Commit Graph

20 Commits

Author SHA1 Message Date
ec6421de35 rename ss-tools to superset-tools across the entire project
- Replace all occurrences of 'ss-tools' with 'superset-tools' in 104 files
- Rename git bundle file ss-tools.bundle → superset-tools.bundle
- Update .gitignore pattern accordingly
- Preserve variable names (hasSsTools etc.) and code identifiers
2026-06-16 11:15:19 +03:00
6989bb0bc9 feat(coverage): add coverage-summary script, README section, ADR-0013
- scripts/coverage-summary.sh — unified coverage summary generator
  Runs pytest+coverage (unit/integration) and vitest+coverage,
  parses results, generates single HTML report with both stacks.
  Supports --unit, --backend-only, --frontend-only, --output-dir.
- README.md — add 'Покрытие кода' sub-section under Тестирование
- docs/adr/ADR-0013-coverage-reporting.md — architectural decision record
2026-06-15 13:40:22 +03:00
8ecea09222 fix: capath instead of cafile for all LLM clients
OpenSSL 3.x ignores intermediate CA certs in -CAfile (verify code 20)
but correctly builds chains with -CApath (verify code 0).
All three clients now use capath:
  - service.py: ssl.create_default_context(capath=...)
  - _llm_http.py: verify='/etc/ssl/certs/'
  - preview_llm_client.py: verify='/etc/ssl/certs/'
check_llm_certs.py rewritten for clarity.
2026-05-29 11:02:48 +03:00
802727b58a fix: check_llm_certs.py — fixes from user review
- openssl s_client: stdin=EOF to prevent hang (input='')
- argparse for --target CLI argument
- in_bundle check: awk+openssl per-cert fingerprint comparison
- NamedTemporaryFile: mode='wb' for binary writes
- Added httpx_capath and requests_cafile_capath tests
- Graceful handling of empty ca-certificates.crt
2026-05-28 23:22:53 +03:00
8a815ab1b1 fix: check_llm_certs.py — handle DER files, openssl timeout 20s, binary PEM reads 2026-05-28 23:10:18 +03:00
05f42d5489 fix: check_llm_certs.py — clean main() structure, safe imports 2026-05-28 22:58:37 +03:00
ed4ac88c3d feat: rewrite SSL diag in Python — tests all real libraries
Tests all 4 SSL methods with actual project libraries:
  - httpx (verify=True/False/SSLContext cafile/cafile+capath)
  - requests (verify=True/False/cafile/capath)
  - openssl s_client (default/CAfile/CApath/chain bundle)
  - certutil (NSS/Chromium)
  - certifi vs system CA comparison
Outputs JSON summary with AI diagnosis hint.
2026-05-28 22:57:08 +03:00
2cc2896740 fix: rewrite check_llm_certs.sh — tests all methods AI needs
Tests 4 variants: openssl s_client (CAfile, CApath, default),
Python httpx (cafile, cafile+capath), requests (cafile, capath),
NSS certutil. Output format is machine-parseable for AI diagnosis.
2026-05-28 22:56:19 +03:00
2d4b60cef9 feat: add SSL certificate diag script (check_llm_certs.sh)
Runs from inside Docker container to verify all 4 SSL layers:
1. System CA store (openssl s_client)
2. NSS database (certutil) for Chromium
3. Python httpx (SSLContext with cafile)
4. Python requests (verify with system CA path)
Reads LLM_SSL_VERIFY and CA paths from .env.enterprise-clean
2026-05-28 12:13:44 +03:00
9ffa8af1dc semantics 2026-05-26 09:30:41 +03:00
9228d071ef fix(translate): fix batch sizing — use real available input budget, respect job.batch_size, lazy playwright in docker
- _batch_sizer.py: compute per_batch_budget from actual available_input_budget
  (context_window - max_output_tokens) instead of sum of first N rows
- _batch_sizer.py: cap max_rows_hard_cap with job.batch_size (user config)
- _token_budget.py: add available_input_budget and max_output_tokens to return
- preview.py: validate required config fields before preview
- requirements-docker.txt: add playwright pip package (~5 MB)
- backend.entrypoint.sh: lazy playwright install chromium on first start
- build.sh: switch tar to tar.xz (-T0 -9), 5.5x smaller bundles
- README.md: add offline bundle deployment instructions
- playwright.config.js: add testMatch for *.e2e.js files
- frontend: preview tab config validation, i18n keys, translationRun store
2026-05-17 23:32:00 +03:00
fdf48491a1 fix(translate): Kilo API response_format, reasoning_effort skip, structured_outputs fallback, refusal handling
- Enable response_format (json_object) for all providers including Kilo/OpenRouter
- Skip reasoning_effort for Kilo/OpenRouter (returns 400 — mandatory reasoning)
- Add structured_outputs fallback: retry once without response_format if upstream
  provider (e.g. StepFun) rejects it with 'structured_outputs is not supported'
- Handle model refusal field (refusal) instead of treating as empty content
- Fix None-handling guards for message/finish_reason/content fields
- Apply same fixes to both preview.py and executor.py _call_openai_compatible
- Connect orphaned TermCorrectionPopup, BulkReplaceModal, BulkCorrectionSidebar
2026-05-15 18:12:29 +03:00
7947700188 fix(translate): add EXPLORE logging for LLM JSON parse failures
Preview + executor now log the raw LLM response (first 1000 chars)
when JSON parsing fails, enabling debugging of malformed LLM output.

Previously ValueErrors from JSON parse failures were silently returned
as 400 without any diagnostic data in logs.
2026-05-15 09:15:36 +03:00
39ab647851 semantics 2026-05-13 14:15:33 +03:00
2da548fd71 fix: finalize semantic repair and test updates 2026-03-21 15:07:06 +03:00
81406bc2e2 fix: commit semantic repair changes 2026-03-21 11:22:25 +03:00
5e6fe2fe61 security: rotate bootstrap and clean workspace 2026-03-13 12:14:37 +03:00
0e94268980 Add docker admin bootstrap for clean release 2026-03-13 11:41:44 +03:00
3efba00b8f chore: include docker image metadata in offline bundle manifest 2026-03-11 12:40:54 +03:00
35cdfb0184 feat: add offline docker bundle for enterprise clean releases 2026-03-11 12:35:01 +03:00