, docs/参考库/, docs/decisions/, archive/
- Remove 4 tracked test report .docx from git
* fix: utils security hardening — owner check, XML escape, WS leak, CI pin
- chaos_helper.py: kill_process psutil absent now raises RuntimeError instead of skipping owner check
- i18n_checker.py: bare except Exception → specific (UnicodeDecodeError, PermissionError, OSError) + logger.warning
- miniprogram_runner.py: WebSocket close wrapped in try/finally to prevent connection leak
- protocol_helper.py: SOAP body_xml escaped with xml.sax.saxutils.escape() to prevent XML injection
- ci.yml: pin ludeeus/action-shellcheck@master → @2.0.0
- install.sh: add security note recommending git clone over curl|bash
* chore: fix pre-commit deprecated default_stages commit → pre-commit
* chore: bump version 1.32.1 → 1.32.2
全项目版本号同步 + CHANGELOG 新增 v1.32.2 安全加固条目
* refactor: _stub_response dispatch table + fuzzer ALL_PAYLOADS hoist + bump 1.32.3
- router/llm_client.py: 77-line if/elif chain → _STUB_TARGETS table (8 entries)
- fuzzer.py: sum(PAYLOAD_LIBRARY.values(), []) hoist to module-level ALL_PAYLOADS
* docs: honesty pass — remove marketing numbers, clarify vision skills, drop internal references
- README: 8640 combos → ~12 CI-validated; 95% aspirational → removed; 32 skills → 30 active + 2 vision
- 00-项目导航: 9x 主宪章 §X → plain descriptions (external contributors don't know charter section numbers)
- ROADMAP: 3x 主宪章 references removed
* refactor: split overlong functions — generate_report (143→30) + mobile_driver (107→55)
- generate_report.py: extract _write_docx_header/_summary/_degraded_warning/_bugs/_performance/_risks helpers
- mobile_driver.py: extract _build_monkey_cmd + _analyze_monkey_log helpers
* chore: bump version 1.32.3 → 1.32.4
Phase 1+2 收尾: 数字诚实化 + 内部引用清理 + 长函数拆分
* refactor: split CLI/main.py (680→39 lines) into 8 command modules
- runtime/cli/_shared.py: kernel, console, helpers, fixtures
- runtime/cli/commands/run.py: run + plan
- runtime/cli/commands/catalog.py: catalog
- runtime/cli/commands/doctor.py: doctor
- runtime/cli/commands/selftest.py: selftest
- runtime/cli/commands/market.py: search + list + install + uninstall + verify
- runtime/cli/commands/demo.py: demo
- runtime/cli/commands/init.py: init
- runtime/cli/commands/export.py: export
Pure mechanical split — no logic changes. 128 tests pass.
* test: add 20 core smoke tests — CLI commands, API auth, build_artifact, catalog
- test_cli_commands.py (5): all 13 commands registered, --version, catalog, doctor, --help
- test_api_auth.py (6): health public, auth middleware blocks/allows, CORS headers
- test_build_artifact.py (4): url/file/text input parsing
- test_catalog.py (5): expert/skill counts and field validation
* chore: bump version 1.32.4 → 1.32.5
CLI split + 20 smoke tests + CHANGELOG
* fix: flaky test_execute_node_allows_production_skill — reset catalog/settings cache per test
conftest _env_isolation now calls get_catalog(refresh=True) + resets settings cache
to prevent cross-test state pollution from modules that create Kernel() at import time.
* fix: on_failure=skip now correctly excludes node from failure count
- tasks.py: skip nodes set summary.skipped=True, no longer counted as failed
- flows.py: track skipped list separately, include in summary.skipped
- direct.py: same skip tracking for direct executor path
* feat: Phase 3 engine hardening — self-healing, retry, circuit breaker, skip fix, fixture isolation
- #9: runtime/self_healing/ (retry.py + locator_store.py) — exponential-backoff
retry wrapper for subprocess/LLM errors. scripts.py subprocess.run + direct.py
_run_node both use with_retry().
- #10: direct.py executor-level retry — resubmits _run_node up to 2 extra times
with 2^attempt backoff on unexpected exceptions.
- #11: on_failure=skip nodes now set skipped=True, excluded from failure count.
flows.py + direct.py track skipped separately.
- #12: 04-配置文件/conftest.py test_data + browser_context session→function scope.
test_data uses tmp_path to avoid parallel file collisions.
- #13: MAX_FAILURES=3 circuit breaker in flows.py + direct.py. DAG progress logging
per node. tasks.py timeout_seconds=3600.
148 tests pass. 9/9 DAG demo ok.
* feat: Phase 4 test intelligence — dashboard, readiness score, flaky trends, impact analysis, traceability
- #14: runtime/observability/dashboard.py — 3-row layout (decision→diagnostic→action)
with MTTD/MTTR, expert heatmap, flaky candidates, env health, action items.
api/main.py /dashboard endpoint rewired to new builder.
- #15: runtime/orchestrator/release_readiness.py — weighted scoring
(smoke×0.4+regression×0.3+perf×0.2+security×0.1→GREEN/YELLOW/RED).
CLI: tagent readiness. Does not modify test_lead.py.
- #16: flaky_detector.py — detect_trends() (P-F-P/F-P-F patterns),
generate_quarantine(), generate_pytest_markers().
- #17: runtime/intelligence/impact_analyzer.py — AST import graph +
git diff → impacted test list. Does not modify regression_scope.py.
- #18: traceability_matrix.py — bidirectional Req↔TC↔Bug matrix
with coverage stats, orphan detection, markdown export.
148 tests pass. 9/9 DAG demo ok.
* feat: Phase 6 developer experience — bootstrap, debug mode, actionable errors, tutorial, shell completion
- #24: tagent bootstrap — one-command check→configure→verify (Python/Git/pip/LLM)
- #25: --debug CLI flag + TAGENT_LOG_LEVEL env + log_level setting
- #26: Actionable error messages — "internal error" now includes run_id + log path + --debug hint.
modal.py "not connected" → "call connect() first"
- #27: docs/tutorial/TUTORIAL.md — 5-step interactive tutorial (10 min)
- #28: tagent --install-completion (shell autocomplete) + --no-color flag
148 tests pass.
* feat: Phase 5 enterprise readiness — RBAC, audit trail, multi-tenant, config validation, lifecycle hooks
- #19: runtime/api/rbac.py — 4-role RBAC (admin/lead/tester/viewer) + require_role()
decorator. Disabled by default (TAGENT_RBAC_ENABLED=0). Does not modify auth middleware.
- #20: runtime/observability/audit.py — JSONL audit log (log_event / query_events).
Thread-safe, append-only.
- #21: runtime/api/tenancy.py — contextvars-based tenant propagation.
Disabled by default. Does not modify DB schema.
- #22: Settings.validate_startup() — checks LLM key, dirs, DB driver.
Wired into tagent doctor.
- #23: runtime/orchestrator/hooks.py — HookRegistry (before/after/on_error).
Integrated into direct.py _run_node(). Hooks never break execution.
148 tests pass.
* feat: Phase 7 methodology — branch coverage, static analysis, portability tests, risk matrix, classification tree
- #29: pyproject.toml --cov-branch enabled
- #30: pyproject.toml pylint + radon config (CC rank=B)
- #31: 7 portability tests (ISO 25010: installability/coexistence/replaceability)
+ @pytest.mark.portability marker
- #32: runtime/intelligence/risk_matrix.py — Bayesian calibrated risk matrix
with mitigation tracking
- #33: classification_tree.py — ISTQB CTM with pairwise generation + constraints
155 tests pass (148 + 7 portability).
* feat: Phase 8 platform — plugin discovery, data synthesis, APM export, journey mapping, multi-region monitor
- #34: runtime/marketplace/discovery.py — importlib.metadata entry_points for
third-party agent/skill/backend registration (group=tagent)
- #35: data_synthesizer.py — PII auto-detection (email/phone/id/ip/credit_card)
+ deterministic masking + random subset extraction
- #36: runtime/observability/apm_export.py — Datadog + Grafana dashboard JSON
export (pass rate, MTTD/MTTR, expert health, flaky candidates)
- #37: runtime/intelligence/journey_mapper.py — failure→business journey impact
mapping (Registration/Login/Payment/Profile/...)
- #38: .github/workflows/synthetic-monitor.yml — scheduled multi-region smoke
test (every 6h, 4 regions)
155 tests pass. 9/9 DAG demo ok.
🎉 38/38 MASTER_PLAN items complete.
* fix: CI utils count 49→52 + remove --cov-branch from default pytest addopts
- .github/workflows/ci.yml: expected utils count updated 49→52
- runtime/pyproject.toml: removed --cov-branch from addopts (requires
pytest-cov which is not installed in CI). Coverage flags should be
passed explicitly: pytest --cov --cov-branch
* fix: CI pytest — add fastapi/python-multipart/httpx/pytest-cov deps, restore --cov-branch
* fix: resolve CodeQL review comments — URL substring sanitization + workflow permissions
---------
Co-authored-by: xiaoxing0135 <706015750@qq.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps mss from 9.0.1 to 10.2.0.
Release notes
Sourced from mss's releases.
... (truncated)
Commits
b7f4d62feat: release 10.2.02da8ec1feat: follow up to windows backends (#505)165e4f7chore(ci): run onmainbrancheced18edocs: use History everywhere129913bdocs: rename Changelog to History1373cfedocs: include the releases historyd10128dchore: fix docs tests + remove left markdown files9183066feat: adjust Windows to match the Linux backend setup (#503)13f1472docs: split the changelog in specific releasescb97724docs: release notes (#485)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)