feat: 100 轮迭代进化 - 测试覆盖 + Bug 修复 + 功能增强

.env.example

@@ -1,23 +1,131 @@
-# LLM 配置（三选一）
+# =============================================================================
+# LLM Provider Configuration (choose one)
+# =============================================================================
 
-# 方式 1: OpenAI 兼容 API（如 LongCat、DeepSeek 等）
+# Option 1: OpenAI-Compatible API (LongCat, DeepSeek, etc.)
 OPENAI_API_KEY=your-api-key
 OPENAI_BASE_URL=https://api.longcat.chat/openai/v1
 MODEL=LongCat-Flash-Chat
 
-# 方式 2: Anthropic Claude
+# Option 2: Anthropic Claude
 # OPENAI_API_KEY=
 # ANTHROPIC_API_KEY=your-anthropic-api-key
 # MODEL=claude-sonnet-4-20250514
 
-# 方式 3: OpenAI 默认
+# Option 3: OpenAI Default
 # OPENAI_API_KEY=your-openai-api-key
 # OPENAI_BASE_URL=
 # MODEL=gpt-4o-mini
 
-# 日志配置
-# JOJO_CODE_LOG_LEVEL=INFO           # DEBUG, INFO, WARNING, ERROR
-# JOJO_CODE_LOG_FILE=server.log      # 日志文件路径
-# JOJO_CODE_LOG_FORMAT=json          # json 或 text
-# JOJO_CODE_LOG_MAX_BYTES=10485760   # 单文件最大 10MB
-# JOJO_CODE_LOG_BACKUP_COUNT=5       # 保留 5 个备份文件
+# =============================================================================
+# Server Configuration
+# =============================================================================
+
+# Server host and port
+JOJO_CODE_HOST=0.0.0.0
+JOJO_CODE_PORT=8080
+
+# Enable debug mode (verbose logging, auto-reload)
+# JOJO_CODE_DEBUG=false
+
+# CORS allowed origins (comma-separated)
+# JOJO_CODE_CORS_ORIGINS=http://localhost:3000,http://localhost:5173
+
+# Rate limiting (requests per minute per IP)
+# JOJO_CODE_RATE_LIMIT=60
+
+# Maximum concurrent WebSocket connections
+# JOJO_CODE_MAX_CONNECTIONS=100
+
+# =============================================================================
+# Logging Configuration
+# =============================================================================
+
+# Log level: DEBUG, INFO, WARNING, ERROR, CRITICAL
+# JOJO_CODE_LOG_LEVEL=INFO
+
+# Log file path (empty = stdout only)
+# JOJO_CODE_LOG_FILE=server.log
+
+# Log format: json or text
+# JOJO_CODE_LOG_FORMAT=json
+
+# Log rotation: max file size in bytes (default 10MB)
+# JOJO_CODE_LOG_MAX_BYTES=10485760
+
+# Number of backup log files to keep
+# JOJO_CODE_LOG_BACKUP_COUNT=5
+
+# =============================================================================
+# Agent Configuration
+# =============================================================================
+
+# Maximum iterations per agent session (prevents infinite loops)
+# JOJO_CODE_MAX_ITERATIONS=50
+
+# Agent timeout in seconds
+# JOJO_CODE_AGENT_TIMEOUT=300
+
+# Enable/disable tool execution (useful for testing)
+# JOJO_CODE_ENABLE_TOOLS=true
+
+# Default agent mode: plan or build
+# JOJO_CODE_DEFAULT_MODE=build
+
+# =============================================================================
+# Security Configuration
+# =============================================================================
+
+# Enable audit logging
+# JOJO_CODE_AUDIT_ENABLED=true
+
+# Audit log file path
+# JOJO_CODE_AUDIT_FILE=audit.log
+
+# Allowed shell commands (comma-separated, empty = all)
+# JOJO_CODE_ALLOWED_COMMANDS=git,python,uv
+
+# Blocked shell commands (comma-separated)
+# JOJO_CODE_BLOCKED_COMMANDS=rm -rf,sudo
+
+# Enable SSRF protection for web requests
+# JOJO_CODE_SSRF_PROTECTION=true
+
+# =============================================================================
+# Memory Configuration
+# =============================================================================
+
+# Enable conversation memory
+# JOJO_CODE_MEMORY_ENABLED=true
+
+# Maximum messages to keep in memory
+# JOJO_CODE_MEMORY_MAX_MESSAGES=100
+
+# Token limit for memory compression
+# JOJO_CODE_MEMORY_TOKEN_LIMIT=4000
+
+# =============================================================================
+# Plugin Configuration
+# =============================================================================
+
+# Enable plugin system
+# JOJO_CODE_PLUGINS_ENABLED=true
+
+# Plugin directories (comma-separated)
+# JOJO_CODE_PLUGIN_DIRS=./plugins,~/.jojo-code/plugins
+
+# Disabled plugins (comma-separated)
+# JOJO_CODE_DISABLED_PLUGINS=
+
+# =============================================================================
+# Development Configuration
+# =============================================================================
+
+# Enable hot reload for development
+# JOJO_CODE_HOT_RELOAD=false
+
+# Enable profiling
+# JOJO_CODE_PROFILING=false
+
+# Test mode (disables external API calls)
+# JOJO_CODE_TEST_MODE=false

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,42 @@
+---
+name: Bug 报告
+about: 报告一个 bug 帮助我们改进
+title: '[BUG] '
+labels: bug
+assignees: ''
+---
+
+## 描述
+
+简要描述 bug。
+
+## 复现步骤
+
+1. 执行 '...'
+2. 输入 '...'
+3. 看到 '...'
+
+## 期望行为
+
+描述你期望的正确行为。
+
+## 实际行为
+
+描述实际发生的情况。
+
+## 环境信息
+
+- OS: [e.g., Windows 11, macOS 14, Ubuntu 22.04]
+- Python 版本: [e.g., 3.12.0]
+- jojo-code 版本: [e.g., 0.2.0]
+- 安装方式: [e.g., pip, uv, source]
+
+## 错误日志
+
+```
+粘贴相关的错误日志
+```
+
+## 补充信息
+
+其他可能有用的信息（截图、配置文件等）。

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,27 @@
+---
+name: 功能请求
+about: 建议一个新功能
+title: '[FEATURE] '
+labels: enhancement
+assignees: ''
+---
+
+## 描述
+
+简要描述你想要的功能。
+
+## 使用场景
+
+解释为什么需要这个功能，以及你会如何使用它。
+
+## 建议实现
+
+如果你有想法，描述可能的实现方式。
+
+## 替代方案
+
+描述你目前使用的替代方案（如果有）。
+
+## 补充信息
+
+其他上下文信息。

.github/ISSUE_TEMPLATE/question.md

@@ -0,0 +1,19 @@
+---
+name: 问题咨询
+about: 使用中遇到的问题
+title: '[QUESTION] '
+labels: question
+assignees: ''
+---
+
+## 问题描述
+
+描述你的问题。
+
+## 已尝试的解决方案
+
+描述你已经尝试过的方法。
+
+## 相关文档
+
+如果有相关的文档或链接，请提供。

.github/pull_request_template.md

@@ -0,0 +1,33 @@
+## 描述
+
+简要描述此 PR 的变更内容。
+
+## 变更类型
+
+- [ ] Bug 修复
+- [ ] 新功能
+- [ ] 重构
+- [ ] 文档更新
+- [ ] 测试
+- [ ] 其他
+
+## 相关 Issue
+
+Closes #(issue 编号)
+
+## 测试
+
+- [ ] 已运行 `uv run ruff check src/ tests/`
+- [ ] 已运行 `uv run ruff format src/ tests/`
+- [ ] 已运行 `uv run pytest tests/ -v`
+- [ ] 已添加新功能的测试
+
+## 截图（如适用）
+
+## 检查清单
+
+- [ ] 代码遵循项目风格指南
+- [ ] 已添加必要的文档
+- [ ] 已添加必要的测试
+- [ ] 所有测试通过
+- [ ] 已更新 CHANGELOG.md（如适用）

CHANGELOG.md

@@ -0,0 +1,64 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Added
+- Dynamic system prompt generation from ToolRegistry
+- Tool call retry mechanism with exponential backoff
+- Tool result size limiting (50KB max) to prevent context overflow
+- Configurable max_iterations in AgentState
+- grep_search context_lines parameter for showing surrounding lines
+- read_file start_line/end_line parameters for line range reading
+- Enhanced health check endpoint with CPU, memory, uptime info
+- CLI --version flag
+- LLM call error handling in thinking_node
+- CONTRIBUTING.md contribution guide
+- GitHub Issue templates (bug report, feature request, question)
+- PR template
+- CHANGELOG.md
+- examples/README.md
+- Comprehensive test coverage for security modules (ssrf, rule, denial)
+- Comprehensive test coverage for memory modules (short_term, long_term, retriever, types)
+- Comprehensive test coverage for MCP client
+- Comprehensive test coverage for built-in plugins (code_review, test_generator, git)
+- Comprehensive test coverage for core modules (database, monitoring, webhook)
+
+### Fixed
+- datetime.utcnow() deprecation warning in audit.py
+- PytestCollectionWarning for TestCaseEvaluator in evaluator.py
+- Indentation bug in denial.py AdaptivePermissionMixin.check_with_denial_tracking
+- UnboundLocalError in long_term.py (redundant local Path import)
+- MockDatabaseBackend.fetch_one id filtering logic
+- AlertManager.check using rule.condition instead of non-existent rule.evaluate
+- Webhook.trigger returning results for successful local handlers
+
+### Changed
+- System prompt is now dynamically generated from available tools
+- Tool execution now supports automatic retry on transient failures
+
+## [0.1.0] - 2026-05-29
+
+### Added
+- Initial release
+- LangGraph-based agent loop with thinking/execute nodes
+- 40+ built-in tools (file, shell, git, search, web, HTTP, code analysis, performance, data, docs, system)
+- Textual TUI with chat, header, footer, input area, status bar widgets
+- WebSocket (JSON-RPC 2.0) + SSE streaming server
+- REST API endpoints for agents, conversations, metrics
+- Plugin system with 3 built-in plugins (code_review, git, test_generator)
+- Security: permission management, audit logging, SSRF protection, command/path guards
+- Memory: conversation memory with token counting and compression
+- Short-term and long-term memory with retrieval
+- AgentOps: metrics collection, evaluation, dashboard, reporting
+- Model abstraction: OpenAI, Anthropic Claude, OpenAI-compatible APIs
+- MCP client support
+- Skills system
+- Task execution framework
+- Session persistence
+- Docker support (experimental)
+- CLI commands: TUI, server management, config, plugin management, setup wizard