| Add WASM plugin system and startup plugin loading - Add plugin lifecycle commands for load, unload, list, and status. - Add WASM and WIT component plugin runtimes for observation consumers and control deciders. - Add builtin otel-jsonl observation consumer as an explicit plugin instead of default live export. - Add startup plugin load configuration with fail-fast/continue failure policy. - Add command, network, and graylist control plugin integration. - Add plugin ABI crate, host grants, hostcall limits, and plugin config validation. - Add plugin examples, Chinese operator docs, ABI docs, and example README files. - Add plugin E2E scenarios for builtin, WASM, WIT component, lifecycle, persistent load, validation, command, network, and graylist flows. - Add upstream master changelog generation script and generated initial changelog files. - Improve TLS/HTTP capture summaries, agent regression coverage, and related UI insight display. Co-Authored-By: GPT-5.5 | 22 天前 |
| fix: harden perf decoding and daemon startup Co-Authored-By: gpt-5.6-sol | 5 天前 |
| !51 fix: harden container launch permission checks From: @charlotteli Reviewed-by: @yaozhenhe See merge request: openeuler/AcTrail!51 | 13 天前 |
| fix: harden perf decoding and daemon startup Co-Authored-By: gpt-5.6-sol | 5 天前 |
| Improve TLS capture runtime and LLM codec plugins - Add WASM LLM codec ABI/runtime support, Qoder/noop plugin fixtures, and Chinese operator docs. - Harden TLS payload sync across launch dependency resolution, mount namespaces, wrapped musl targets, and AArch64 trampoline relocation. - Refactor probe runtime flow control for HTTP/1, HTTP/2, text payload bounds, loader execution, and unwind stubs. - Tighten LLM projection parsing for codec overrides, reasoning token details, and bounded request/response body summaries. - Expand E2E coverage for multi-libc wrappers, namespaced TLS lookup, polluted env wrappers, TLS flow reset, and xiaoo scenarios. - Update install/build scripts, runtime dependency checks, web insight limits, and README/docs references. Co-Authored-By: GPT-5.5 | 9 天前 |
| Unify process identity and harden launch readiness - Unify logical process identity across collector ingestion, trace membership, storage, export, semantic lineage, and process-tree reconciliation. - Keep lifecycle collection free of exec-time procfs enrichment and preserve namespace-native TLS identity observations. - Refactor process and real-agent E2E helpers around logical identities, action snapshots, and concurrent launch sessions. - Add a daemon control-plane TLS launch-plan query and cache, with ctl diagnostics and timing, so repeated launches avoid local rescans. - Add per-profile daemon startup host-eBPF load preflight and use verified readiness for launch permission selection. - Bound direct socket payload capture for verifier-safe eBPF loading and retain staged preflight verification. Co-Authored-By: GPT-5.5 | 6 天前 |
| fix: harden perf decoding and daemon startup Co-Authored-By: gpt-5.6-sol | 5 天前 |
| Unify process identity and harden launch readiness - Unify logical process identity across collector ingestion, trace membership, storage, export, semantic lineage, and process-tree reconciliation. - Keep lifecycle collection free of exec-time procfs enrichment and preserve namespace-native TLS identity observations. - Refactor process and real-agent E2E helpers around logical identities, action snapshots, and concurrent launch sessions. - Add a daemon control-plane TLS launch-plan query and cache, with ctl diagnostics and timing, so repeated launches avoid local rescans. - Add per-profile daemon startup host-eBPF load preflight and use verified readiness for launch permission selection. - Bound direct socket payload capture for verifier-safe eBPF loading and retain staged preflight verification. Co-Authored-By: GPT-5.5 | 6 天前 |
| update version to v0.1.2 Co-Authored-By: GPT-5.5 | 1 个月前 |
| Improve TLS capture runtime and LLM codec plugins - Add WASM LLM codec ABI/runtime support, Qoder/noop plugin fixtures, and Chinese operator docs. - Harden TLS payload sync across launch dependency resolution, mount namespaces, wrapped musl targets, and AArch64 trampoline relocation. - Refactor probe runtime flow control for HTTP/1, HTTP/2, text payload bounds, loader execution, and unwind stubs. - Tighten LLM projection parsing for codec overrides, reasoning token details, and bounded request/response body summaries. - Expand E2E coverage for multi-libc wrappers, namespaced TLS lookup, polluted env wrappers, TLS flow reset, and xiaoo scenarios. - Update install/build scripts, runtime dependency checks, web insight limits, and README/docs references. Co-Authored-By: GPT-5.5 | 9 天前 |
| Unify process identity and harden launch readiness - Unify logical process identity across collector ingestion, trace membership, storage, export, semantic lineage, and process-tree reconciliation. - Keep lifecycle collection free of exec-time procfs enrichment and preserve namespace-native TLS identity observations. - Refactor process and real-agent E2E helpers around logical identities, action snapshots, and concurrent launch sessions. - Add a daemon control-plane TLS launch-plan query and cache, with ctl diagnostics and timing, so repeated launches avoid local rescans. - Add per-profile daemon startup host-eBPF load preflight and use verified readiness for launch permission selection. - Bound direct socket payload capture for verifier-safe eBPF loading and retain staged preflight verification. Co-Authored-By: GPT-5.5 | 6 天前 |
| Unify process identity and harden launch readiness - Unify logical process identity across collector ingestion, trace membership, storage, export, semantic lineage, and process-tree reconciliation. - Keep lifecycle collection free of exec-time procfs enrichment and preserve namespace-native TLS identity observations. - Refactor process and real-agent E2E helpers around logical identities, action snapshots, and concurrent launch sessions. - Add a daemon control-plane TLS launch-plan query and cache, with ctl diagnostics and timing, so repeated launches avoid local rescans. - Add per-profile daemon startup host-eBPF load preflight and use verified readiness for launch permission selection. - Bound direct socket payload capture for verifier-safe eBPF loading and retain staged preflight verification. Co-Authored-By: GPT-5.5 | 6 天前 |
| Integrate local dev observability features - Expand eBPF file observation with path capture, bulk read events, and transport-loss containment. - Harden controlled launch, daemon live reconciliation, identity, TLS sync, and control runtime lifecycle handling. - Add web trace and token statistics workspaces with stats API, storage schema, and visualization components. - Extend HTTP/HTTPS, file scan, file writev, transport-loss, performance, and docs example E2E coverage. Co-Authored-By: GPT-5.5 | 17 天前 |
| Integrate TLS payload capture and tls-sync backend Add probe-point finder, sync runtime launch support with aarch64 native hooks, full-monitor validation config, and Mulan PSL license metadata. | 1 个月前 |
| Unify process identity and harden launch readiness - Unify logical process identity across collector ingestion, trace membership, storage, export, semantic lineage, and process-tree reconciliation. - Keep lifecycle collection free of exec-time procfs enrichment and preserve namespace-native TLS identity observations. - Refactor process and real-agent E2E helpers around logical identities, action snapshots, and concurrent launch sessions. - Add a daemon control-plane TLS launch-plan query and cache, with ctl diagnostics and timing, so repeated launches avoid local rescans. - Add per-profile daemon startup host-eBPF load preflight and use verified readiness for launch permission selection. - Bound direct socket payload capture for verifier-safe eBPF loading and retain staged preflight verification. Co-Authored-By: GPT-5.5 | 6 天前 |