Beaver/beaver_project
6
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: 重命名项目为Boardware Genius并添加运行时环境同步功能

Browse Source 
- 将项目品牌从nanobot重命名为Boardware Genius,更新所有相关文档、注释和日志输出
- 在web服务器中添加运行时环境变量同步功能,支持授权和后端身份配置
- 更新create-instance脚本以生成运行时环境文件
- 添加实例后端绑定功能到部署控制服务
- 修改入口脚本以加载运行时环境变量
- 更新前端和认证门户的相关描述文本
This commit is contained in:
steven_li
2026-03-18 15:45:42 +08:00
parent b6dd0c1623
commit 4e45f8b717
36 changed files with 315 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app-instance/backend/SECURITY.md
View File

@ -2,7 +2,7 @@
## Reporting a Vulnerability
If you discover a security vulnerability in nanobot, please report it by:
If you discover a security vulnerability in Boardware Genius, please report it by:
1. **DO NOT** open a public GitHub issue
2. Create a private security advisory on GitHub or contact the repository maintainers (xubinrencs@gmail.com)
@ -67,7 +67,7 @@ The `exec` tool can execute shell commands. While dangerous command patterns are
- ✅ Review all tool usage in agent logs
- ✅ Understand what commands the agent is running
- ✅ Use a dedicated user account with limited privileges
- ✅ Never run nanobot as root
- ✅ Never run Boardware Genius as root
- ❌ Don't disable security checks
- ❌ Don't run on systems with sensitive data without careful review
@ -82,7 +82,7 @@ The `exec` tool can execute shell commands. While dangerous command patterns are
File operations have path traversal protection, but:
- ✅ Run nanobot with a dedicated user account
- ✅ Run Boardware Genius with a dedicated user account
- ✅ Use filesystem permissions to protect sensitive directories
- ✅ Regularly audit file operations in logs
- ❌ Don't give unrestricted access to sensitive files
@ -123,7 +123,7 @@ npm audit fix
- Keep `litellm` updated to the latest version for security fixes
- We've updated `ws` to `>=8.17.1` to fix DoS vulnerability
- Run `pip-audit` or `npm audit` regularly
- Subscribe to security advisories for nanobot and its dependencies
- Subscribe to security advisories for Boardware Genius and its dependencies
### 7. Production Deployment
@ -238,7 +238,7 @@ If you suspect a security breach:
## Security Checklist
Before deploying nanobot:
Before deploying Boardware Genius:
- [ ] API keys stored securely (not in code)
- [ ] Config file permissions set to 0600