TradingAgents

Commit Graph

Author	SHA1	Message	Date
陈少杰	4f88c4c6c2	Unblock PR review by removing portability and secret-handling regressions The open review threads on this branch were all grounded in real issues: a committed API key in handover docs, Unix-only locking and timeout mechanisms, synchronous network I/O inside an async API path, and missing retry/session reuse on market-data calls. This change removes the leaked credential from the tracked docs, makes the portfolio and profiling paths portable across platforms, moves live price fetches off the event loop, and reuses the existing yfinance retry/session helpers where the review called for them. While verifying these fixes, the branch also failed to import parts of the TradingAgents graph because two utility modules referenced by the new code were absent. I restored those utilities with minimal implementations so the relevant regression tests and import graph work again in this PR. Constraint: No new dependencies; portability fixes had to stay in the standard library Rejected: Add portalocker or filelock \| unnecessary new dependency for a small compatibility gap Rejected: Keep signal.alarm and fcntl as Unix-only behavior \| leaves the reported review blockers unresolved Confidence: medium Scope-risk: moderate Reversibility: clean Directive: Keep shared runtime paths cross-platform and keep async handlers free of direct blocking network I/O Tested: python -m pytest -q web_dashboard/backend/tests/test_portfolio_api.py orchestrator/tests/test_quant_runner.py orchestrator/tests/test_profile_stage_chain.py tradingagents/tests/test_stockstats_utils.py Tested: python -m pytest -q orchestrator/tests/test_trading_graph_config.py tradingagents/tests/test_research_guard.py Not-tested: Full repository test suite and GitHub-side post-push checks	2026-04-17 10:50:47 +08:00
陈少杰	d86b805c12	Make backend task and recommendation APIs contract-first by default Phase 2 moves the dashboard off raw task-state leakage and onto stable public projections. Task status, task listings, progress websocket events, and portfolio recommendation reads now load persisted contracts when available, expose a contract-first envelope, and keep legacy fields inside a compat block instead of smearing them across top-level payloads. Constraint: existing task-status JSON and recommendation files must continue to read successfully during migration Rejected: return raw task_results directly from API and websocket \| keeps legacy fields as the public contract and blocks cutover Rejected: rewrite stored recommendation files in-place \| adds risky migration work before rollout gates exist Confidence: high Scope-risk: moderate Reversibility: clean Directive: keep public payload shaping in job/result-store projections, not in ad-hoc route logic Tested: python -m pytest web_dashboard/backend/tests/test_executors.py web_dashboard/backend/tests/test_services_migration.py web_dashboard/backend/tests/test_api_smoke.py web_dashboard/backend/tests/test_main_api.py web_dashboard/backend/tests/test_portfolio_api.py -q Tested: python -m pytest orchestrator/tests/test_application_service.py orchestrator/tests/test_trading_graph_config.py -q Tested: python -m compileall orchestrator tradingagents web_dashboard/backend Not-tested: legacy frontend rendering against new compat-wrapped task payloads Not-tested: real websocket clients and provider-backed end-to-end analysis	2026-04-14 00:26:28 +08:00
Shaojie	7d8f7b5ae0	fix: add security tests + fix Header import (#4 ) * fix: add API key auth, pagination, and configurable CORS to dashboard API Security hardening: - API key authentication via X-API-Key header on all endpoints (opt-in: set DASHBOARD_API_KEY or ANTHROPIC_API_KEY env var to enable) If no key is set, endpoints remain open (backward-compatible) - WebSocket auth via ?api_key= query parameter - CORS now configurable via CORS_ORIGINS env var (default: allow all) Pagination (all list endpoints): - GET /api/reports/list — limit/offset with total count - GET /api/portfolio/recommendations — limit/offset with total count - DEFAULT_PAGE_SIZE=50, MAX_PAGE_SIZE=500 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * test: add tests for critical security fixes in dashboard API - remove_position: empty position_id must be rejected (mass deletion fix) - get_recommendation: path traversal blocked for ticker/date inputs - get_recommendations: pagination limit/offset works correctly - Named constants verified: semaphore, pagination, retry values - API key auth: logic tested for both enabled/disabled states - _auth_error helper exists for 401 responses 15 tests covering: mass deletion, path traversal (2 vectors), pagination, auth logic, magic number constants Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-07 19:01:02 +08:00

Author

SHA1

Message

Date

陈少杰

4f88c4c6c2

Unblock PR review by removing portability and secret-handling regressions

The open review threads on this branch were all grounded in real issues:
a committed API key in handover docs, Unix-only locking and timeout
mechanisms, synchronous network I/O inside an async API path, and missing
retry/session reuse on market-data calls. This change removes the leaked
credential from the tracked docs, makes the portfolio and profiling paths
portable across platforms, moves live price fetches off the event loop,
and reuses the existing yfinance retry/session helpers where the review
called for them.

While verifying these fixes, the branch also failed to import parts of the
TradingAgents graph because two utility modules referenced by the new code
were absent. I restored those utilities with minimal implementations so the
relevant regression tests and import graph work again in this PR.

Constraint: No new dependencies; portability fixes had to stay in the standard library
Rejected: Add portalocker or filelock | unnecessary new dependency for a small compatibility gap
Rejected: Keep signal.alarm and fcntl as Unix-only behavior | leaves the reported review blockers unresolved
Confidence: medium
Scope-risk: moderate
Reversibility: clean
Directive: Keep shared runtime paths cross-platform and keep async handlers free of direct blocking network I/O
Tested: python -m pytest -q web_dashboard/backend/tests/test_portfolio_api.py orchestrator/tests/test_quant_runner.py orchestrator/tests/test_profile_stage_chain.py tradingagents/tests/test_stockstats_utils.py
Tested: python -m pytest -q orchestrator/tests/test_trading_graph_config.py tradingagents/tests/test_research_guard.py
Not-tested: Full repository test suite and GitHub-side post-push checks

2026-04-17 10:50:47 +08:00

陈少杰

d86b805c12

Make backend task and recommendation APIs contract-first by default

Phase 2 moves the dashboard off raw task-state leakage and onto stable public projections. Task status, task listings, progress websocket events, and portfolio recommendation reads now load persisted contracts when available, expose a contract-first envelope, and keep legacy fields inside a compat block instead of smearing them across top-level payloads.

Constraint: existing task-status JSON and recommendation files must continue to read successfully during migration
Rejected: return raw task_results directly from API and websocket | keeps legacy fields as the public contract and blocks cutover
Rejected: rewrite stored recommendation files in-place | adds risky migration work before rollout gates exist
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: keep public payload shaping in job/result-store projections, not in ad-hoc route logic
Tested: python -m pytest web_dashboard/backend/tests/test_executors.py web_dashboard/backend/tests/test_services_migration.py web_dashboard/backend/tests/test_api_smoke.py web_dashboard/backend/tests/test_main_api.py web_dashboard/backend/tests/test_portfolio_api.py -q
Tested: python -m pytest orchestrator/tests/test_application_service.py orchestrator/tests/test_trading_graph_config.py -q
Tested: python -m compileall orchestrator tradingagents web_dashboard/backend
Not-tested: legacy frontend rendering against new compat-wrapped task payloads
Not-tested: real websocket clients and provider-backed end-to-end analysis

2026-04-14 00:26:28 +08:00

Shaojie

7d8f7b5ae0

fix: add security tests + fix Header import (#4 )

* fix: add API key auth, pagination, and configurable CORS to dashboard API

Security hardening:
- API key authentication via X-API-Key header on all endpoints
  (opt-in: set DASHBOARD_API_KEY or ANTHROPIC_API_KEY env var to enable)
  If no key is set, endpoints remain open (backward-compatible)
- WebSocket auth via ?api_key= query parameter
- CORS now configurable via CORS_ORIGINS env var (default: allow all)

Pagination (all list endpoints):
- GET /api/reports/list — limit/offset with total count
- GET /api/portfolio/recommendations — limit/offset with total count
- DEFAULT_PAGE_SIZE=50, MAX_PAGE_SIZE=500

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* test: add tests for critical security fixes in dashboard API

- remove_position: empty position_id must be rejected (mass deletion fix)
- get_recommendation: path traversal blocked for ticker/date inputs
- get_recommendations: pagination limit/offset works correctly
- Named constants verified: semaphore, pagination, retry values
- API key auth: logic tested for both enabled/disabled states
- _auth_error helper exists for 401 responses

15 tests covering: mass deletion, path traversal (2 vectors),
pagination, auth logic, magic number constants

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-07 19:01:02 +08:00

3 Commits