canonical-entropydocs(audit): 添加nop-stream和nop-job审计报告及修复计划

文件	最后提交记录	最后更新时间
2026-05-18-adversarial-review-nop-job	docs(audit): 新增nop-job对抗式审查报告（Round 1+2, 31个发现）	14 天前
2026-05-18-deep-audit-nop-job-full	docs(audit): 新增nop-job深度审核报告（20维度，21个文件）	14 天前
2026-05-20-adversarial-review-nop-message-pulsar	docs(ai-dev): 新增审计、计划和经验教训 - 对抗性审计：nop-message-pulsar 和 nop-stream-design - 新增 Plan 31: nop-message-pulsar 实现计划 - 经验教训03: Plan Guide 是强制程序 - 2026-05-21 开发日志	12 天前
2026-05-20-adversarial-review-nop-stream	fix(stream): 修复审计发现的全部P0-P3缺陷（41项） - N17: MemoryInternalAppendingState累加器每次add前重置 - N1: WindowOperator存储累加器引用而非getLocalValue() - N2: mergeWindowContents ClassCastException改为WARN日志 - K15: windowNamespace使用类名前缀避免namespace碰撞 - N7: emitWindowContents签名改为显式key参数 - N12+N16: snapshot/restore简化为super调用修复key分区和非Serializable ACC - N3: MergingWindowSet.persist()重新接入ListState - N19: instantiateOperators处理TimestampsAndWatermarksTransformation - N22: ValueStateDescriptor传递typeInfo - N23: StreamSourceOperator移除正常完成后的cancel() - N29: KeySelectorPartitioner处理null key和Integer.MIN_VALUE - K10: ChainingOutput side output改为WARN日志 - K4+K6: WindowedStreamImpl标注@Deprecated, 清理注释残留 - N8: getSimpleAccumulator抛UnsupportedOperationException - N20: checkpointExecutorFactory改为实例字段 - N28: SimpleStreamOperatorFactory通过序列化创建新实例 - K11: WindowOperatorTimerService timer从Supplier获取key - N25: MemoryMapState保存descriptor引用 - N26: accumulator标记transient + rebind重建 - N18: KeyedStreamImpl从parentStream获取environment - N9: BatchLoaderSourceFunction loader在finally中关闭 - N10: DebeziumCdcSourceFunction用CountDownLatch替代Thread.sleep - N27/N33: WindowAssignerContext可空标注, watermarkInterval可配置 - K14: JdbcCheckpointStorage标注MySQL only - N41: StreamSinkOperator条件性rollback - K17/K20/K24: TimerService/Configuration/累加器接口标注@Internal/@Deprecated - N21: DataStreamImpl增加TypeInformation重载 - N34: UnknownTypeInformation实现Serializable - N40: DataStreamImpl移除Serializable - K19: 空壳模块pom.xml添加placeholder注释 - N4/N5/N6/N14/N11: 示例代码修复(CEP条件/事件类型/demo stub/用户检查/统一数据源)	13 天前
2026-05-20-deep-audit-nop-nosql-post-plan23	fix(nop-nosql): 审计整改 - 修复38项发现(5 P1, 15 P2, 18 P3) 主要修复: - D14-03: EVALSHA增加EVAL回退,防止Redis重启后Lua脚本失效 - D09-01: 66个.join()调用替换为FutureHelper.syncGet(),正确解包CompletionException - D15-01: INosqlListOperations增加同步方法,与兄弟接口保持一致 - D15-09: forEachEntryAsync不再返回null,防止NPE - D01-01: 移除nop-nosql-core中未使用的nop-dao依赖 - D02-01: 提取AbstractLettuceOperations基类,消除11个实现类的重复代码 - D14-04: LettuceCounter.toLong()捕获NumberFormatException并包装为NopException - D14-06: LettuceRedisConnectionProvider增加生命周期检查 - D03-02/03/05: 增加Javadoc说明非原子操作、Hash过期语义和边界返回值 - D16-03: 增加7个边界条件测试(总计37个测试) - 删除空类LettuceNosqlService和空接口NosqlConstants - 移除AI风格注释,修复import顺序和raw type cast	14 天前
2026-05-21-adversarial-review-nop-stream-design	docs(ai-dev): 新增审计、计划和经验教训 - 对抗性审计：nop-message-pulsar 和 nop-stream-design - 新增 Plan 31: nop-message-pulsar 实现计划 - 经验教训03: Plan Guide 是强制程序 - 2026-05-21 开发日志	12 天前
2026-05-22-adversarial-review-nop-stream-r2	docs: 添加Plan37审计报告、执行计划和开发日志 - adversarial-review-round3.md: Round3对抗性审查21个发现(N73-N93) - 37-nop-stream-round3-critical-fixes.md: 执行计划(全部Phase已完成) - 05-22.md: 更新当日开发日志记录Plan37执行结果	11 天前
2026-05-22-adversarial-review-nop-stream	docs: 添加Plan 35/36计划和审计文档 - Plan 35: nop-stream Window & Watermark测试补充计划（completed） - Plan 36: nop-stream功能补全与测试覆盖计划（completed） - 分析文档: nop-stream vs Flink streaming测试对比 - 审计文档: 对抗性审查报告	11 天前
2026-05-24-adversarial-review-nop-stream-r3	docs: Plan 47/48 设计文档更新 + 对抗性审查 + 计划文档 - 更新 nop-stream 7 个设计文档(graph-model/architecture/core-design/roadmap/comparison/README/design-review) - 移动 design-review.md → ai-dev/analysis/ (历史文档) - 新增 Round 4 对抗性审查报告(N94-N105) - 新增 Plan 43-48 计划文档 - Plan 48 已完成，所有 exit criteria 满足	9 天前
2026-05-25-deep-audit-nop-code-full	docs(nop-code): 深度审计报告、修复计划和开发日志 - 新增ai-dev/audits/2026-05-25-deep-audit-nop-code-full/完整审计报告(20维度78发现) - 新增ai-dev/plans/55-nop-code-deep-audit-remediation.md修复计划(5阶段) - 新增ai-dev/skills/nop-code/审计技能模板 - 更新ai-dev/logs/2026/05-26.md开发日志 - 删除旧版nop-code-audit-prompt.md(已迁移到skills/nop-code/)	8 天前
2026-05-25-deep-audit-nop-stream-full	docs: 新增nop-job设计README、nop-stream深度审计和图分析调研 - 新增nop-job/README.md（调度子系统设计总览） - 新增nop-stream深度审计14个维度报告（依赖图、模块职责、 API面、错误处理、异步事务、类型安全、测试覆盖等） - 新增图分析工具与nop-code对比调研报告	8 天前
2026-05-27-deep-audit-nop-stream-r1	66: nop-stream error handling hardening — fix P1 issues, unify exceptions, English ErrorCodes Phase 1 (P1 fixes): - MalformedPatternException now extends StreamRuntimeException (was RuntimeException) - TwoPhaseCommitSinkFunction.restoreFromEpoch rollback failure now LOG.warn (was silently swallowed) - GraphModelCheckpointExecutor.triggerTerminalSavepoint now throws StreamException on failure Phase 2 (ErrorCode English): - NopStreamErrors: all 10 messages translated from Chinese to English - NopCepErrors: all 3 messages translated from Chinese to English Phase 3 (IllegalStateException unified): - StreamExecutionEnvironment: 9 IllegalStateException → StreamException(ERR_STREAM_INVALID_STATE) - TaskExecutor: 3 IllegalStateException → StreamException - Task/SubtaskTask.closeOperatorChains: closing exceptions now propagate to this.error New tests: TestMalformedPatternException, TestTwoPhaseCommitSinkFunction, TestErrorCodeMessagesEnglish All 307+ tests pass. Closure audit verified. Audit: 7-dimension deep audit (01/02/09/15/16/17) — results in ai-dev/audits/2026-05-27-deep-audit-nop-stream-r1/	1 天前
2026-05-27-deep-audit-nop-stream	64: nop-stream Error Codes, Exception Unification & TypeSerializer Dedup — 93处异常迁移到ErrorCode, 3处RuntimeException替换, TypeSerializer重命名为SimpleSerializer, NFA异常统一, GraphModelCheckpointExecutor日志升级	1 天前
2026-05-28-adversarial-review-nop-stream-r2	chore(ai-dev): 添加nop-stream审计报告和任务状态 - 添加adversarial review第二轮审计报告 - 添加deep audit完整审计报告 - 添加任务状态和运行日志	1 天前
2026-05-28-adversarial-review-nop-stream-r3	docs: Plan 73 P3审计修复完成，更新计划和日志	1 天前
2026-05-28-adversarial-review-nop-stream	chore(ai-dev): add nop-stream audit reports - adversarial review: boundary, API surface, error handling audit - deep audit: dependency graph, module responsibility, error handling analysis	1 天前
2026-05-28-deep-audit-nop-stream-full	docs(ai-dev): 更新nop-stream审计报告和工具脚本	1 天前
2026-05-28-deep-audit-nop-stream	chore(ai-dev): add nop-stream audit reports - adversarial review: boundary, API surface, error handling audit - deep audit: dependency graph, module responsibility, error handling analysis	1 天前
2026-05-29-adversarial-review-nop-code-r2	docs: Plan 73 P3审计修复完成，更新计划和日志	1 天前
2026-05-29-adversarial-review-nop-code-r3	docs: Plan 73 P3审计修复完成，更新计划和日志	1 天前
2026-05-29-adversarial-review-nop-code	docs: Plan 73 P3审计修复完成，更新计划和日志	1 天前
2026-05-29-adversarial-review-nop-stream	docs: Plan 73 P3审计修复完成，更新计划和日志	1 天前
2026-05-29-deep-audit-nop-code-full	docs: Plan 73 P3审计修复完成，更新计划和日志	1 天前
2026-05-29-deep-audit-nop-code	docs: Plan 73 P3审计修复完成，更新计划和日志	1 天前
2026-05-29-deep-audit-nop-stream	docs: Plan 73 P3审计修复完成，更新计划和日志	1 天前
2026-05-30-adversarial-review-nop-stream-r10	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-30-adversarial-review-nop-stream-r11	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-30-adversarial-review-nop-stream-r12	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-30-adversarial-review-nop-stream-r13	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-30-adversarial-review-nop-stream	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-30-deep-audit-nop-stream-full	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-30-deep-audit-nop-stream	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-31-adversarial-review-nop-code-r4	docs: 更新Plan #92状态为completed，添加每日开发日志	1 天前
2026-05-31-adversarial-review-nop-code	fix(nop-code): Phase 1 security - detectFlows @BizMutation, @Auth for sourceCode methods - 07-01: Change detectFlows from @BizQuery to @BizMutation (writes DB) - 13-01: Add @Auth(code-source-read) to SymbolBizModel showSymbol/sourceCode/searchCode - 13-02: Add @Auth(code-source-read) to FileBizModel sourceCode BizLoader - Update TestNopCodeFlowBizModel to use rpcMutation for detectFlows	1 天前
2026-05-31-adversarial-review-nop-stream-r16	docs(audit): 更新nop-stream对抗性审查报告 - 精简open findings报告 - 新增r9和r16轮次审查结果	1 天前
2026-05-31-adversarial-review-nop-stream-r6	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-31-adversarial-review-nop-stream-r7	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-31-adversarial-review-nop-stream-r8	fix(nop-stream): Phase 1 - unify CEP error handling (09-01~09-06) Replace NopException.adapt() with StreamException/MalformedPatternException + ErrorCode in SharedBuffer(7), CepOperator(3), SharedBufferAccessor(1), CepPatternBuilder(1). Replace bare IllegalStateException with MalformedPatternException in NFACompiler(1) and StreamException in NoSkipStrategy(2). All 360 tests pass.	1 天前
2026-05-31-adversarial-review-nop-stream-r9	docs(audit): 更新nop-stream对抗性审查报告 - 精简open findings报告 - 新增r9和r16轮次审查结果	1 天前
2026-05-31-adversarial-review-nop-stream	docs(audit): 更新nop-stream对抗性审查报告 - 精简open findings报告 - 新增r9和r16轮次审查结果	1 天前
2026-05-31-deep-audit-nop-code-full	docs: 更新Plan #92状态为completed，添加每日开发日志	1 天前
2026-05-31-deep-audit-nop-code	fix(nop-code): Phase 1 security - detectFlows @BizMutation, @Auth for sourceCode methods - 07-01: Change detectFlows from @BizQuery to @BizMutation (writes DB) - 13-01: Add @Auth(code-source-read) to SymbolBizModel showSymbol/sourceCode/searchCode - 13-02: Add @Auth(code-source-read) to FileBizModel sourceCode BizLoader - Update TestNopCodeFlowBizModel to use rpcMutation for detectFlows	1 天前
2026-05-31-deep-audit-nop-stream-full	docs(audit): 更新nop-stream完整深度审查报告 - 精简各章节冗余内容 - 新增ORM/API/安全/测试综合分析摘要 - 更新汇总报告	1 天前
2026-05-31-deep-audit-nop-stream	docs(audit): 更新nop-stream深度审查报告 - 新增ORM模型、代码生成管线、Delta定制等章节 - 精简错误处理、类型安全、测试覆盖等章节 - 更新汇总报告	1 天前
2026-06-01-adversarial-review-nop-code-r5	docs: 更新Plan #92状态为completed，添加每日开发日志	1 天前
2026-06-01-adversarial-review-nop-code-r6	docs: 更新审计报告 - adversarial-review更新开放发现项和摘要 - deep-audit各维度审查报告更新 - 新增r6和06-02轮次审计记录	1 天前
2026-06-01-adversarial-review-nop-code	docs: 更新审计报告 - adversarial-review更新开放发现项和摘要 - deep-audit各维度审查报告更新 - 新增r6和06-02轮次审计记录	1 天前
2026-06-01-deep-audit-nop-code-full	docs: 更新Plan #92状态为completed，添加每日开发日志	1 天前
2026-06-01-deep-audit-nop-code	docs: 更新审计报告 - adversarial-review更新开放发现项和摘要 - deep-audit各维度审查报告更新 - 新增r6和06-02轮次审计记录	1 天前
2026-06-02-adversarial-review-nop-code	docs: 更新审计报告 - adversarial-review更新开放发现项和摘要 - deep-audit各维度审查报告更新 - 新增r6和06-02轮次审计记录	1 天前
2026-06-02-adversarial-review-nop-stream	docs(audit): 添加nop-stream和nop-job审计报告及修复计划 - 新增nop-stream对抗性审查和深度审计报告 - 新增nop-job对抗性审查和深度审计报告 - 新增审计修复计划103	3 小时前
2026-06-02-deep-audit-nop-stream	docs(audit): 添加nop-stream和nop-job审计报告及修复计划 - 新增nop-stream对抗性审查和深度审计报告 - 新增nop-job对抗性审查和深度审计报告 - 新增审计修复计划103	3 小时前
2026-06-03-adversarial-review-nop-job	docs(audit): 添加nop-stream和nop-job审计报告及修复计划 - 新增nop-stream对抗性审查和深度审计报告 - 新增nop-job对抗性审查和深度审计报告 - 新增审计修复计划103	3 小时前
2026-06-03-deep-audit-nop-job	docs(audit): 添加nop-stream和nop-job审计报告及修复计划 - 新增nop-stream对抗性审查和深度审计报告 - 新增nop-job对抗性审查和深度审计报告 - 新增审计修复计划103	3 小时前
README.md	docs: 修复 ai-dev README 中的入口文件路径引用 - ai-dev/README.md 入口文件路径加目录前缀（如 00-log-writing-guide.md → logs/00-log-writing-guide.md） - ai-dev/audits/README.md 审计 prompt 路径加 skills/ 前缀	1 天前
nop-code-audit-2026-05-05.md	docs(ai-dev): 重构计划文档和代码审计流程 - 新增代码审计报告: nop-code-audit-2026-05-05.md - 重构计划编写指南，规范化Phase/Step结构 - 简化审计prompt，减少冗余内容 - 添加审计输出模板和检查清单	23 天前
nop-code-audit-2026-05-10.md	fix(code-service): 使用CoreMetrics替代System.currentTimeMillis()，支持可测试时钟	23 天前

审计记录

ai-dev/audits/ 存放代码和设计文档的审计记录。审计使用 ai-dev/skills/ 下的 prompt 模板驱动。

目录命名规范

ai-dev/audits/
├── YYYY-MM-DD-{type}-{module}/        # 深度审计（含多份报告）
│   ├── summary.md                     # 总体发现摘要
│   ├── {detail-report}.md             # 分项报告
│   └── ...
├── YYYY-MM-DD-{type}-{module}.md      # 独立审计记录
└── README.md

{type}: deep-audit / adversarial-review / plan-closure-audit
{module}: 被审计的模块名（如 nop-stream、nop-job）

与 skills 的关系

审计 prompt 模板定义在 ai-dev/skills/：

Prompt	审计类型
`skills/deep-audit-prompts.md`	多维度深度审计
`skills/open-ended-adversarial-review-prompt.md`	开放式对抗审查
`skills/plan-closure-audit-prompt.md`	计划结项审计
`skills/plan-reviewer-prompt.md`	计划实施前审计

这些 prompt 是方法论模板，审计记录是执行结果。Prompt 不含业务内容，审计记录包含具体的发现和建议。

与 plans 的关系

审计发现如果需要修复，应创建对应的 plan（ai-dev/plans/），在 plan 中引用审计记录作为 baseline。

写作规则

审计记录必须包含 summary.md（或独立文件的摘要段落）。
每条发现标注严重程度（P0/P1/P2/P3）和建议修复方向。
审计记录是证据层，不是规范性文档。规范修复应同步到 docs-for-ai/ 或 ai-dev/design/。