user-system/docs/status/REAL_PROJECT_STATUS.md

REAL PROJECT STATUS

2026-04-01 GAP修复验证更新

本轮验证结果

• 后端: go vet ✅ / go build ✅ / go test ✅
• 前端: lint ✅ / build ✅
• 前端测试: ⚠️ 3个失败点(预先存在，测试链路未完全恢复)
• 真实浏览器E2E: ❌ 未跑通，卡在后端健康检查就绪

本轮修复内容

• GAP-01: 角色继承递归查询 + 循环检测 + 深度限制(5层) ✅
• GAP-02: 密码历史记录(最近5个密码不可重复使用) ✅
• GAP-03: 设备信任功能(信任设备跳过2FA) ✅
• GAP-05: 异地登录检测(AnomalyDetector) ✅
• GAP-06: 设备指纹采集(browser/OS/device_id) ✅
• GAP-08: 前端登录页设备指纹采集 ✅
• GAP-09: 前端设备管理页信任状态显示 ✅
• GAP-10: TOTP启用时"记住此设备"选项 ✅

用户侧缺口(仍待实现)

• 系统设置页 - 无独立前端页面
• 全局设备管理页 - 当前仅在个人资料页(profile/security)嵌入设备管理

API文档更新

• docs/API.md 更新日期至 2026-04-01
• 补充设备信任相关端点说明

待处理

• GAP-04: SSO CAS/SAML (PRD可选功能)
• GAP-07: SDK支持 (PRD可选功能)

2026-04-01 专家全面验证更新

• 已完成测试专家 + 用户专家双视角全面复核，详见 docs/code-review/VALIDATION_REPORT_2026-04-01.md
• 本轮后端验证：go vet ./... ✅、go build ./cmd/server ✅、go test ./... -count=1 ✅
• 本轮前端验证：npm run lint ✅、npm run build ✅、npm run test -- --run ⚠️（3 个失败点）、npm run test:coverage ⚠️、npm run e2e:full:win ❌（后端健康检查未就绪）
• 真实边界：本轮不能重复宣称“浏览器级真实 E2E 已重新验证闭环”；当前仅能确认后端构建/测试和前端 lint/build 仍然可信
• PRD/实现纠偏：SMS 密码重置 ✅；角色继承/设备信任/异地与异常设备检测均为“部分实现”；CAS/SAML 与 SDK 仍未实现
• 用户侧主要缺口：管理员管理页、系统设置页、全局设备管理页、登录日志导出、批量操作
• 当前综合评分：8.4/10

2026-03-29 Code Review Findings Update

• 完成了对项目代码的全面系统性审查，包括后端(Go)和前端(React/TypeScript)
• 发现高危问题 7 个，中危问题 13 个，低危问题 6 个
• 已更新 docs/PROJECT_REVIEW_REPORT.md，包含完整的问题清单和修复建议

高优先级问题摘要

后端 (4个高危):

• OAuth ValidateToken 无实际验证 - 仅检查 len(token) > 0
• StateManager 清理 goroutine 无法停止 - 资源泄漏风险
• Rate limiter map 无界限增长 - 内存泄漏风险
• L1Cache 无最大容量限制 - 内存泄漏风险

前端 (3个高危):

• uploadAvatar 字段名可能错误 - 功能性bug
• Webhooks 全量加载无服务端分页 - 性能和扩展性问题
• ProfileSecurityPage 未复用已有 ContactBindingsSection - 代码重复

文档修复

• 重写了 docs/PROJECT_REVIEW_REPORT.md（原文件存在编码问题）
• 记录了 DATA_MODEL 与实际实现的差异

仍有效的历史结论

以下结论保持不变（详见下方历史记录）:

• Q-006 (告警交付就绪) - 仍等待真实SMTP验证
• Q-005 (SCA) - 已关闭
• Q-004 (覆盖率) - 已关闭

2026-03-29 Q-006 Alert Delivery Readiness Update

• Q-006 still cannot be honestly declared closed.
• Repo-level closure preparation improved materially:
  • added a strict live-delivery drill entrypoint in scripts/ops/drill-alertmanager-live-delivery.ps1
  • the new drill refuses unresolved placeholders, example.* addresses/hosts, and placeholder secrets instead of producing fake success
  • the drill writes only redacted config output and masked recipient evidence, so real contacts and secrets are not leaked into the repo evidence tree
  • scripts/ops/validate-alerting-package.ps1 now falls back to the latest available baseline report across prior evidence dates, removing a date-rollover false blocker
• Validation passed:
  • powershell -ExecutionPolicy Bypass -File scripts/ops/validate-alerting-package.ps1 -EvidenceDate 2026-03-29
  • powershell -ExecutionPolicy Bypass -File scripts/ops/drill-alertmanager-render.ps1 -EvidenceDate 2026-03-29
  • powershell -ExecutionPolicy Bypass -File scripts/ops/drill-alertmanager-live-delivery.ps1 -EvidenceDate 2026-03-29 -EnvFilePath deployment/alertmanager/alertmanager.env.example
• Latest real outcomes:
  • structural alerting package validation still passes
  • render drill still passes
  • the new live-delivery drill fails closed against alertmanager.env.example, which is the correct behavior and proves the path does not fake production closure
• Real remaining blocker:
  • Q-006 now narrows to one external proof item: a real non-placeholder env/secret source plus a successful live SMTP acceptance run for the configured on-call receivers
• Evidence:
  • docs/evidence/ops/2026-03-29/alerting/ALERTING_PACKAGE_20260329-100315.md
  • docs/evidence/ops/2026-03-29/alerting/20260329-100315/ALERTMANAGER_RENDER_DRILL.md
  • docs/evidence/ops/2026-03-29/alerting/20260329-100315/ALERTMANAGER_LIVE_DELIVERY_DRILL.md

2026-03-28 Q-005 SCA Closure Update

• Q-005 can now be honestly declared closed.
• Real closure evidence:
  • the latest frontend full dependency-tree scan is now clean
  • the latest production dependency scan remains clean
  • the latest backend reachable vulnerability scan remains clean
• Frontend dependency remediation completed:
  • upgraded vite to 8.0.3
  • upgraded vitest and @vitest/coverage-v8 to 4.1.2
  • upgraded typescript-eslint to 8.57.2
  • pinned the vulnerable transitive chains through overrides:
    • picomatch -> 4.0.4
    • brace-expansion for minimatch@3 -> 1.1.13
    • brace-expansion for minimatch@10 -> 5.0.5
• Validation passed:
  • cd frontend/admin && npm.cmd audit --omit=dev --json --registry=https://registry.npmjs.org/
  • cd frontend/admin && npm.cmd audit --json --registry=https://registry.npmjs.org/
  • go run golang.org/x/vuln/cmd/govulncheck@latest -json ./...
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Latest SCA result:
  • npm audit production: 0
  • npm audit full: 0
  • govulncheck reachable findings: 0
• Real residual note:
  • one Windows cleanup warning was emitted while replacing native packages under node_modules, but it did not block installation or validation
  • the unrelated npm user-config warning Unknown user config "//git@github.com/" is still external environment noise, not a project-generated failure
• Next remaining cross-cutting gap:
  • Q-006 external alert delivery evidence is now the next unclosed major governance item
• Evidence:
  • docs/evidence/ops/2026-03-28/sca/SCA_SUMMARY_20260328-220806.md

2026-03-28 Q-004 Hygiene Closure Update

• The frontend/admin Q-004 closure track can now be honestly declared closed.
• Real closure evidence:
  • the latest full frontend test:coverage run no longer emits the previously recurring post-summary jsdom AggregateError network-noise lines
  • frontend/admin/src/app/router.tsx remained at 100 / 100 / 100 / 100 in that same full-suite run, so the earlier transient regression is not part of the current real state
• Validation passed:
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 93.98%
  • branches 82.29%
  • functions 91.37%
  • lines 94.15%
• Latest full test result:
  • 54 passing test files
  • 248 passing tests
• Real hygiene note:
  • the previous jsdom AggregateError noise is absent in the latest successful run
  • the remaining command-line warning is the external npm user-config warning Unknown user config "//git@github.com/", not a project-generated frontend validation failure
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-151952.md

2026-03-28 ThemeProvider Coverage Closure Update

• Q-004 remediation progressed again, but still cannot be honestly declared closed.
• Frontend theme-provider closure:
  • frontend/admin/src/app/providers/ThemeProvider.tsx is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/app/providers/ThemeProvider.test.tsx now covers locale propagation, theme-token propagation, component-level override propagation, and child rendering through ConfigProvider.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/app/providers/ThemeProvider.test.tsx
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 93.93%
  • branches 82.29%
  • functions 91.37%
  • lines 94.10%
• Real remaining Q-004 frontend gap after this closure:
  • the post-summary jsdom AggregateError network-noise hygiene issue
• Real hygiene note:
  • all previously identified frontend code hotspots in this closure track are now covered and re-verified
  • the successful frontend coverage run still prints post-summary jsdom AggregateError network-noise lines, so the run is green but not yet fully clean
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-144756.md

2026-03-28 Breadcrumb Coverage Closure Update

• Q-004 remediation progressed again, but still cannot be honestly declared closed.
• Frontend breadcrumb-hook closure:
  • frontend/admin/src/lib/hooks/useBreadcrumbs.ts is now covered at 100 / 100 / 100 / 100.
  • the hook was simplified to remove redundant parent-injection logic that was dead under the current route model.
  • frontend/admin/src/lib/hooks/useBreadcrumbs.test.tsx now covers root, single-segment, nested, and unknown-segment breadcrumb behavior.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/lib/hooks/useBreadcrumbs.test.tsx
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 93.84%
  • branches 82.29%
  • functions 91.21%
  • lines 94.01%
• Real remaining Q-004 frontend gaps after this closure:
  • src/app/providers/ThemeProvider.tsx
  • the post-summary jsdom AggregateError network-noise hygiene issue
• Real hygiene note:
  • the successful frontend coverage run still prints post-summary jsdom AggregateError network-noise lines, so the run is green but not yet fully clean
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-144036.md

2026-03-28 NotFound Coverage Closure Update

• Q-004 remediation progressed again, but still cannot be honestly declared closed.
• Frontend 404-page closure:
  • frontend/admin/src/pages/NotFoundPage/NotFoundPage.tsx is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/pages/NotFoundPage/NotFoundPage.test.tsx now covers 404 rendering, missing-page messaging, and navigation back to /dashboard.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/pages/NotFoundPage/NotFoundPage.test.tsx
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 93.69%
  • branches 81.95%
  • functions 91.24%
  • lines 93.85%
• Real remaining Q-004 frontend gaps after this closure:
  • src/lib/hooks/useBreadcrumbs.ts
  • src/app/providers/ThemeProvider.tsx
  • the post-summary jsdom AggregateError network-noise hygiene issue
• Real hygiene note:
  • the successful frontend coverage run still prints post-summary jsdom AggregateError network-noise lines, so the run is green but not yet fully clean
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-143209.md

2026-03-28 ImportExport Coverage Closure Update

• Q-004 remediation progressed again, but still cannot be honestly declared closed.
• Frontend import/export closure:
  • frontend/admin/src/pages/admin/ImportExportPage/ImportExportPage.tsx is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/pages/admin/ImportExportPage/ImportExportPage.test.tsx now covers template format switching, validation guards, import success and warning flows, reset behavior, export field updates, and export failure handling.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/pages/admin/ImportExportPage/ImportExportPage.test.tsx
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 93.56%
  • branches 81.95%
  • functions 90.93%
  • lines 93.71%
• Real remaining Q-004 frontend gaps after this closure:
  • src/pages/NotFoundPage/NotFoundPage.tsx
  • src/lib/hooks/useBreadcrumbs.ts
  • src/app/providers/ThemeProvider.tsx
  • the post-summary jsdom AggregateError network-noise hygiene issue
• Real hygiene note:
  • the page-local window.getComputedStyle(..., pseudoElt) noise introduced during the first draft of this pass has been removed
  • the successful frontend coverage run still prints post-summary jsdom AggregateError network-noise lines, so the run is green but not yet fully clean
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-142248.md

2026-03-28 Coverage Remediation Update XV

• Q-004 improved again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • closure-grade shell coverage for App.tsx and RootLayout.tsx
  • closure-grade error-boundary coverage for ErrorBoundary.tsx
• Latest coverage result:
  • Frontend overall: statements 89.72%, branches 77.57%, functions 84.48%, lines 90.64%
  • src/app/App.tsx: statements 100%, branches 100%, functions 100%, lines 100%
  • src/app/RootLayout.tsx: statements 100%, branches 100%, functions 100%, lines 100%
  • src/components/common/ErrorBoundary/ErrorBoundary.tsx: statements 100%, branches 83.33%, functions 100%, lines 100%
• Latest verified commands:
  • cd D:\project\frontend\admin && npm.cmd run test:run -- src/app/App.test.tsx src/app/RootLayout.test.tsx src/components/common/ErrorBoundary/ErrorBoundary.test.tsx
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-110341.md
• Real boundary:
  • App.tsx, RootLayout.tsx, and ErrorBoundary.tsx are no longer remaining Q-004 gaps
  • Q-004 still cannot be truthfully closed
  • the next higher-value frontend gaps now narrow further to:
    • src/app/router.tsx
    • src/pages/admin/DashboardPage/DashboardPage.tsx
    • src/components/feedback/PageState/PageState.tsx
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean
  • the required sequential lint -> build -> test:coverage path passed in this pass

2026-03-28 Coverage Remediation Update XIV

• Q-004 improved again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • closure-grade auth recovery page coverage for ForgotPasswordPage and ResetPasswordPage
• Latest coverage result:
  • Frontend overall: statements 89.06%, branches 77.14%, functions 83.56%, lines 89.96%
  • src/pages/auth/ForgotPasswordPage/ForgotPasswordPage.tsx: statements 100%, branches 75%, functions 100%, lines 100%
  • src/pages/auth/ResetPasswordPage/ResetPasswordPage.tsx: statements 95%, branches 94.44%, functions 100%, lines 95%
  • src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx: statements 90.35%, branches 75.51%, functions 92.45%, lines 90.13%
• Latest verified commands:
  • cd D:\project\frontend\admin && npm.cmd run test:run -- src/pages/auth/ForgotPasswordPage/ForgotPasswordPage.test.tsx src/pages/auth/ResetPasswordPage/ResetPasswordPage.test.tsx
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-105226.md
• Real boundary:
  • ForgotPasswordPage and ResetPasswordPage are no longer remaining Q-004 gaps
  • Q-004 still cannot be truthfully closed
  • the next higher-value frontend gaps now shift more toward:
    • src/app/App.tsx
    • src/app/RootLayout.tsx
    • src/app/router.tsx
    • src/components/common/ErrorBoundary/ErrorBoundary.tsx
    • src/pages/admin/DashboardPage/DashboardPage.tsx
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean
  • the required sequential lint -> build -> test:coverage path passed in this pass

2026-03-28 Coverage Remediation Update XIII

• Q-004 improved again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • closure-grade page coverage for src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx
• Latest coverage result:
  • Frontend overall: statements 85.89%, branches 74.91%, functions 81.87%, lines 86.71%
  • src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx: statements 90.35%, branches 75.51%, functions 92.45%, lines 90.13%
  • src/lib/http/client.ts: statements 100%, branches 92.30%, functions 100%, lines 100%
  • src/lib/http/csrf.ts: statements 100%, branches 88.46%, functions 100%, lines 100%
• Latest verified commands:
  • cd D:\project\frontend\admin && npm.cmd run test:run -- src/pages/admin/ProfileSecurityPage
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-104341.md
• Real boundary:
  • src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx is no longer a remaining Q-004 gap
  • Q-004 still cannot be truthfully closed
  • the next highest-value frontend gaps now shift more toward:
    • src/pages/auth/ForgotPasswordPage/ForgotPasswordPage.tsx
    • src/pages/auth/ResetPasswordPage/ResetPasswordPage.tsx
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean
  • the required sequential lint -> build -> test:coverage path passed in this pass

2026-03-28 Coverage Remediation Update XII

• Q-004 improved again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • closure-grade module coverage for src/lib/http/client.ts
  • a production hygiene fix for shared refresh-promise rejection handling
• Latest coverage result:
  • Frontend overall: statements 83.86%, branches 72.68%, functions 79.87%, lines 84.72%
  • src/lib/http/client.ts: statements 100%, branches 92.30%, functions 100%, lines 100%
  • src/lib/http/csrf.ts: statements 100%, branches 88.46%, functions 100%, lines 100%
  • src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx: statements 70.17%, branches 48.97%, functions 67.92%, lines 70.40%
• Latest verified commands:
  • cd D:\project\frontend\admin && npm.cmd run test:run -- src/lib/http/client.test.ts
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-102456.md
• Real boundary:
  • src/lib/http/client.ts is no longer a remaining Q-004 gap
  • Q-004 still cannot be truthfully closed
  • the remaining highest-value frontend gap is now more concentrated in:
    • deeper remaining ProfileSecurityPage branches
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean
  • the required sequential lint -> build -> test:coverage path passed in this pass

2026-03-28 Coverage Remediation Update XI

• Q-004 improved again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • closure-grade module coverage for src/lib/http/csrf.ts
• Latest coverage result:
  • Frontend overall: statements 80.06%, branches 67.61%, functions 78.00%, lines 80.91%
  • src/lib/http/csrf.ts: statements 100%, branches 88.46%, functions 100%, lines 100%
  • src/lib/http/client.ts: 52.17%
  • src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx: 70.17%
• Latest verified commands:
  • cd D:\project\frontend\admin && npm.cmd run test:run -- src/lib/http/csrf.test.ts
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-083841.md
• Real boundary:
  • src/lib/http/csrf.ts is no longer a remaining Q-004 gap
  • Q-004 still cannot be truthfully closed
  • the remaining highest-value frontend gaps are now more concentrated in:
    • src/lib/http/client.ts
    • deeper remaining ProfileSecurityPage branches
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean
  • the required sequential lint -> build -> test:coverage path passed in this pass

2026-03-28 Coverage Remediation Update X

• Q-004 improved again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • closure-grade behavior coverage for src/pages/auth/RegisterPage/RegisterPage.tsx
• Latest coverage result:
  • Frontend overall: statements 78.91%, branches 66.06%, functions 77.07%, lines 79.73%
  • src/pages/auth/RegisterPage/RegisterPage.tsx: statements 93.42%, branches 85.24%, functions 87.5%, lines 95.89%
  • src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx: 70.17%
  • src/lib/http/client.ts: 52.17%
  • src/lib/http/csrf.ts: 25.71%
• Latest verified commands:
  • cd D:\project\frontend\admin && npm.cmd run test:run -- src/pages/auth/RegisterPage/RegisterPage.test.tsx
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-082843.md
• Real boundary:
  • RegisterPage is no longer a remaining Q-004 gap
  • Q-004 still cannot be truthfully closed
  • the remaining highest-value frontend gaps are now more concentrated in:
    • deeper remaining ProfileSecurityPage branches
    • lib/http
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean
  • the required sequential lint -> build -> test:coverage path passed in this pass without a new build-path regression observation

2026-03-28 Coverage Remediation Update IX

• Q-004 improved again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • closure-grade behavior coverage for src/pages/auth/LoginPage/LoginPage.tsx
• Latest coverage result:
  • Frontend overall: statements 78.38%, branches 64.77%, functions 76.92%, lines 79.19%
  • src/pages/auth/LoginPage/LoginPage.tsx: statements 92.56%, branches 84.09%, functions 86.2%, lines 95.61%
  • src/pages/auth/RegisterPage/RegisterPage.tsx: 77.63%
  • src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx: 70.17%
  • src/lib/http/client.ts: 52.17%
  • src/lib/http/csrf.ts: 25.71%
• Latest verified commands:
  • cd D:\project\frontend\admin && npm.cmd run test:run -- src/pages/auth/LoginPage/LoginPage.test.tsx
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-081514.md
• Real boundary:
  • LoginPage is no longer a remaining Q-004 gap
  • Q-004 still cannot be truthfully closed
  • the remaining highest-value frontend gaps are now more concentrated in:
    • RegisterPage
    • deeper remaining ProfileSecurityPage branches
    • lib/http
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean
  • one concurrent lint + build attempt produced a transient Windows/Vite index.html emit-path failure; the required standalone build rerun passed immediately afterward
    • this is real observation, but not yet proven to be a deterministic repo defect

2026-03-28 Coverage Remediation Update VIII

• Q-004 improved again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • closure-grade provider behavior coverage for src/app/providers/AuthProvider.tsx
• Latest coverage result:
  • Frontend overall: statements 76.00%, branches 63.91%, functions 75.07%, lines 76.84%
  • src/app/providers: statements 96.38%, branches 93.75%
  • src/app/providers/AuthProvider.tsx: 100%
  • src/pages/auth/LoginPage/LoginPage.tsx: 47.93%
  • src/pages/auth/RegisterPage/RegisterPage.tsx: 77.63%
  • src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx: 70.17%
• Latest verified commands:
  • cd D:\project\frontend\admin && npm.cmd run test:run -- src/app/providers/AuthProvider.test.tsx
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-075725.md
• Real boundary:
  • AuthProvider is no longer a remaining Q-004 gap
  • Q-004 still cannot be truthfully closed
  • the remaining highest-value frontend gaps are now more concentrated in:
    • LoginPage
    • RegisterPage
    • deeper remaining ProfileSecurityPage branches
    • lib/http
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean

2026-03-28 Coverage Remediation Update VII

• Q-004 improved materially again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • full modal/drawer coverage for the remaining UsersPage component cluster
  • full modal/drawer coverage for the remaining WebhooksPage component cluster
  • deeper repository coverage across role/permission/relation repositories
• A real backend defect pair was discovered and fixed during this pass:
  • internal/repository/role.go
    • explicit role create requests with status=0 were being persisted as enabled because the DB default swallowed the zero value
  • internal/repository/permission.go
    • explicit permission create requests with status=0 were being persisted as enabled for the same reason
• Latest coverage result:
  • Frontend overall: statements 74.54%, branches 63.57%, functions 74.61%, lines 75.35%
  • src/pages/admin/UsersPage: 95.06%
  • src/pages/admin/WebhooksPage: 94.92%
  • internal/repository: 67.1%
• Latest verified commands:
  • go test ./internal/repository -run 'Test(RoleRepositoryLifecycleAndQueries|PermissionRepositoryLifecycleAndQueries|UserRoleAndRolePermissionRepositoriesLifecycle)$' -count=1
  • go test ./internal/repository -cover -count=1
  • go test ./... -count=1
  • go vet ./...
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-011431.md
• Real boundary:
  • UsersPage is no longer a dominant uncovered admin cluster
  • WebhooksPage is no longer a dominant uncovered admin cluster
  • internal/repository has improved materially, but Q-004 still cannot be truthfully closed
  • the remaining highest-value gaps are now more concentrated in:
    • deeper remaining ProfileSecurityPage branches
    • LoginPage / RegisterPage
    • app/providers/AuthProvider
    • lib/http
    • remaining repository depth outside the newly covered role/permission/relation paths
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean

2026-03-28 Coverage Remediation Update VI

• Q-004 improved materially again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • deep transport-based coverage across internal/auth/providers
  • full page/modal coverage for RolesPage
  • full page/modal coverage for PermissionsPage
  • page coverage for ProfilePage
• Latest coverage result:
  • Frontend overall: statements 68.32%, branches 54.12%, functions 68.15%, lines 69.28%
  • src/pages/admin/RolesPage: 94.53%
  • src/pages/admin/PermissionsPage: 93.51%
  • src/pages/admin/ProfilePage/ProfilePage.tsx: 91.42%
  • internal/auth/providers: 80.6%
  • internal/repository: 37.1%
• Latest verified commands:
  • go test ./internal/auth/providers ./internal/repository -cover -count=1
  • go test ./... -count=1
  • go vet ./...
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-003416.md
• Real boundary:
  • internal/auth/providers is no longer one of the dominant Q-004 blockers
  • RolesPage, PermissionsPage, and ProfilePage are no longer dominant uncovered admin page clusters
  • Q-004 still cannot be truthfully closed because the remaining high-value gaps have narrowed to:
    • internal/repository depth (37.1%)
    • UsersPage drawers/modals
    • WebhooksPage modal/drawer components
    • deeper remaining ProfileSecurityPage branches
  • the frontend coverage run still emits one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean

2026-03-27 Coverage Remediation Update V

• Q-004 improved again after another strict remediation pass, but it still remains open.
• This pass added and verified:
  • frontend regression coverage for LoginLogsPage
  • frontend regression coverage for OperationLogsPage
  • deeper non-network parsing/error coverage for internal/auth/providers
• Latest coverage result:
  • Frontend overall: statements 56.81%, branches 44.67%, functions 57.38%, lines 57.57%
  • src/pages/admin/LoginLogsPage/LoginLogsPage.tsx: 93.1%
  • src/pages/admin/OperationLogsPage/OperationLogsPage.tsx: 91.52%
  • services: 86.2%
  • internal/auth/providers: 28.7%
  • internal/repository: 37.1%
• Latest verified commands:
  • go test ./... -count=1
  • go vet ./...
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-27/quality/COVERAGE_REMEDIATION_20260327-233824.md
• Real boundary:
  • frontend service adapters are no longer a primary Q-004 gap
  • LoginLogsPage and OperationLogsPage are no longer primary page-level hotspots
  • internal/auth/providers improved materially but is still too shallow to declare Q-004 closed
  • the highest-value next work remains deeper provider paths plus still-uncovered admin pages/components such as PermissionsPage, RolesPage, ProfilePage, and multiple drawers/modals
  • the latest successful frontend coverage run still emitted one post-summary jsdom AggregateError noise line, so the validation path is green but not yet perfectly clean

2026-03-27 Coverage Remediation Update IV

• Q-004 has continued to improve and was re-verified again, but it still remains open.
• This pass mainly closed much of the frontend service-adapter gap:
  • users.ts
  • roles.ts
  • devices.ts
  • profile.ts
  • login-logs.ts
  • operation-logs.ts
  • permissions.ts
  • stats.ts
  • import-export.ts
• This pass also increased non-network provider coverage through:
  • Alipay private-key parsing/signing tests
  • Twitter PKCE auth URL tests
  • OAuth helper error-body boundary tests
• Strict verification caught one more real engineering issue during this pass:
  • the first version of the new permission-service tests passed under Vitest but failed under tsc -b because the fixture payloads did not match the real request types
  • this was corrected before final sign-off
• Latest coverage result:
  • Frontend overall: statements 52.05%, branches 42.86%, functions 51.84%, lines 52.69%
  • services: 86.2%
  • internal/auth/providers: 15.2%
  • internal/repository: 37.1%
• Latest evidence:
  • docs/evidence/ops/2026-03-27/quality/COVERAGE_REMEDIATION_20260327-224352.md
• Real boundary:
  • frontend service adapters are no longer one of the main remaining Q-004 gaps
  • internal/auth/providers is improved but still too shallow to declare the item closed
  • the remaining high-value work should continue to target deeper provider parsing/error branches and still-uncovered admin pages/components

2026-03-27 Coverage Remediation Update III

• Q-004 improved again and was re-verified, but it is still not honestly closable.
• This pass added:
  • frontend regression coverage for UsersPage
  • frontend deeper branch coverage for ProfileSecurityPage
  • backend coverage for more of internal/repository
  • backend non-network coverage for more of internal/auth/providers
• A real defect was found and fixed during this pass:
  • internal/repository/device.go
  • explicit inactive device creation (status=0) was being swallowed by the DB default and persisted as active
• Latest coverage result:
  • Frontend overall: statements 49.18%, branches 42.86%, functions 44.92%, lines 49.79%
  • src/pages/admin/UsersPage/UsersPage.tsx: 90.98% statements, 68.75% branches
  • src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.tsx: 70.17% statements, 48.97% branches
  • internal/repository: 37.1%
  • internal/auth/providers: 8.5%
• Latest verified commands:
  • go test ./... -count=1
  • go vet ./...
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• Latest evidence:
  • docs/evidence/ops/2026-03-27/quality/COVERAGE_REMEDIATION_20260327-221835.md
• Real boundary:
  • UsersPage and ProfileSecurityPage are no longer the dominant gaps they were before this pass.
  • internal/auth/providers remains materially under-covered.
  • Q-004 should stay open until the remaining low-coverage service and provider paths are reduced further.

2026-03-27 Coverage Remediation Update II

• Q-004 在本轮继续推进并通过复验，但仍未完全关闭。
• 本轮新增覆盖与修复：
  • 前端新增 WebhooksPage 页面测试与 services/webhooks.ts 服务测试。
  • 后端新增 webhook_repository 仓储测试。
  • 修复 internal/repository/webhook_repository.go 中显式 status=0 创建时被 DB 默认值吞掉的问题。
  • 修复 frontend/admin/vite.config.js，解决当前 Windows + Vite 8 + --configLoader native 下 index.html 被绝对路径发射导致的 npm.cmd run build 失败。
• 最新覆盖率结果：
  • Frontend overall: statements 41.06%, branches 38.48%, functions 36.00%, lines 41.47%
  • src/pages/admin/WebhooksPage/WebhooksPage.tsx: 93.15%
  • src/services/webhooks.ts: 100%
  • internal/repository: 15.1%
• 最新验证命令：
  • go test ./... -count=1
  • go vet ./...
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• 最新证据：
  • docs/evidence/ops/2026-03-27/quality/COVERAGE_REMEDIATION_20260327-214422.md
• 真实边界：
  • 当前剩余的 Q-004 主要集中在 UsersPage、ProfileSecurityPage 深层分支，以及 internal/auth/providers / internal/repository 的更深路径。

2026-03-27 Coverage Remediation Update

• Q-004 自动化覆盖率不足 已完成一轮增补整改并复验通过，但仍未完全闭环。
• 本轮新增并稳定通过的关键测试覆盖了：
  • 前端 router、RequireAuth、RequireAdmin、AdminLayout、ImportExportPage
  • 后端 internal/database 启动迁移/默认数据/升级回填路径
  • 后端 internal/auth/providers 的 URL / state 生成路径
• 这轮整改中额外收口了两个测试质量问题：
  • router.test.tsx 之前只在 vitest 下能跑，tsc -b 会失败；现已修正为可编译。
  • internal/database/db_test.go 在 Windows 下未释放 SQLite 句柄，导致 TempDir 清理失败；现已显式关闭底层连接。
• 最新覆盖率结果：
  • Frontend overall: statements 37.09%, branches 35.91%, functions 30.30%, lines 37.40%
  • src/app/router.tsx: 47.72%
  • src/components/guards/RequireAuth.tsx: 100%
  • src/components/guards/RequireAdmin.tsx: 100%
  • src/layouts/AdminLayout/AdminLayout.tsx: 80.00%
  • src/pages/admin/ImportExportPage/ImportExportPage.tsx: 83.58%
  • internal/database: 83.2%
  • internal/auth/providers: 4.0%
  • internal/repository: 10.5%
• 最新验证命令：
  • go test ./... -count=1
  • go vet ./...
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && npm.cmd run test:coverage
• 最新证据：
  • docs/evidence/ops/2026-03-27/quality/COVERAGE_REMEDIATION_20260327-212336.md
• 真实边界：
  • Q-004 已明显改善，但不能诚实表述为“自动化覆盖已充分”。
  • 当前优先级仍应先继续补 UsersPage / WebhooksPage / ProfileSecurityPage 与 internal/repository / internal/auth/providers 深层错误分支，之后再推进 Q-005 与 Q-006。

2026-03-27 Auth Session Hardening Closure Update

• The earlier high-priority quality-audit items around browser-side token persistence, OAuth return_to trust boundary, and fail-open security randomness are now closed at implementation level and re-verified.
• Backend/session closure:
  • refresh continuity is now based on the backend-managed HttpOnly refresh cookie.
  • the backend now emits a non-sensitive session-presence cookie (ums_session_present) so the frontend can distinguish "restore is possible" from "no server session exists".
  • OAuth return_to no longer trusts request-derived forwarded origin inference; it is restricted to absolute paths or explicit allowlisted origins.
  • security-sensitive random generation no longer silently degrades on crypto/rand failure.
• Frontend/session closure:
  • access token, current user, and current roles are memory-only and no longer persist into localStorage / sessionStorage.
  • AuthProvider now avoids blind /auth/refresh probing when no session-presence cookie exists.
  • protected-route restore failure no longer loses the original route intent; redirect ownership is back on RequireAuth.
  • post-login route races are hardened by exporting effective auth state from the in-memory session store.
• Real-browser closure:
  • the supported CDP E2E path was rerun after the session model change and now passes again without the earlier 400 Bad Request console-noise regression.
• Latest verified commands for this closure:
  • go test ./... -count=1
  • go vet ./...
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run test:run
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && powershell -ExecutionPolicy Bypass -File .\scripts\run-playwright-auth-e2e.ps1
• Latest evidence:
  • docs/evidence/ops/2026-03-27/quality/AUTH_SESSION_REMEDIATION_20260327-194100.md
• Real boundary:
  • this closes the earlier session-model / OAuth return-path / random-fail-open implementation gaps.
  • it does not close the separate remaining boundaries around coverage depth, dev-toolchain SCA cleanup, or external production alert delivery evidence.

2026-03-27 First Admin Bootstrap Closure Update

• The previously real usability gap around “no default account, no first-admin product path” is now closed at product implementation level.
• Backend closure:
  • added public POST /api/v1/auth/bootstrap-admin.
  • bootstrap is guarded by GET /api/v1/auth/capabilities -> admin_bootstrap_required, so it is only available while the system still has no active admin.
  • successful bootstrap creates the first active admin, binds the admin role, returns a real session, and closes the bootstrap window afterward.
• Frontend closure:
  • added public /bootstrap-admin page.
  • /login and /register now expose a real first-run admin initialization entry instead of only showing a passive warning.
  • successful bootstrap now logs the operator into /dashboard directly.
• Supported-browser validation closure:
  • frontend/admin/scripts/run-playwright-auth-e2e.ps1 no longer depends on startup-injected admin credentials.
  • the real browser E2E suite now begins with admin-bootstrap, proving 无默认账号 -> 初始化首个管理员 -> 进入后台 -> 登出.
• Latest verified commands for this closure:
  • go test ./... -count=1
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run test:run
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && powershell -ExecutionPolicy Bypass -File .\scripts\run-playwright-auth-e2e.ps1
• Latest evidence:
  • docs/evidence/ops/2026-03-27/e2e/ADMIN_BOOTSTRAP_CLOSURE_20260327-173914.md
• Real boundary:
  • this closes the first-admin product loop.
  • it does not change the separate remaining boundaries around live third-party OAuth evidence and external production delivery/governance evidence.

2026-03-27 PRD 1.1 Email Activation Closure Update

• PRD 1.1 多种注册方式 -> 邮箱注册 -> 邮箱地址验证（发送验证邮件） is now closed at product implementation level.
• Backend closure:
  • activation emails now point to the frontend activation page instead of the raw GET /api/v1/auth/activate API endpoint.
  • GET /api/v1/auth/capabilities now exposes email_activation, allowing the frontend to gate resend-activation UX on real capability state.
• Frontend closure:
  • /activate-account is now a real public activation page.
  • invalid or expired activation links now have a real resend-activation path instead of dropping users onto a backend JSON response.
  • /login and /register success state now both expose resend-activation entry points when email activation is available.
  • the activation page no longer double-consumes one-time activation tokens under React StrictMode.
• Supported-browser validation closure:
  • frontend/admin/scripts/run-playwright-auth-e2e.ps1 now starts a local SMTP capture service alongside isolated backend/frontend runtime.
  • the real browser E2E suite now includes email-activation, covering 注册 -> 收取激活邮件 -> 打开前端激活页 -> 激活成功 -> 登录.
• Latest verified commands for this closure:
  • go test ./... -count=1
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run test:run
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && powershell -ExecutionPolicy Bypass -File .\scripts\run-playwright-auth-e2e.ps1
• Latest evidence:
  • docs/evidence/ops/2026-03-27/e2e/EMAIL_ACTIVATION_CLOSURE_20260327-171211.md
• Real boundary:
  • the supported-browser closure uses a local SMTP capture service and proves the product loop.
  • it does not by itself prove live external SMTP provider deliverability.

2026-03-27 PRD 1.1 Self-Service Registration Closure Update

• PRD 1.1 多种注册方式 is now closed at product implementation level for the self-service frontend loop.
• Backend closure:
  • the existing POST /api/v1/auth/register product API is now matched by a real public frontend path.
  • POST /api/v1/auth/send-code now accepts both purpose and legacy scene payloads, preventing older clients from silently breaking while the frontend uses the normalized purpose contract.
• Frontend closure:
  • /register is now a real public route linked from /login.
  • users can complete username/password self-registration, optionally provide nickname/email, and use capability-gated phone registration when SMS is enabled.
  • /dashboard is now admin-guarded, so newly registered non-admin users no longer land on an admin-only stats error path after first login; they settle on /profile.
  • /register is treated as a public auth path during session-restore cleanup.
• Latest verified commands for this closure:
  • go test ./... -count=1
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run test:run
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && powershell -ExecutionPolicy Bypass -File .\scripts\run-playwright-auth-e2e.ps1
• Latest evidence:
  • docs/evidence/ops/2026-03-27/e2e/SELF_SERVICE_REGISTER_CLOSURE_20260327-000848.md
• Real boundary:
  • phone registration remains capability-gated by configured SMS delivery.
  • email activation remains environment-dependent on SMTP-backed delivery.
  • this closes the product loop, not the separate live third-party OAuth proof layer or external production governance evidence layer.

2026-03-26 PRD 1.5 Account Binding Closure Update

• PRD 1.5 用户信息管理 -> 账号绑定与解绑 is now closed at product implementation level for 邮箱 / 手机号 / 社交账号.
• Backend closure:
  • self-service email bind / replace / unbind and phone bind / replace / unbind are now exposed through protected users/me endpoints.
  • bind requires target-channel verification code plus current-account verification when password or TOTP is configured.
  • unbind blocks removal if no login method would remain.
  • direct self-service PUT /api/v1/users/:id updates of email / phone are now rejected for non-admin self flows.
• Frontend closure:
  • /profile/security now includes a real email/phone binding management section.
  • /profile no longer edits email / phone directly and instead routes users to verified binding flows.
• Latest verified commands for this closure:
  • go test ./... -count=1
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run test:run
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && powershell -ExecutionPolicy Bypass -File .\scripts\run-playwright-auth-e2e.ps1
• Latest evidence:
  • docs/evidence/ops/2026-03-26/e2e/ACCOUNT_BINDING_CLOSURE_20260326-224700.md
• Real boundary:
  • email binding remains capability-gated by SMTP-backed email code delivery.
  • phone binding remains capability-gated by configured Aliyun/Tencent SMS delivery.
  • this closes the product loop, not the separate live third-party OAuth proof layer.

2026-03-26 PRD 5.2 Closure Update

• PRD 5.2 用户信息管理 -> 创建用户 is now closed end-to-end.
• Backend closure:
  • POST /api/v1/users is live behind existing user:manage authorization.
  • admin-created users support initial password, optional email/phone/nickname, optional explicit roles, default-role assignment, and optional activation email when SMTP activation is configured.
• Frontend closure:
  • Admin Users page now includes a real 创建用户 modal and service call path.
• E2E closure hardening:
  • frontend/admin/scripts/run-playwright-auth-e2e.ps1 no longer reuses ambient 8080/3000 services.
  • the supported browser path now launches isolated backend/frontend ports and an isolated SQLite database under %TEMP%.
  • frontend/admin/.env.development now defaults to /api/v1, so Vite proxy overrides remain effective.
• Latest verified commands for this closure:
  • go test ./... -count=1
  • go build ./cmd/server
  • cd D:\project\frontend\admin && npm.cmd run lint
  • cd D:\project\frontend\admin && npm.cmd run test:run -- src/services/users.test.ts src/pages/admin/UsersPage/CreateUserModal.test.tsx
  • cd D:\project\frontend\admin && npm.cmd run build
  • cd D:\project\frontend\admin && powershell -ExecutionPolicy Bypass -File .\scripts\run-playwright-auth-e2e.ps1
• Latest evidence:
  • docs/evidence/ops/2026-03-26/e2e/PLAYWRIGHT_CDP_E2E_CREATE_USER_CLOSURE_20260326-190646.md
• Real boundary:
  • the supported CDP browser path confirms create-user success, list-level persistence, and modal close transition initiation.
  • it still does not change the earlier boundary that full OS-level automation and live third-party OAuth validation remain outside current closure.

更新日期：2026-03-26

当前结论

• 后端主链路可构建、可测试、可运行。
• 前端管理台可构建、可 lint、可执行单元测试。
• 当前受支持的真实浏览器主验收路径是 cd frontend/admin && npm.cmd run e2e:full:win。
• 当前项目已经完成浏览器级真实 E2E 收口，但这不等于完整 OS 级自动化。
• 运行时不再依赖 smoke 脚本；smoke 仅保留为补充诊断工具。
• 本地可审计的治理证据已形成一轮闭环，包括 SCA、备份恢复、本地回滚、观测基线、配置与环境隔离、告警包校验、告警渲染演练、密钥边界校验。

2026-03-26 最新收口

• 新增首登管理员初始化状态探测：
  • internal/service/auth_capabilities.go
  • GET /api/v1/auth/capabilities 现在会返回 admin_bootstrap_required，用于反映系统是否仍缺少可登录的激活管理员。
• 登录页已完成首登管理员产品提示闭环：
  • frontend/admin/src/pages/auth/LoginPage/LoginPage.tsx
  • 当系统不存在可用管理员时，前端会明确提示“当前版本不提供默认账号，需先完成管理员初始化”。
• 新增后端与前端回归测试，覆盖管理员初始化状态与登录页提示：
  • internal/service/auth_capabilities_runtime_test.go
  • internal/api/handler/auth_capabilities_test.go
  • frontend/admin/src/services/auth.test.ts
  • frontend/admin/src/pages/auth/LoginPage/LoginPage.test.tsx
• 浏览器级真实 E2E 主链路已复跑通过，登录页首登提示改动未破坏既有认证流程：
  • cd frontend/admin && npm.cmd run e2e:full:win
• 修复邮箱验证码限流回归：第二次发送从误报 500 恢复为 429 Too Many Requests。
• 为邮箱限流错误增加稳定兼容识别，避免因历史乱码文案或英文限流文案导致再次误分级。
• 移除非测试代码中的最后一个 panic：
  • internal/auth/jwt.go
  • 旧 NewJWT 兼容入口现在不再因非法配置直接崩进程，而是延迟到实际调用时返回 error。
• 新增闭环测试覆盖 legacy JWT 构造失败不再 panic：
  • internal/auth/jwt_closure_test.go
• 前端 window.alert/confirm/prompt/open 保护链路已确认存在且有测试覆盖：
  • frontend/admin/src/app/bootstrap/installWindowGuards.ts

当前运行时真实能力

• 密码登录：启用
• 邮箱验证码登录：仅在 SMTP 配置完整时启用
• 短信验证码登录：仅在阿里云或腾讯云短信配置完整时启用
• 账号绑定与解绑：邮箱 / 手机号 / 社交账号产品闭环已完成；邮箱与短信绑定分别依赖对应验证码通道配置
• 密码重置：仅在 SMTP 配置完整时启用
• 首登管理员初始化：当系统不存在激活管理员时，/login 与 /register 会基于 GET /api/v1/auth/capabilities 暴露 /bootstrap-admin 入口；初始化成功后会直接进入后台，且该入口自动关闭
• TOTP：启用
• RBAC / 设备 / 日志 / Webhook / 导入导出：启用
• 健康检查：
  • GET /health
  • GET /health/live
  • GET /health/ready

当前真实限制

• 当前支持的是浏览器级真实验证，不是完整 OS 级自动化。
• 这不覆盖系统文件选择器、系统权限弹窗、原生桌面窗口等操作系统层行为。
• 当前环境下 playwright test runner 仍受 spawn EPERM 限制，因此不作为受支持主入口。
• agent-browser 目前可用于观察和辅助诊断，但不能作为稳定、全量、可签字的项目 E2E 主链路证据。
• OAuth 前端闭环已完成，但仍缺少真实第三方 provider 凭证下的 live browser validation 证据。
• 生产外部交付层面的材料仍未完全闭环：
  • 外部通知通道联调证据
  • 外部 Secrets Manager / KMS 证据
  • 多环境 CI/CD 密钥分发证据
  • 跨历史版本 schema downgrade 级别的回滚兼容性证据

已验证命令

本轮已执行并通过：

go test ./... -count=1
go vet ./...
go build ./cmd/server

cd D:\project\frontend\admin
npm.cmd run test:run -- src/services/auth.test.ts src/pages/auth/LoginPage/LoginPage.test.tsx
npm.cmd run lint
npm.cmd run build
npm.cmd run e2e:full:win

此前已形成并保留的本地治理证据命令：

powershell -ExecutionPolicy Bypass -File scripts/ops/run-sca-evidence.ps1
powershell -ExecutionPolicy Bypass -File scripts/ops/drill-sqlite-backup-restore.ps1
powershell -ExecutionPolicy Bypass -File scripts/ops/capture-local-baseline.ps1
powershell -ExecutionPolicy Bypass -File scripts/ops/drill-config-isolation.ps1
powershell -ExecutionPolicy Bypass -File scripts/ops/drill-local-rollback.ps1
powershell -ExecutionPolicy Bypass -File scripts/ops/validate-alerting-package.ps1
powershell -ExecutionPolicy Bypass -File scripts/ops/drill-alertmanager-render.ps1
powershell -ExecutionPolicy Bypass -File scripts/ops/validate-secret-boundary.ps1

治理基线入口

• 项目级协作与真实表述规则：AGENTS.md
• 工程质量标准：docs/team/QUALITY_STANDARD.md
• 生产发布核查清单：docs/team/PRODUCTION_CHECKLIST.md
• 工程协作与文档同步指南：docs/team/TECHNICAL_GUIDE.md
• 本轮项目经验沉淀：docs/team/PROJECT_EXPERIENCE_SUMMARY.md

已有证据

• 全量真实浏览器 E2E 收口：
  • docs/evidence/ops/2026-03-24/e2e/PLAYWRIGHT_CDP_E2E_CLOSURE_20260324-151537.md
• agent-browser 真实性验证：
  • docs/evidence/ops/2026-03-24/e2e/AGENT_BROWSER_VALIDATION_20260324-162724.md
• 早期 raw CDP Windows 稳定性证据：
  • docs/evidence/ops/2026-03-24/e2e/RAW_CDP_WINDOWS_STABILITY_20260324-121816.md
• 密钥边界：
  • docs/evidence/ops/2026-03-24/secret-boundary/20260324-104122/SECRET_BOUNDARY_DRILL.md
• SCA：
  • docs/evidence/ops/2026-03-24/sca/SCA_SUMMARY_20260324-072144.md
• 备份恢复演练：
  • docs/evidence/ops/2026-03-24/backup-restore/20260324-072353/BACKUP_RESTORE_DRILL.md
• 本地回滚演练：
  • docs/evidence/ops/2026-03-24/rollback/20260324-084928/ROLLBACK_DRILL.md
• 本地观测基线：
  • docs/evidence/ops/2026-03-24/observability/LOCAL_BASELINE_20260324-090637.md
• 配置与环境隔离：
  • docs/evidence/ops/2026-03-24/config-isolation/20260324-084915/CONFIG_ENV_ISOLATION_DRILL.md
• 告警包结构校验：
  • docs/evidence/ops/2026-03-24/alerting/ALERTING_PACKAGE_20260324-102540.md
• 告警渲染演练：
  • docs/evidence/ops/2026-03-24/alerting/20260324-102553/ALERTMANAGER_RENDER_DRILL.md

对外表述建议

当前可以诚实表述为：项目已完成当前受限 Windows 环境下的浏览器级真实 E2E 收口，并具备本地可审计的一轮治理证据闭环；尚未完成的是完整 OS 级自动化、真实第三方 OAuth live 验证，以及部分生产外部交付层证据，不应夸大为“全部企业级上线材料均已闭环”。

2026-03-26 Social Account Binding Closure Update

• PRD social account management (1.5, 2.2, 2.3) is now closed at implementation level.
• Backend closure:
  • POST /api/v1/users/me/bind-social now starts an authenticated OAuth binding flow instead of relying on raw open_id input from the product UI path.
  • GET /api/v1/auth/oauth/:provider/callback now supports both login callback and bind callback through persisted OAuth state purpose.
  • GET /api/v1/users/me/social-accounts now returns sanitized bound-account info.
  • DELETE /api/v1/users/me/bind-social/:provider now enforces password/TOTP verification when available and blocks unbinding if no login method would remain.
• Frontend closure:
  • /profile/security now exposes a real social-account management section with bind entry, bound account table, callback-result handling, and guarded unbind modal.
• Validation passed:
  • go test ./... -count=1
  • go build ./cmd/server
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run test:run -- src/services/auth.test.ts src/services/social-accounts.test.ts src/pages/admin/ProfileSecurityPage/ProfileSecurityPage.social.test.tsx
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && powershell -ExecutionPolicy Bypass -File .\scripts\run-playwright-auth-e2e.ps1
• Real remaining gap:
  • live third-party OAuth provider browser evidence is still missing; this update closes the product flow, not the real-provider proof layer.
• Evidence:
  • docs/evidence/ops/2026-03-26/e2e/SOCIAL_ACCOUNT_BINDING_CLOSURE_20260326-200220.md

2026-03-28 Router Coverage Closure Update

• Q-004 remediation progressed further, but still cannot be honestly declared closed.
• Frontend router closure:
  • frontend/admin/src/app/router.tsx is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/app/router.test.tsx now covers public/protected route registration, RequireAuth and RequireAdmin wrapping, default redirect behavior, lazy route resolution, and the invalid-export error branch.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/app/router.test.tsx
  • cd frontend/admin && npm.cmd run test:run
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 90.74%
  • branches 77.74%
  • functions 87.40%
  • lines 90.87%
• Real remaining Q-004 frontend gaps after this closure:
  • src/pages/admin/DashboardPage/DashboardPage.tsx
  • src/components/feedback/PageState/PageState.tsx
  • broader low-coverage shared/admin surfaces outside this single pass
• Real remaining hygiene issue:
  • npm.cmd run test:coverage still exits successfully but prints one post-summary jsdom AggregateError network-noise line.
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-121611.md

2026-03-28 Dashboard Coverage Closure Update

• Q-004 remediation progressed again, but still cannot be honestly declared closed.
• Frontend dashboard closure:
  • frontend/admin/src/pages/admin/DashboardPage/DashboardPage.tsx is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/pages/admin/DashboardPage/DashboardPage.test.tsx now covers loading, success, retriable error, retry recovery, and empty-payload fallback behavior.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/pages/admin/DashboardPage/DashboardPage.test.tsx
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 91.66%
  • branches 78.26%
  • functions 87.86%
  • lines 91.82%
• Real remaining Q-004 frontend gaps after this closure:
  • src/components/feedback/PageState/PageState.tsx
  • broader low-coverage shared/admin surfaces outside this single pass
• Real remaining hygiene issue:
  • npm.cmd run test:coverage still exits successfully but prints one post-summary jsdom AggregateError network-noise line.
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-122517.md

2026-03-28 PageState Coverage Closure Update

• Q-004 remediation progressed again, but still cannot be honestly declared closed.
• Shared page-state closure:
  • frontend/admin/src/components/feedback/PageState/PageState.tsx is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/components/feedback/PageState/PageState.test.tsx now covers loading, empty, action-button, error default, retry, and extra-action behavior.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/components/feedback/PageState/PageState.test.tsx
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 91.71%
  • branches 78.52%
  • functions 88.01%
  • lines 91.86%
• Real remaining Q-004 frontend gaps after this closure:
  • src/layouts/AdminLayout/AdminLayout.tsx
  • src/pages/admin/ImportExportPage/ImportExportPage.tsx
  • src/lib/errors/AppError.ts
  • src/lib/storage/token-storage.ts
  • additional lower-coverage shared/admin surfaces outside this single pass
• Real remaining hygiene issue:
  • npm.cmd run test:coverage still exits successfully but prints one post-summary jsdom AggregateError network-noise line.
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-123228.md

2026-03-28 AdminLayout Coverage Closure Update

• Q-004 remediation progressed again, but still cannot be honestly declared closed.
• Admin shell closure:
  • frontend/admin/src/layouts/AdminLayout/AdminLayout.tsx is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/layouts/AdminLayout/AdminLayout.test.tsx now covers loading, desktop and mobile navigation, dropdown actions, collapse state, avatar and username fallback logic, and explicit child rendering.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/layouts/AdminLayout/AdminLayout.test.tsx
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 92.06%
  • branches 79.29%
  • functions 89.09%
  • lines 92.22%
• Real remaining Q-004 frontend gaps after this closure:
  • src/lib/storage/token-storage.ts
  • src/lib/errors/AppError.ts
  • src/pages/admin/ImportExportPage/ImportExportPage.tsx
  • src/pages/NotFoundPage/NotFoundPage.tsx
  • additional lower-coverage shared/admin surfaces outside this single pass
• Real remaining hygiene issue:
  • npm.cmd run test:coverage still exits successfully but prints one post-summary jsdom AggregateError network-noise line.
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-124756.md

2026-03-28 Token Storage Coverage Closure Update

• Q-004 remediation progressed again, but still cannot be honestly declared closed.
• Token storage closure:
  • frontend/admin/src/lib/storage/token-storage.ts is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/lib/storage/token-storage.test.ts now covers token normalization, in-memory presence checks, explicit clearing, session cookie detection, and the no-document branch.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/lib/storage/token-storage.test.ts
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 92.32%
  • branches 79.63%
  • functions 89.70%
  • lines 92.49%
• Real remaining Q-004 frontend gaps after this closure:
  • src/lib/errors/AppError.ts
  • src/pages/admin/ImportExportPage/ImportExportPage.tsx
  • src/pages/NotFoundPage/NotFoundPage.tsx
  • additional lower-coverage shared/admin surfaces outside this single pass
• Real remaining hygiene issue:
  • npm.cmd run test:coverage still exits successfully but prints one post-summary jsdom AggregateError network-noise line.
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-125454.md

2026-03-28 AppError Coverage Closure Update

• Q-004 remediation progressed again, but still cannot be honestly declared closed.
• Error module closure:
  • frontend/admin/src/lib/errors/AppError.ts is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/lib/errors/index.ts is now covered at 100 / 100 / 100 / 100.
  • frontend/admin/src/lib/errors/AppError.test.ts now covers constructor defaults, factory helpers, response mapping, user-message mapping, and shared error helpers.
• Validation passed:
  • cd frontend/admin && npm.cmd run test:run -- src/lib/errors/AppError.test.ts
  • cd frontend/admin && npm.cmd run lint
  • cd frontend/admin && npm.cmd run build
  • cd frontend/admin && npm.cmd run test:coverage
• Frontend current full coverage:
  • statements 93.07%
  • branches 81.35%
  • functions 90.32%
  • lines 93.26%
• Real remaining Q-004 frontend gaps after this closure:
  • src/pages/admin/ImportExportPage/ImportExportPage.tsx
  • src/pages/NotFoundPage/NotFoundPage.tsx
  • src/lib/hooks/useBreadcrumbs.ts
  • src/app/providers/ThemeProvider.tsx
  • additional lower-coverage shared/admin surfaces outside this single pass
• Real remaining hygiene issue:
  • npm.cmd run test:coverage still exits successfully but prints one post-summary jsdom AggregateError network-noise line.
• Evidence:
  • docs/evidence/ops/2026-03-28/quality/COVERAGE_REMEDIATION_20260328-140215.md