Skip to content

fix(runtime): validate GUI and backend build identity#735

Closed
musnows wants to merge 2 commits into
KunAgent:developfrom
musnows:codex/runtime-build-hash-check
Closed

fix(runtime): validate GUI and backend build identity#735
musnows wants to merge 2 commits into
KunAgent:developfrom
musnows:codex/runtime-build-hash-check

Conversation

@musnows

@musnows musnows commented Jul 4, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • Add a build identity hash to both the GUI bundle and Kun runtime.
  • Include runtime version and build hash in /health.
  • Reject local runtime connections when the backend build hash or version does not match the GUI.

Changes

  • Adds shared GUI/runtime build identity constants.
  • Extends main-process health probing with version and build hash expectations.
  • Adds renderer-side connection guard and localized mismatch messaging.
  • Covers hash/version mismatch behavior with targeted tests.

Tests

  • npm run test -- src/main/kun-health.test.ts src/renderer/src/agent/kun-runtime.test.ts src/main/build-identity.test.ts
  • npm run typecheck
  • npm run build:kun
  • git diff --check

@XingYu-Zhong

Copy link
Copy Markdown
Collaborator

我这边 review 了一下,这个 PR 先别合。核心问题不是 build/version mismatch guard 这个方向,而是当前 build identity 的来源不可靠。

现在 src/shared/build-identity.tskun/src/version.ts 里都是手写的固定 hash。GUI 和 runtime 确实会比较这两个值,但因为两个值都是提交进源码的常量,后续代码变了只要没人同步改常量,GUI/runtime 仍然会互相匹配并通过校验。这样校验到的只是“两个常量相等”,不是“当前 GUI 和当前 runtime 来自同一份真实构建”。

建议把 hash/version 改成构建时自动注入,或者至少加 CI 校验让这些常量必须等于当前 HEAD SHA、过期就失败。更理想的是 GUI 和 Kun runtime 在 build 前由同一个脚本生成各自的 identity 文件,避免手写漂移。这个来源变成自动且防过期之后,这个 runtime mismatch guard 就可以继续合。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants