fix(scan): 跳过构建产物(release/.app) + 修长路径压坏表格 v0.7.7

jnMetaCode · jnMetaCode · commit dce683cf4de0 · 2026-06-20T21:30:12.000+08:00
- 跳过 release/releases/*.app/*.framework/*.bundle 打包目录(避免重复扫+超长路径)
- 报告表格长路径改 word-break+固定列宽,不再竖排单字
- 实测 agency-orchestrator: 11真实出境点+1真实手机号泄露,无构建噪声
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/),
 and this project adheres to [Semantic Versioning](https://semver.org/).
 
+## [0.7.7] - 2026-06-20
+
+### Fixed — 真实项目扫描的两个问题（用户实测发现）
+- **跳过构建产物**：新增跳过 `release/`/`releases/`、`*.app`/`*.framework`/`*.bundle` 等打包目录——此前会扫进 Electron 打包的 `*.app` 里重复的 package.json，造成重复发现 + 超长路径
+- **修复长路径压坏报告表格**：超长文件路径曾把"说明/严重度"列挤成竖排单字；改为路径可换行 (`word-break`) + 固定列宽
+- 实测 agency-orchestrator：去噪后 11 个数据出境点均落在真实源码 + 1 个真实手机号泄露（输出文件），无构建产物噪声
+
 ## [0.7.6] - 2026-06-20
 
 ### Added — 让"检查过程"可见（回应"秒出=没检查吗"）
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "shellward",
-  "version": "0.7.6",
+  "version": "0.7.7",
   "mcpName": "io.github.jnMetaCode/shellward",
   "description": "AI agent security & MCP security middleware — prompt injection detection, AI firewall, runtime guardrails & data-loss prevention for LLM tool calls. 8-layer defense against data exfiltration & dangerous commands. Zero dependencies. SDK + OpenClaw plugin. Supports LangChain, AutoGPT, Claude Code, Cursor, OpenAI Agents, Hermes Agent.",
   "keywords": [
diff --git a/src/compliance/html-report.ts b/src/compliance/html-report.ts
@@ -321,8 +321,12 @@ section,.reg{padding:0 36px}
 .tbl .muted{color:var(--muted)}
 .tbl .faint{color:var(--faint);font-size:13px}
 .loc code{font-family:ui-monospace,SFMono-Regular,Menlo,monospace;font-size:12px;
-  background:#f1f5f9;color:#0f172a;padding:2px 7px;border-radius:5px;white-space:nowrap}
+  background:#f1f5f9;color:#0f172a;padding:2px 7px;border-radius:5px;
+  white-space:normal;word-break:break-all;overflow-wrap:anywhere}
 .alts th:first-child,.alts td:first-child{width:120px}
+/* 发现表三列布局：位置≤40% 可换行、说明占主、严重度窄列不挤 */
+table.tbl td.loc{width:34%;max-width:300px}
+table.tbl td.right{width:64px}
 
 /* severity 标签 */
 .sev{display:inline-block;font-size:11.5px;font-weight:700;padding:2px 9px;border-radius:999px}
diff --git a/src/compliance/project-scan.ts b/src/compliance/project-scan.ts

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "shellward",`
`3`		`- "version": "0.7.6",`
	`3`	`+ "version": "0.7.7",`
`4`	`4`	`"mcpName": "io.github.jnMetaCode/shellward",`
`5`	`5`	`"description": "AI agent security & MCP security middleware — prompt injection detection, AI firewall, runtime guardrails & data-loss prevention for LLM tool calls. 8-layer defense against data exfiltration & dangerous commands. Zero dependencies. SDK + OpenClaw plugin. Supports LangChain, AutoGPT, Claude Code, Cursor, OpenAI Agents, Hermes Agent.",`
`6`	`6`	`"keywords": [`