kai/smart-support
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: complete phase 3 -- OpenAPI auto-discovery, SSRF protection, tool generation

Browse Source 
- SSRF protection: private IP blocking, DNS rebinding defense, redirect validation
- OpenAPI fetcher with SSRF guard, JSON/YAML auto-detection, 10MB limit
- Structural spec validator (3.0.x/3.1.x)
- Endpoint parser with $ref resolution, auto-generated operation IDs
- Heuristic + LLM endpoint classifier with Protocol interface
- Review API at /api/openapi (import, job status, classification CRUD, approve)
- @tool code generator + Agent YAML generator
- Import orchestrator (fetch -> validate -> parse -> classify pipeline)
- 125 new tests, 322 total passing, 93.23% coverage
This commit is contained in:
Yaojia Wang
2026-03-31 00:10:44 +02:00
committed by yaoji
parent 006b4ee5d7
commit a54eb224e0
25 changed files with 2914 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
CLAUDE.md
View File

@@ -30,7 +30,7 @@ pytest --cov=app --cov-report=term-missing
# - If any test fails, fix it before starting the new phase
# 3. Create checkpoint to snapshot the starting state
/everything-claude-code:checkpoint create [phase name]
/everything-claude-code:checkpoint create "phase-name"
# 4. Create the phase branch
git checkout main
@@ -174,7 +174,7 @@ After all development and testing, run verification in this exact order:
/everything-claude-code:verify
# 2. Verify the checkpoint -- validates all phase deliverables
/everything-claude-code:checkpoint verify [phase name]
/everything-claude-code:checkpoint verify "phase-name"
```
The checkpoint verify validates:
@@ -239,7 +239,7 @@ A checkpoint includes:
|-------|--------|-------|--------|
| 1 | `phase-1/core-framework` | FastAPI + LangGraph + React chat loop + PostgresSaver | COMPLETED (2026-03-30) |
| 2 | `phase-2/multi-agent-safety` | Supervisor routing + interrupts + templates | COMPLETED (2026-03-30) |
| 3 | `phase-3/openapi-discovery` | OpenAPI parsing + MCP generation + SSRF protection | NOT STARTED |
| 3 | `phase-3/openapi-discovery` | OpenAPI parsing + MCP generation + SSRF protection | COMPLETED (2026-03-30) |
| 4 | `phase-4/analytics-replay` | Replay API + analytics dashboard | NOT STARTED |
| 5 | `phase-5/polish-demo` | Error hardening + demo prep + Docker deploy | NOT STARTED |
@@ -290,7 +290,7 @@ Controlled by `ECC_HOOK_PROFILE` env var in `~/.claude/settings.json` (currently
- Architecture doc: `docs/ARCHITECTURE.md`
- Phase dev logs: `docs/phases/phase-{N}-dev-log.md`
- Test command: `pytest --cov=app --cov-report=term-missing`
- **Phase start:** `/everything-claude-code:checkpoint create [phase name]`
- **Phase end:** `/everything-claude-code:checkpoint verify [phase name]`
- **Phase start:** `/everything-claude-code:checkpoint create "phase-name"`
- **Phase end:** `/everything-claude-code:checkpoint verify "phase-name"`
- Verify command: `/everything-claude-code:verify`
- Orchestrate: `/everything-claude-code:orchestrate {feature|bugfix|refactor}`