Skip to content

monorepo finale: relocate crates, monitor release pipeline, docs overhaul#1234

Open
lollipopkit wants to merge 84 commits into
mainfrom
frb
Open

monorepo finale: relocate crates, monitor release pipeline, docs overhaul#1234
lollipopkit wants to merge 84 commits into
mainfrom
frb

Conversation

@lollipopkit

@lollipopkit lollipopkit commented Jul 18, 2026

Copy link
Copy Markdown
Owner

Summary

This PR finishes the monorepo migration with three main blocks, plus follow-up hardening:

1. migrate: merge rust/ and rust_builder/ into crates/sbm_ffi

  • The cargokit plugin shell and the sbm_ffi crate now share one directory (cargokit's official example layout), keeping the top level clean
  • Workspace members, FRB rust_root, pubspec paths, and per-platform glue updated in sync
  • Verified: cargo test --workspace green, 12/12 FFI parity tests pass, flutter build macos --debug builds through cargokit for real

2. feat: monitor release pipeline

  • Manual trigger only; version comes from the monitor crate (monitor-v* tags), decoupled from the app's v1.0.x
  • Native binaries: Linux musl (amd64/arm64, native arm runners) / macOS (both archs) / Windows → GitHub Release + SHA256SUMS
  • Docker: the Linux musl binary is reused in an Alpine image pushed to ghcr.io — zero in-image compilation, no QEMU
  • Drive-by fixes: Dockerfile frontend path mismatch with server.rs, build/runtime glibc mismatch, reqwest switched to rustls to drop the OpenSSL dependency (prerequisite for static musl builds)
  • install.sh rewritten for the new release layout; fresh installs generate a random JWT_SECRET
  • Verified: local image build + run smoke test (health 200, frontend OK, uptime collection OK), 41 monitor tests green

3. docs: full audit of the docs site (en/zh/ja/de/fr/es)

  • Removed content confirmed fabricated after checking against the code: system tray, Touch Bar, multi-window, NUL keep-alive, SFTP paging/TTL cache, nonexistent keyboard settings, etc.
  • Fixed factual errors: home tab list, Windows integration language, encrypted-storage description, class/setting names, nonexistent test file examples
  • Added monorepo layout, Rust testing, and FRB codegen docs; README monitor links point into the monorepo
  • Added dependabot config (cargo × 3 directories + monitor frontend npm + GitHub Actions)
  • Removed doc/adr (intentional) and cleaned up all references
  • Verified: docs site builds, 139 pages

4. Follow-ups on this branch

  • Monitor dependencies upgraded across major versions (backend: ntex 3, sqlx 0.9, jsonwebtoken 10, reqwest 0.13, etc.; frontend: react 19, vite 8, vitest 4, tailwind 4, eslint 10) — also resolves the vitest critical CVE (GHSA-5xrq-8626-4rwp) flagged by Socket
  • All 6 inline review findings fixed (full-volume drop on Windows, missing Windows net counters, hard-coded velocity key, unbounded retention tables, dead serve CLI flags + TLS wiring, since-boot CPU average)
  • Security hardening: no baked-in admin/admin123, no default JWT secret — both generated randomly on first start

Notes

  • After the first monitor-release workflow run, set the server-box-monitor ghcr image to public in package settings if desired
  • The cargokit path changes for iOS/Android/Linux/Windows mirror macOS but are unverified on-device; watch the first five-platform CI build

Summary

No changes summarized.

lollipopkit and others added 19 commits August 4, 2023 16:38
- 删除 Go 实现(cmd/model/runner/web/res/main.go)
- 补齐推送限流与 Go 兼容 GET /status(TODO: App 迁移后删除)
- Size/Threshold 对齐 Go 语义,tests/go_compat.rs 锁定行为
- 修复 macOS PhysMem 解析与磁盘重复统计
- workspace 拆分,crates/sbm_parser:纯解析 + 命令清单单一事实来源
- 解析对齐 Dart 实现(lsblk JSON/FreeBSD/Windows WMI),tests/dart_compat.rs
  移植 App fixture 33+ 用例,Windows 实机(lkd)验证通过
- flutter_rust_bridge v2 + cargokit 集成(rust/ = sbm_ffi,rust_builder/)
- API:parse_status_json / command_specs / separator,解析纯函数无状态
- test/frb_parser_test.dart:FFI 与 Dart 解析器同 fixture 双跑一致
- 移除 packages/server_box_monitor submodule(旧 Go 版,Phase 3 由 monorepo 取代)
- crates/sbm_parser 提升至仓库根,根 Cargo workspace(crates/rust/monitor)
- rust(sbm_ffi)与 monitor 路径依赖指向 ../crates/sbm_parser
- monitor/Dockerfile 改以 monorepo 根为构建上下文
- CLAUDE.md 增补 monorepo 布局;FRB 测试指向根 target/
- 新增 conn/uptime/sys/host/cpuBrand/diskio/battery/sensors 解析
- 新增 GPU(nvidia-smi XML via roxmltree、amd-smi JSON)与 SMART(smartctl JSON)
- 命令清单补全并加 core 标记:monitor 周期采集只跑轻量子集,
  GPU/SMART 等高开销命令由 App 按需执行
- 移植 App 全部对应 fixture 测试(dart_compat 55 例)+ FFI 双跑 12 例
- getStatus 改走 sbm_ffi parse_status_json(FRB 异步,Rust 线程池执行,
  取代 Computer isolate),Dart 侧仅装配模型与更新滑窗状态
- 删除全部 Dart 解析实现(12 个模型 + windows_parser.dart),模型类保留
- 采集命令切换单一来源:ShellCmdType.cmd 读 FFI 清单,枚举值退化为
  fallback,并以一致性测试锁定
- parse_status 支持 temp_divisor;Windows cpuBrand 从 Win32_Processor 提取
- 纯解析测试删除(行为由 crates/sbm_parser dart_compat 锁定),
  模型/装配测试保留并接入 RustLib 测试初始化
- cargokit 插件壳与 sbm_ffi crate 同目录(cargokit 官方示例布局)
- workspace member、FRB rust_root、pubspec path、各平台 glue 路径同步更新
- 手动触发,版本取自 monitor crate,tag monitor-v* 与 App 解耦
- Linux musl bin 复用进 Alpine 镜像,镜像内零编译
- reqwest 切 rustls,OpenSSL 移出依赖树(musl 静态编译前提)
- 修复 Dockerfile 前端路径与 glibc 基镜像不匹配
- install.sh 重写适配新 release 结构,首装生成随机 JWT_SECRET
- 删除捏造功能(托盘/Touch Bar/多窗口/NUL 保活/SFTP 分页等)
- 修正事实错误(Tab 列表、Windows C++、加密存储、类名/设置名)
- 补全 monorepo 布局与 Rust 测试/FRB codegen 说明(en/zh/ja/de/fr/es)
- README monitor 链接指向 monorepo;新增 dependabot 覆盖 monitor
- rm: doc/adr(有意删除),清理其引用
@coderabbitai

coderabbitai Bot commented Jul 18, 2026

Copy link
Copy Markdown
Contributor

Important

Review skipped

Too many files!

This PR contains 279 files, which is 129 over the limit of 150.

To get a review, narrow the scope:
• coderabbit review --type committed # exclude uncommitted changes
• coderabbit review --dir # limit to a subdirectory
• coderabbit review --base # compare against a closer base

Upgrade to Pro+ to raise the limit.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 67f7c2e5-a5c4-4522-8482-b5d9601c84e1

📥 Commits

Reviewing files that changed from the base of the PR and between 70e3c44 and 370cc34.

⛔ Files ignored due to path filters (8)
  • Cargo.lock is excluded by !**/*.lock
  • crates/sbm_ffi/cargokit/build_tool/pubspec.lock is excluded by !**/*.lock
  • macos/Podfile.lock is excluded by !**/*.lock
  • monitor/doc/imgs/ios-push.png is excluded by !**/*.png
  • monitor/doc/imgs/ios-widget.png is excluded by !**/*.png
  • monitor/doc/imgs/webhook.png is excluded by !**/*.png
  • monitor/frontend/package-lock.json is excluded by !**/package-lock.json
  • pubspec.lock is excluded by !**/*.lock
📒 Files selected for processing (287)
  • .github/dependabot.yml
  • .github/workflows/monitor-release.yml
  • .gitignore
  • .gitmodules
  • CLAUDE.md
  • Cargo.toml
  • Makefile
  • README.md
  • README_zh.md
  • crates/sbm_ffi/.gitignore
  • crates/sbm_ffi/Cargo.toml
  • crates/sbm_ffi/README.md
  • crates/sbm_ffi/android/.gitignore
  • crates/sbm_ffi/android/build.gradle
  • crates/sbm_ffi/android/settings.gradle
  • crates/sbm_ffi/android/src/main/AndroidManifest.xml
  • crates/sbm_ffi/cargokit/.gitignore
  • crates/sbm_ffi/cargokit/LICENSE
  • crates/sbm_ffi/cargokit/README
  • crates/sbm_ffi/cargokit/build_pod.sh
  • crates/sbm_ffi/cargokit/build_tool/README.md
  • crates/sbm_ffi/cargokit/build_tool/analysis_options.yaml
  • crates/sbm_ffi/cargokit/build_tool/bin/build_tool.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/build_tool.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/android_environment.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/artifacts_provider.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/build_cmake.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/build_gradle.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/build_pod.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/build_tool.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/builder.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/cargo.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/crate_hash.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/environment.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/logging.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/options.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/precompile_binaries.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/rustup.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/target.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/util.dart
  • crates/sbm_ffi/cargokit/build_tool/lib/src/verify_binaries.dart
  • crates/sbm_ffi/cargokit/build_tool/pubspec.yaml
  • crates/sbm_ffi/cargokit/cmake/cargokit.cmake
  • crates/sbm_ffi/cargokit/cmake/resolve_symlinks.ps1
  • crates/sbm_ffi/cargokit/gradle/plugin.gradle
  • crates/sbm_ffi/cargokit/run_build_tool.cmd
  • crates/sbm_ffi/cargokit/run_build_tool.sh
  • crates/sbm_ffi/ios/Classes/dummy_file.c
  • crates/sbm_ffi/ios/sbm_ffi.podspec
  • crates/sbm_ffi/linux/CMakeLists.txt
  • crates/sbm_ffi/macos/Classes/dummy_file.c
  • crates/sbm_ffi/macos/sbm_ffi.podspec
  • crates/sbm_ffi/pubspec.yaml
  • crates/sbm_ffi/src/api/mod.rs
  • crates/sbm_ffi/src/api/parser.rs
  • crates/sbm_ffi/src/frb_generated.rs
  • crates/sbm_ffi/src/lib.rs
  • crates/sbm_ffi/windows/.gitignore
  • crates/sbm_ffi/windows/CMakeLists.txt
  • crates/sbm_parser/Cargo.toml
  • crates/sbm_parser/examples/win_probe.rs
  • crates/sbm_parser/src/bsd.rs
  • crates/sbm_parser/src/commands.rs
  • crates/sbm_parser/src/common.rs
  • crates/sbm_parser/src/gpu.rs
  • crates/sbm_parser/src/lib.rs
  • crates/sbm_parser/src/linux.rs
  • crates/sbm_parser/src/smart.rs
  • crates/sbm_parser/src/types.rs
  • crates/sbm_parser/src/windows.rs
  • crates/sbm_parser/tests/dart_compat.rs
  • crates/sbm_parser/tests/fixtures/df_debian.txt
  • crates/sbm_parser/tests/fixtures/df_immortalwrt.txt
  • crates/sbm_parser/tests/fixtures/df_k.txt
  • crates/sbm_parser/tests/fixtures/lsblk.json
  • crates/sbm_parser/tests/fixtures/lsblk_btrfs.json
  • crates/sbm_parser/tests/fixtures/lsblk_container.json
  • crates/sbm_parser/tests/fixtures/lsblk_nested.json
  • crates/sbm_parser/tests/fixtures/nvidia.xml
  • crates/sbm_parser/tests/fixtures/nvidia2.xml
  • crates/sbm_parser/tests/fixtures/nvidia_inline.xml
  • crates/sbm_parser/tests/fixtures/power_supply.txt
  • crates/sbm_parser/tests/fixtures/sensors1.txt
  • crates/sbm_parser/tests/fixtures/sensors2.txt
  • crates/sbm_parser/tests/fixtures/smartctl.json
  • crates/sbm_parser/tests/fixtures/win_cpu.json
  • crates/sbm_parser/tests/fixtures/win_disk.json
  • crates/sbm_parser/tests/fixtures/win_mem.json
  • crates/sbm_parser/tests/fixtures/win_net.json
  • crates/sbm_parser/tests/fixtures/win_temp.json
  • docs/src/content/docs/advanced/troubleshooting.md
  • docs/src/content/docs/advanced/widgets.md
  • docs/src/content/docs/de/advanced/troubleshooting.md
  • docs/src/content/docs/de/advanced/widgets.md
  • docs/src/content/docs/de/development/architecture.md
  • docs/src/content/docs/de/development/building.md
  • docs/src/content/docs/de/development/codegen.md
  • docs/src/content/docs/de/development/structure.md
  • docs/src/content/docs/de/development/testing.md
  • docs/src/content/docs/de/platforms/desktop.md
  • docs/src/content/docs/de/platforms/mobile.md
  • docs/src/content/docs/de/principles/architecture.md
  • docs/src/content/docs/de/principles/sftp.md
  • docs/src/content/docs/de/principles/ssh.md
  • docs/src/content/docs/de/principles/terminal.md
  • docs/src/content/docs/development/architecture.md
  • docs/src/content/docs/development/building.md
  • docs/src/content/docs/development/codegen.md
  • docs/src/content/docs/development/structure.md
  • docs/src/content/docs/development/testing.md
  • docs/src/content/docs/es/advanced/troubleshooting.md
  • docs/src/content/docs/es/advanced/widgets.md
  • docs/src/content/docs/es/development/architecture.md
  • docs/src/content/docs/es/development/building.md
  • docs/src/content/docs/es/development/codegen.md
  • docs/src/content/docs/es/development/structure.md
  • docs/src/content/docs/es/development/testing.md
  • docs/src/content/docs/es/platforms/desktop.md
  • docs/src/content/docs/es/platforms/mobile.md
  • docs/src/content/docs/es/principles/architecture.md
  • docs/src/content/docs/es/principles/sftp.md
  • docs/src/content/docs/es/principles/ssh.md
  • docs/src/content/docs/es/principles/terminal.md
  • docs/src/content/docs/fr/advanced/troubleshooting.md
  • docs/src/content/docs/fr/advanced/widgets.md
  • docs/src/content/docs/fr/development/architecture.md
  • docs/src/content/docs/fr/development/building.md
  • docs/src/content/docs/fr/development/codegen.md
  • docs/src/content/docs/fr/development/structure.md
  • docs/src/content/docs/fr/development/testing.md
  • docs/src/content/docs/fr/platforms/desktop.md
  • docs/src/content/docs/fr/platforms/mobile.md
  • docs/src/content/docs/fr/principles/architecture.md
  • docs/src/content/docs/fr/principles/sftp.md
  • docs/src/content/docs/fr/principles/ssh.md
  • docs/src/content/docs/fr/principles/terminal.md
  • docs/src/content/docs/ja/advanced/troubleshooting.md
  • docs/src/content/docs/ja/advanced/widgets.md
  • docs/src/content/docs/ja/development/architecture.md
  • docs/src/content/docs/ja/development/building.md
  • docs/src/content/docs/ja/development/codegen.md
  • docs/src/content/docs/ja/development/structure.md
  • docs/src/content/docs/ja/development/testing.md
  • docs/src/content/docs/ja/platforms/desktop.md
  • docs/src/content/docs/ja/platforms/mobile.md
  • docs/src/content/docs/ja/principles/architecture.md
  • docs/src/content/docs/ja/principles/sftp.md
  • docs/src/content/docs/ja/principles/ssh.md
  • docs/src/content/docs/ja/principles/terminal.md
  • docs/src/content/docs/platforms/desktop.md
  • docs/src/content/docs/platforms/mobile.md
  • docs/src/content/docs/principles/architecture.md
  • docs/src/content/docs/principles/sftp.md
  • docs/src/content/docs/principles/ssh.md
  • docs/src/content/docs/principles/terminal.md
  • docs/src/content/docs/zh/advanced/troubleshooting.md
  • docs/src/content/docs/zh/advanced/widgets.md
  • docs/src/content/docs/zh/development/architecture.md
  • docs/src/content/docs/zh/development/building.md
  • docs/src/content/docs/zh/development/codegen.md
  • docs/src/content/docs/zh/development/structure.md
  • docs/src/content/docs/zh/development/testing.md
  • docs/src/content/docs/zh/platforms/desktop.md
  • docs/src/content/docs/zh/platforms/mobile.md
  • docs/src/content/docs/zh/principles/architecture.md
  • docs/src/content/docs/zh/principles/sftp.md
  • docs/src/content/docs/zh/principles/ssh.md
  • docs/src/content/docs/zh/principles/terminal.md
  • flutter_rust_bridge.yaml
  • ios/Flutter/Debug.xcconfig
  • ios/Flutter/Release.xcconfig
  • ios/Podfile
  • lib/data/model/app/scripts/cmd_types.dart
  • lib/data/model/app/scripts/ffi_cmds.dart
  • lib/data/model/server/amd.dart
  • lib/data/model/server/battery.dart
  • lib/data/model/server/conn.dart
  • lib/data/model/server/cpu.dart
  • lib/data/model/server/disk.dart
  • lib/data/model/server/disk_smart.dart
  • lib/data/model/server/memory.dart
  • lib/data/model/server/net_speed.dart
  • lib/data/model/server/nvdia.dart
  • lib/data/model/server/sensors.dart
  • lib/data/model/server/server_status_update_req.dart
  • lib/data/model/server/temp.dart
  • lib/data/model/server/windows_parser.dart
  • lib/data/provider/server/single.dart
  • lib/main.dart
  • lib/src/rust/api/parser.dart
  • lib/src/rust/frb_generated.dart
  • lib/src/rust/frb_generated.io.dart
  • lib/src/rust/frb_generated.web.dart
  • linux/flutter/generated_plugins.cmake
  • macos/Runner.xcodeproj/project.pbxproj
  • monitor/.env.example
  • monitor/.github/workflows/ci-cd.yml
  • monitor/.gitignore
  • monitor/.sqlx/query-2972397aa5a0b6ec0aac17adffe55f08a79087eab6f0026865e728a4f0959b85.json
  • monitor/.sqlx/query-2dda4c1477bd636c2bd99351e78bde542c7db941a2bd45b8788e76188bde6bcb.json
  • monitor/.sqlx/query-41e40b6ca65f782925e490b1a26e67c2126cfe20010b6330a43bee9e79915afc.json
  • monitor/.sqlx/query-4570a1ddc3bbb3ccb0b2e452286c69758ca027ec041aba12dce702ffb59070ff.json
  • monitor/.sqlx/query-4753b71c1a9d96dc7763d53a86c1ee1d5c6bd18bc2f02cc69cc5c78b64765281.json
  • monitor/.sqlx/query-59e0026785b589564e14edd04a640d50eff352d4cb3dba407ec3c2bd87e86a25.json
  • monitor/.sqlx/query-642e55cc254f66f27b69fbc62a5347a52deeb0bfe67a3efac9d4253a270ce858.json
  • monitor/.sqlx/query-9f9215a05f729db6f707c84967f4f11033d39d17ded98f4fe9fb48f3d1598596.json
  • monitor/.sqlx/query-a22b7bfb51338f011d4cf409ae65787b6d1ae4306577c3f535152b9c07833870.json
  • monitor/.sqlx/query-c954651ce098cc81b7ab7456353597d5a3011eaf4e2363a6080bd8615b286444.json
  • monitor/.sqlx/query-e0673b4c67ebd6b7f3d70bac4a61ec36af7276ff4670728700033bd83320ed0f.json
  • monitor/.sqlx/query-e48f2a35ac661c67e5dd350133a9be94affca938e1a6622a78f5d3c7f665f17a.json
  • monitor/.sqlx/query-f01c947d8f161231aee193881478b448aba5a3b514caae06190974459c84bd4f.json
  • monitor/.vscode/launch.json
  • monitor/CLAUDE.md
  • monitor/Cargo.toml
  • monitor/Dockerfile
  • monitor/Dockerfile.ci
  • monitor/README.md
  • monitor/README_zh.md
  • monitor/config.example.toml
  • monitor/doc/TODO.md
  • monitor/docker-compose.yaml
  • monitor/frontend/config.json
  • monitor/frontend/index.html
  • monitor/frontend/package.json
  • monitor/frontend/src/App.tsx
  • monitor/frontend/src/components/LoadingSpinner.tsx
  • monitor/frontend/src/hooks/index.ts
  • monitor/frontend/src/index.css
  • monitor/frontend/src/main.tsx
  • monitor/frontend/src/pages/DashboardPage.tsx
  • monitor/frontend/src/pages/LoginPage.tsx
  • monitor/frontend/src/services/api.ts
  • monitor/frontend/src/tests/LoginPage.test.tsx
  • monitor/frontend/src/types/index.ts
  • monitor/frontend/tailwind.config.js
  • monitor/frontend/tsconfig.json
  • monitor/frontend/tsconfig.node.json
  • monitor/frontend/vite.config.ts
  • monitor/frontend/vitest.config.ts
  • monitor/install.sh
  • monitor/migrations/001_initial_schema.sql
  • monitor/migrations/002_add_velocity_metrics.sql
  • monitor/migrations/003_add_config_management.sql
  • monitor/src/api/auth.rs
  • monitor/src/api/mod.rs
  • monitor/src/api/server.rs
  • monitor/src/cli/cli.rs
  • monitor/src/cli/mod.rs
  • monitor/src/core/config.rs
  • monitor/src/core/config_manager.rs
  • monitor/src/core/mod.rs
  • monitor/src/db/cleanup.rs
  • monitor/src/db/database.rs
  • monitor/src/db/mod.rs
  • monitor/src/lib.rs
  • monitor/src/main.rs
  • monitor/src/monitoring/mod.rs
  • monitor/src/monitoring/monitoring.rs
  • monitor/src/monitoring/push.rs
  • monitor/src/monitoring/rules.rs
  • monitor/src/monitoring/size.rs
  • monitor/src/monitoring/threshold.rs
  • monitor/src/monitoring/timeseries.rs
  • monitor/src/monitoring/velocity.rs
  • monitor/src/utils/error.rs
  • monitor/src/utils/mod.rs
  • monitor/tests/fixtures/disk
  • monitor/tests/go_compat.rs
  • monitor/tests/integration_tests.rs
  • monitor/tests/test_cleanup.rs
  • monitor/tests/test_file_loading.rs
  • monitor/tests/test_toml_config.rs
  • packages/server_box_monitor
  • pubspec.yaml
  • test/amd_smi_test.dart
  • test/btrfs_test.dart
  • test/conn_test.dart
  • test/cpu_test.dart
  • test/disk_test.dart
  • test/frb_parser_test.dart
  • test/memory_test.dart
  • test/net_speed_test.dart
  • test/rust_lib_helper.dart
  • test/server_status_update_req_test.dart
  • test/uptime_test.dart
  • test/windows_test.dart
  • windows/flutter/generated_plugins.cmake

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • Review on demand using usage pricing
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch frb

Comment @coderabbitai help to get the list of available commands.

@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying serverbox with  Cloudflare Pages  Cloudflare Pages

Latest commit: 1dd57ed
Status: ✅  Deploy successful!
Preview URL: https://20d293e3.serverbox.pages.dev
Branch Preview URL: https://frb.serverbox.pages.dev

View logs

@socket-security

socket-security Bot commented Jul 18, 2026

Copy link
Copy Markdown

@socket-security

socket-security Bot commented Jul 18, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: cargo hyper-util is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?cargo/reqwest@0.12.28cargo/hyper-util@0.1.20

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/hyper-util@0.1.20. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: cargo libc is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?cargo/reqwest@0.12.28cargo/ntex@2.18.0cargo/flutter_rust_bridge@2.12.0cargo/chrono@0.4.45cargo/tokio@1.53.0cargo/sqlx@0.8.6cargo/bcrypt@0.15.1cargo/jsonwebtoken@9.3.1cargo/governor@0.6.3cargo/ntex-files@2.1.0cargo/libc@0.2.186

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/libc@0.2.186. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: cargo tokio is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: Cargo.lockcargo/tokio@1.53.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/tokio@1.53.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: cargo writeable is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?cargo/reqwest@0.12.28cargo/sqlx@0.8.6cargo/writeable@0.6.3

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/writeable@0.6.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: cargo zerocopy is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?cargo/ntex@2.18.0cargo/sqlx@0.8.6cargo/governor@0.6.3cargo/ntex-files@2.1.0cargo/zerocopy@0.8.54

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/zerocopy@0.8.54. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm data-urls is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: monitor/frontend/package-lock.jsonnpm/jsdom@26.1.0npm/data-urls@5.0.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/data-urls@5.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm rrweb-cssom is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: monitor/frontend/package-lock.jsonnpm/jsdom@26.1.0npm/rrweb-cssom@0.8.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/rrweb-cssom@0.8.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm ts-api-utils is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: monitor/frontend/package-lock.jsonnpm/@typescript-eslint/eslint-plugin@6.21.0npm/@typescript-eslint/parser@6.21.0npm/ts-api-utils@1.4.3

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/ts-api-utils@1.4.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@winnowl winnowl Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 6

🔎 Confirmed findings (6)
  • medium Windows logical disks with no free space are silently dropped instead of being represented as a valid full disk. parse_disks explicitly filters free == 0, so a normal full C: volume (or a WMI record reporting zero FreeSpace) disappears from ServerStatus.disks; this also makes the Windows disk aggregate report no disk rather than 100% used. The Dart model accepts nullable fields but does not make zero a missing value, and the migrated parser's own required-field comment only calls for missing fields to be skipped. This is introduced by the new Rust Windows parser; the claim would be false if the established Dart parser intentionally excluded full volumes or the remote command guarantees FreeSpace is always positive. (inline)
  • high The velocity endpoints use a hard-coded server key and therefore return no velocity for the configured/default server. (inline)
  • high Windows collection never populates ServerStatus.net, so monitor network totals and velocity remain zero on Windows. (inline)
  • high Retention configuration and migration policy rows do not match cleanup behavior. Migration 003 creates policies for velocity_metrics, cpu_core_metrics, network_totals, enhanced_alerts, component_metrics, rule_executions, performance_metrics, and config_audit_log, while DataCleanupService::cleanup_expired_data deletes only system_metrics and the legacy alerts table. The monitoring loop writes velocity_metrics every cycle (twice per update), so those rows grow without bound despite a configured 30-day policy; the same mismatch affects the other policy-covered tables. This is introduced by the new retention/migration implementation; it would be disproven if another cleanup worker consumed retention_policies, but no such consumer exists. (inline)
  • high The serve CLI options do not affect the server at all. build_cli defines --addr, --cert, and --key (and environment bindings), but handle_serve ignores its ArgMatches and constructs the server solely from Config::load; start_server then uses only get_server(). Running server_box_monitor serve --addr 127.0.0.1:9999 or supplying --cert/--key therefore still binds the config/default 0.0.0.0:3770 and remains plaintext. This is introduced by the new CLI/config integration; it would be disproven if handle_serve or a downstream call applied these matches, but no such application exists. (inline)
  • high The monitor exposes two incompatible CPU semantics from the same shared parser output: sbm_parser produces cumulative CPU ticks, and its Dart consumer computes usage from inter-sample deltas, but monitor::adapt_cpu computes SystemMetrics.cpu_usage as (total-idle)/total over lifetime counters. Consequently the monitor's current /status, stored system_metrics.cpu_usage, and threshold rules use boot-time average CPU rather than current utilization, while its velocity endpoint uses delta-based per-core values and can show a materially different CPU percentage. (inline)
🧹 Additional findings from this change (not shown inline) (19)
  • [medium] The WMI delta parser pairs the two samples by array index rather than by interface/disk name. If WMI returns the same instances in a different order between the two queries (which is allowed when providers enumerate interfaces/disks), the code subtracts counters from different devices and labels the result with the first sample's name, producing negative/huge rates or silently skipping valid devices. The same issue affects both Windows network speed and disk I/O. The claim would be false only if the WMI provider contract used by all supported hosts guarantees stable ordering across the one-second queries.
  • [medium] Linux battery parsing loses the last power-supply record when the command output does not end in a blank line. parse_batteries only calls parse_battery_block when it encounters an empty line and never flushes block after the loop, so valid single-block or truncated/no-final-newline output yields an empty result (and multi-block output loses its final battery). This violates the stated malformed-input tolerance and differs from splitting records into blocks, where the final block is still parseable. The claim would be false if the command transport always guarantees a trailing blank line and that guarantee is part of the parser contract.
  • [high] Windows plugin builds cannot resolve the Rust crate because its CMake integration uses a path that climbs six directories before appending crates/sbm_ffi. From the checked-in crates/sbm_ffi/windows/CMakeLists.txt, that resolves outside the repository rather than to the sibling crate (unlike Linux, which uses ..). A Windows Flutter build will therefore fail during CMake/cargokit setup unless the build system happens to invoke this file with an unrelated working/source directory; this is false only if the generated Windows build relocates/rebases CMAKE_CURRENT_SOURCE_DIR so that the six-level path actually points at the repository crate.
  • [medium] Native FFI initialization failure is unrecoverable at application startup: _initApp awaits RustLib.init() without a catch, and main only runs runApp after _initApp completes. If the native library is absent, has an ABI/load error, or the generated initializer fails on a supported target, the app exits before UI/data initialization; the only fallback implemented is command lookup fallback and there is no Dart status parser left to preserve status functionality. This is not a bug only if startup failure is explicitly the intended policy rather than the scope's required graceful initialization-failure behavior.
  • [medium] CPU-core usage is persisted as idle percentage rather than used percentage.
  • [medium] Retention cleanup leaves velocity and CPU-core time-series rows permanently unbounded.
  • [medium] A velocity database failure partially advances in-memory state and causes the next successful cycle to calculate across an uncommitted sample.
  • [medium] Each monitoring cycle writes two velocity rows and two history points, with the first containing pre-update CPU data.
  • [high] The server can run with a publicly documented/default JWT signing key, so anyone who can reach a protected endpoint can forge an HS256 Bearer token. Config::default, normalize, and get_jwt_secret all fall back to your-secret-key-change-this, while the checked-in example config and frontend also make the default deployment credentials predictable (admin / admin123). This violates the deployment security boundary unless operators always override both values, but the application does not require or validate that they were overridden.
  • [high] TLS configuration is not applied to the HTTP server. Even when SBM_TLS_CERT and SBM_TLS_KEY populate ServerConfig.tls, start_server only calls HttpServer::new(...).bind(&bind_addr) and never configures TLS. A deployment that follows the documented TLS configuration therefore serves login credentials, JWTs, and monitoring data over plaintext HTTP.
  • [medium] The velocity endpoint can return a mixed-time snapshot because it takes and releases the manager read lock for each component independently: velocity, network totals, and readiness are fetched by three separate .read().await chains. The monitoring loop can acquire the manager write lock between those calls and update the processor (including two database writes), so network, is_ready, and the speeds in one response may describe different samples. The same write lock is also held across awaited database writes in update_server_metrics, so a slow SQLite operation blocks all velocity API readers.
  • [medium] Malformed or unsupported limit query parameters are silently converted into an absent limit and the endpoint returns HTTP 200 with the full in-memory history. from_query errors are discarded, and serde_json::Value::as_u64() only accepts a JSON number; normal URL query values such as ?limit=10 are represented as strings, so the documented-looking request does not limit results. This makes query parsing non-observable to clients and permits an unbounded-by-request (up to the retained 1000 entries) response instead of a stable 400 for invalid input.
  • [medium] Internal database/error details are exposed directly to API clients. The velocity handlers build JSON errors with format!("...: {}", e), and MonitorError::WebResponseError::error_response serializes self.to_string() for propagated login/database failures. A SQLite failure (or other internal error) can therefore reveal SQL/schema/path information in a 500 response, rather than returning a stable generic error while logging the cause server-side.
  • [critical] Fresh production databases are seeded with a universally known admin credential: migration 001 inserts username admin with a bcrypt hash whose accompanying comment explicitly says the password is admin123. The login endpoint accepts this account immediately and there is no forced password change or first-run secret provisioning, so any exposed fresh installation can be logged into with the baked-in password. This is introduced by the new initial migration; it would be disproven only if another startup step disables/replaces this account before the server accepts logins, which the initialization and auth paths do not do.
  • [high] The deployment configuration files are not actually loaded by either packaged deployment. Config::load only reads config.toml/config.json and never parses .env; nevertheless Docker copies .env.example to .env, and the install script copies .env without adding a systemd EnvironmentFile. Thus DATABASE_URL, JWT_SECRET, host/port, and TLS environment settings in the shipped .env are ignored, causing the service to use code defaults (including the weak JWT fallback) unless variables happen to be exported externally. This is introduced by the new packaging/config path; it would be disproven if a parent process loads dotenv, but neither the Docker CMD nor the generated unit does so.
  • [high] The release CI workflow points at paths from a different repository layout and cannot complete in this monorepo: the frontend steps run cd frontend and cache frontend/package-lock.json, but the added frontend is monitor/frontend; release packaging copies config.json.example and .env.example from the repository root, while the added files are monitor/config.example.toml and monitor/.env.example. Consequently PR CI fails before testing/building, and the release job cannot create the documented archive. This is introduced by the added monitor workflow; it would be disproven only if those root paths were supplied by an unshown checkout/generated step, which they are not.
  • [medium] The retained Flutter tests cannot initialize the FFI library on Windows because the shared test loader never selects the Windows artifact.
  • [medium] The new monitor documentation still directs users to the obsolete standalone repository wiki, so monitor configuration/usage documentation is not valid for the new workspace checkout.
  • [medium] The monitor's disk aggregation disagrees with the shared parser/Dart disk contract and can double-count layered devices. sbm_parser::types::disk_usage stops descending once a disk node has nonzero size/used data and deduplicates by path:kname, but monitor::aggregate_disks adds every /dev node with size and then recursively walks children without that stop condition (and deduplicates only by path). On lsblk output containing a populated parent plus populated partitions, monitor API/rules/history report inflated disk totals and usage despite the same parsed status being correct for the app.
📜 Review details

Coverage

  • scopes: 6/6 complete

let size = json_u64(&d["Size"])?;
let free = json_u64(&d["FreeSpace"])?;
let fs = d["FileSystem"].as_str().unwrap_or("").to_string();
if device_id.is_empty() || size == 0 || free == 0 || fs.is_empty() {

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Correctness | 🟡 Medium

Windows logical disks with no free space are silently dropped instead of being represented as a valid full disk. parse_disks explicitly filters free == 0, so a normal full C: volume (or a WMI record reporting zero FreeSpace) disappears from ServerStatus.disks; this also makes the Windows disk aggregate report no disk rather than 100% used. The Dart model accepts nullable fields but does not make zero a missing value, and the migrated parser's own required-field comment only calls for missing fields to be skipped. This is introduced by the new Rust Windows parser; the claim would be false if the established Dart parser intentionally excluded full volumes or the remote command guarantees FreeSpace is always positive.

🧩 Analysis
  • Change relation: introduced
  • Confirmation: independently-verified
  • Reachable: ✅
  • ⚠️ The deleted legacy Dart parser was not available for direct comparison, so intentional historical exclusion cannot be ruled out solely from that implementation; however Win32_LogicalDisk permits a valid filesystem with Size > 0 and FreeSpace = 0, and the new parser's explicit filter demonstrably drops it.
🤖 Prompt for AI agents
In crates/sbm_parser/src/windows.rs, address this finding:
Windows logical disks with no free space are silently dropped instead of being represented as a valid full disk. `parse_disks` explicitly filters `free == 0`, so a normal full C: volume (or a WMI record reporting zero FreeSpace) disappears from `ServerStatus.disks`; this also makes the Windows disk aggregate report no disk rather than 100% used. The Dart model accepts nullable fields but does not make zero a missing value, and the migrated parser's own required-field comment only calls for missing fields to be skipped. This is introduced by the new Rust Windows parser; the claim would be false if the established Dart parser intentionally excluded full volumes or the remote command guarantees FreeSpace is always positive.

To have the bot fix this, comment @winnowl fix.

Comment thread monitor/src/api/server.rs
.velocity_manager
.read()
.await
.get_server_velocity("server", interval)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Correctness | 🟠 High

The velocity endpoints use a hard-coded server key and therefore return no velocity for the configured/default server.

🧩 Analysis
  • Change relation: introduced
  • Confirmation: independently-verified
  • Reachable: ✅
🤖 Prompt for AI agents
In monitor/src/api/server.rs, address this finding:
The velocity endpoints use a hard-coded server key and therefore return no velocity for the configured/default server.

To have the bot fix this, comment @winnowl fix.

});
status.batteries = windows::parse_batteries(get(commands::BATTERY));
// 网速/磁盘 IO 为 WMI 双采样差分,直接产出速率:
// windows::parse_net_speed / windows::parse_diskio

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Correctness | 🟠 High

Windows collection never populates ServerStatus.net, so monitor network totals and velocity remain zero on Windows.

🧩 Analysis
  • Change relation: introduced
  • Confirmation: independently-verified
  • Reachable: ✅
🤖 Prompt for AI agents
In crates/sbm_parser/src/lib.rs, address this finding:
Windows collection never populates ServerStatus.net, so monitor network totals and velocity remain zero on Windows.

To have the bot fix this, comment @winnowl fix.

Comment thread monitor/src/db/cleanup.rs
info!("Starting data cleanup task");

let metrics_deleted = self.cleanup_old_metrics().await?;
let alerts_deleted = self.cleanup_old_alerts().await?;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔍 Data Integrity | 🟠 High

Retention configuration and migration policy rows do not match cleanup behavior. Migration 003 creates policies for velocity_metrics, cpu_core_metrics, network_totals, enhanced_alerts, component_metrics, rule_executions, performance_metrics, and config_audit_log, while DataCleanupService::cleanup_expired_data deletes only system_metrics and the legacy alerts table. The monitoring loop writes velocity_metrics every cycle (twice per update), so those rows grow without bound despite a configured 30-day policy; the same mismatch affects the other policy-covered tables. This is introduced by the new retention/migration implementation; it would be disproven if another cleanup worker consumed retention_policies, but no such consumer exists.

🧩 Analysis
  • Change relation: introduced
  • Confirmation: independently-verified
  • Reachable: ✅
  • ⚠️ The retention_policies table is not read anywhere in the repository, though future code outside this revision could theoretically consume it.
  • ⚠️ Some policy-covered tables are currently schema-only; the defect is concretely demonstrated for velocity_metrics and cpu_core_metrics, both of which are written by the monitoring path.
🤖 Prompt for AI agents
In monitor/src/db/cleanup.rs, address this finding:
Retention configuration and migration policy rows do not match cleanup behavior. Migration 003 creates policies for velocity_metrics, cpu_core_metrics, network_totals, enhanced_alerts, component_metrics, rule_executions, performance_metrics, and config_audit_log, while `DataCleanupService::cleanup_expired_data` deletes only `system_metrics` and the legacy `alerts` table. The monitoring loop writes `velocity_metrics` every cycle (twice per update), so those rows grow without bound despite a configured 30-day policy; the same mismatch affects the other policy-covered tables. This is introduced by the new retention/migration implementation; it would be disproven if another cleanup worker consumed `retention_policies`, but no such consumer exists.

To have the bot fix this, comment @winnowl fix.

Comment thread monitor/src/cli/cli.rs
Ok(())
}

async fn handle_serve(matches: &clap::ArgMatches) -> anyhow::Result<()> {

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔍 Compatibility | 🟠 High

The serve CLI options do not affect the server at all. build_cli defines --addr, --cert, and --key (and environment bindings), but handle_serve ignores its ArgMatches and constructs the server solely from Config::load; start_server then uses only get_server(). Running server_box_monitor serve --addr 127.0.0.1:9999 or supplying --cert/--key therefore still binds the config/default 0.0.0.0:3770 and remains plaintext. This is introduced by the new CLI/config integration; it would be disproven if handle_serve or a downstream call applied these matches, but no such application exists.

🧩 Analysis
  • Change relation: introduced
  • Confirmation: independently-verified
  • Reachable: ✅
  • ⚠️ No runtime execution was performed; conclusion follows directly from the reachable call chain.
🤖 Prompt for AI agents
In monitor/src/cli/cli.rs, address this finding:
The `serve` CLI options do not affect the server at all. `build_cli` defines `--addr`, `--cert`, and `--key` (and environment bindings), but `handle_serve` ignores its `ArgMatches` and constructs the server solely from `Config::load`; `start_server` then uses only `get_server()`. Running `server_box_monitor serve --addr 127.0.0.1:9999` or supplying `--cert/--key` therefore still binds the config/default `0.0.0.0:3770` and remains plaintext. This is introduced by the new CLI/config integration; it would be disproven if `handle_serve` or a downstream call applied these matches, but no such application exists.

To have the bot fix this, comment @winnowl fix.

/// CPU:汇总行(id == "cpu",BSD 无汇总则取首核)计算使用率;
/// 逐核转为 CpuCoreTime(used = total - idle)。
/// 注意:单次采样的累计 ticks 反映开机以来均值;差分改造见 ADR Phase 1b
fn adapt_cpu(cores: &[CpuCore]) -> (f32, Vec<CpuCoreTime>) {

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Correctness | 🟠 High

The monitor exposes two incompatible CPU semantics from the same shared parser output: sbm_parser produces cumulative CPU ticks, and its Dart consumer computes usage from inter-sample deltas, but monitor::adapt_cpu computes SystemMetrics.cpu_usage as (total-idle)/total over lifetime counters. Consequently the monitor's current /status, stored system_metrics.cpu_usage, and threshold rules use boot-time average CPU rather than current utilization, while its velocity endpoint uses delta-based per-core values and can show a materially different CPU percentage.

🧩 Analysis
  • Change relation: introduced
  • Confirmation: independently-verified
  • Reachable: ✅
  • ⚠️ The exact user-visible impact depends on the host's uptime and workload history; the concrete Linux path is nevertheless sufficient to reproduce the semantic mismatch.
🤖 Prompt for AI agents
In monitor/src/monitoring/monitoring.rs, address this finding:
The monitor exposes two incompatible CPU semantics from the same shared parser output: `sbm_parser` produces cumulative CPU ticks, and its Dart consumer computes usage from inter-sample deltas, but `monitor::adapt_cpu` computes `SystemMetrics.cpu_usage` as `(total-idle)/total` over lifetime counters. Consequently the monitor's current `/status`, stored `system_metrics.cpu_usage`, and threshold rules use boot-time average CPU rather than current utilization, while its velocity endpoint uses delta-based per-core values and can show a materially different CPU percentage.

To have the bot fix this, comment @winnowl fix.

@winnowl

winnowl Bot commented Jul 18, 2026

Copy link
Copy Markdown

CI failure root-cause analysis

The three failing suites share one root cause: their setUpAll initialization attempts to load the native library target/debug/libsbm_ffi.so, but that file is absent in the CI workspace. The failures occur before the suite tests run; the 240 passing tests and the successful jump_failover_test.dart cases indicate this is not a general test failure or network behavior issue.

Attribution

No change set or build diagnostics were provided, so the introducing change cannot be attributed. The likely cause is a missing or skipped native-library build, an incorrect artifact path, or a CI step that no longer publishes/copies target/debug/libsbm_ffi.so before tests.

Verifiable fix

Before running the Dart tests, build the Rust/native target that produces target/debug/libsbm_ffi.so and verify that the file exists at that exact path; alternatively configure the loader and CI artifact step to use the actual produced path. A CI guard such as test -f target/debug/libsbm_ffi.so immediately before the test command will verify the fix. Also verify the library's runtime dependencies and architecture if the file exists but loading still fails.

Same root cause: 88112927769:test/server_status_update_req_test.dart, 88112927769:test/frb_parser_test.dart, 88112927769:test/windows_test.dart

Incremental value: root cause, attributed to this change, grouped same-root-cause failures, verifiable fix; confidence 98%. Passing CI ≠ absence of defects (§29.4).

@winnowl

winnowl Bot commented Jul 19, 2026

Copy link
Copy Markdown

CI failure root-cause analysis

Three test suites fail during setUpAll because the required native library target/debug/libsbm_ffi.so cannot be loaded: the file is absent or not available at the path used by the tests. The other 240 tests passing and the reported loader error directly support a shared test-environment/build-artifact cause, not three independent test failures.

Attribution

No change set or build-step diagnostics were provided, so the responsible change cannot be attributed. The likely regression is a missing, skipped, or relocated native-library build step, or a working-directory/path change in CI.

Verifiable fix

Before running the Dart tests, build the native target that produces target/debug/libsbm_ffi.so and verify that exact file exists from the test process's working directory. If the artifact is intentionally emitted elsewhere, update the FFI lookup/configuration to use the actual location or copy/symlink the artifact into target/debug; then rerun these three suites and confirm the loader error is gone.

Same root cause: 88157066047: test/server_status_update_req_test.dart setUpAll failure, 88157066047: test/frb_parser_test.dart setUpAll failure, 88157066047: test/windows_test.dart setUpAll failure

Incremental value: root cause, attributed to this change, grouped same-root-cause failures, verifiable fix; confidence 98%. Passing CI ≠ absence of defects (§29.4).

@winnowl winnowl Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

✅ No blocking issues found — approving.

🧹 Additional findings from this change (not shown inline) (2)
  • [medium] Persisted per-core CPU usage is inverted relative to the monitor's CPU semantics.
  • [high] Deployments that omit JWT_SECRET use a publicly documented weak fallback, allowing anyone to forge a valid bearer token for any username and access all protected metrics/velocity APIs. Config::default and Go-format normalization both select your-secret-key-change-this when the environment is absent, and the Docker compose file explicitly supplies your-secret-key-change-this-in-production as its fallback.
🗑️ Suppressed and duplicate diagnostics (1)
  • CPU-core usage is persisted as idle percentage rather than used percentage.
📜 Review details

Coverage

  • scopes: 0/7 complete

@winnowl

winnowl Bot commented Jul 19, 2026

Copy link
Copy Markdown

CI failure root-cause analysis

The three failing suites share one root cause: their setUpAll initialization attempts to load the native dynamic library target/debug/libsbm_ffi.so, but that file is absent at test time. The failures are therefore environment/build-artifact setup failures, not separate failures in the individual test cases. The diagnostics do not identify which change omitted or misplaced the native build, so no specific causing change can be attributed.

Attribution

Not determinable from the supplied diagnostics. The likely regression point is the CI setup or build configuration that should produce or expose target/debug/libsbm_ffi.so before the Dart tests run.

Verifiable fix

Before running the Dart tests, build the native Rust artifact that produces target/debug/libsbm_ffi.so and verify that the file exists from the test process's working directory. Alternatively, update the loader or CI working-directory/library-path configuration to use the artifact's actual location. A validating CI step is test -f target/debug/libsbm_ffi.so immediately before the test command; the three suites should then complete their setUpAll initialization.

Same root cause: /home/runner/work/flutter_server_box/flutter_server_box/test/server_status_update_req_test.dart, /home/runner/work/flutter_server_box/flutter_server_box/test/frb_parser_test.dart, /home/runner/work/flutter_server_box/flutter_server_box/test/windows_test.dart

Incremental value: root cause, attributed to this change, grouped same-root-cause failures, verifiable fix; confidence 98%. Passing CI ≠ absence of defects (§29.4).

@lollipopkit lollipopkit changed the title monorepo 收尾:crates 归位、monitor 发布流水线、文档全量修复 monorepo finale: relocate crates, monitor release pipeline, docs overhaul Jul 19, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant