Skip to content

架构设计#162

Open
Lwwww1 wants to merge 10 commits into1024XEngineer:mainfrom
Lwwww1:patch-2
Open

架构设计#162
Lwwww1 wants to merge 10 commits into1024XEngineer:mainfrom
Lwwww1:patch-2

Conversation

@Lwwww1
Copy link
Copy Markdown
Collaborator

@Lwwww1 Lwwww1 commented Apr 11, 2026

No description provided.

fennoai[bot]
fennoai Bot reviewed Apr 11, 2026
View reviewed changes
Copy link
Copy Markdown

@fennoai fennoai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Found 3 noteworthy issues in this PR:

  1. New .go interface docs under docs/bytemind-architecture/*/interface.go currently do not compile.
  2. Policy decision-priority documentation is internally inconsistent.
  3. Storage/audit ownership is inconsistent between overview and module docs.

Please address these to keep the architecture docs executable/consistent.

Comment thread docs/bytemind-architecture/agent/interface.go
Comment thread docs/bytemind-architecture/policy/README.md Outdated
- `SensitiveFileGuard`:敏感文件读取防护。

## 4. 决策优先级
`explicit deny > explicit allow > risk rule > mode default > fallback ask`
Copy link
Copy Markdown

@fennoai fennoai Bot Apr 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This priority order conflicts with the top-level architecture doc (docs/bytemind-architecture/README.md:204). The two versions disagree on both hard_deny existence and the ordering of risk_rule vs explicit_allow, which changes enforcement semantics. Please define one canonical order and reuse it everywhere.

Comment thread docs/bytemind-architecture/storage/README.md
@Nomikfk1215
Copy link
Copy Markdown
Collaborator

Nomikfk1215 commented Apr 13, 2026

@xgopilot 我看了 docs/bytemind-architecture/README.md 这个:
1.子代理这部分:异步后台子代理和worktree部分是不是很难做
2.tools五层权限:五层权限是全做吗 还有这个bypasspermission
3.每个工具都统一事件流,是不是太复杂了
4.每条记录都强一直落盘是不是有问题

@fennoai
Copy link
Copy Markdown

fennoai Bot commented Apr 13, 2026
edited
Loading

结论(针对你提的 4 个点)

  1. 子代理(异步后台 + worktree)
    是难点,尤其是“异步归并 + 隔离工作区”这两块。当前文档把它放在 runtimedocs/bytemind-architecture/README.md:172docs/bytemind-architecture/runtime/README.md:10docs/bytemind-architecture/runtime/interface.go:29),建议分阶段:
  • Phase 1:只做同步子代理(Spawn + Wait),不做后台归并、不做 worktree。
  • Phase 2:再加 BackgroundCollectBackground
  • Phase 3:最后上 IsolatedWorktree,并加资源配额和冲突策略。
  1. tools 五层权限要不要全做?bypassPermissions 怎么办?
    不建议一次性全做。可以按“最小可用安全闭环”先落 3 层:
  • 必做:会话模式层、工具白黑名单层、路径/命令层(README.md:203-208
  • 后做:风险层细分、工具级策略细化
    bypassPermissions 必须保留“受控”语义(README.md:204policy/interface.go:20):只允许在受信场景开启,且仍保留 hard deny(敏感文件/高危命令/越界路径不能绕过)。
  1. 每个工具统一事件流会不会太复杂?
    统一事件流本身是必要复杂度,不建议取消(README.md:198tools/README.md:11tools/interface.go:60)。建议控制复杂度的方法是:
  • 工具层只强制 result/error
  • start/chunk 设为可选
  • Executor 做统一封装,工具作者只填最小事件
    这样能保留可观测和回放能力,同时降低实现负担。
  1. 每条记录都强制落盘是否有问题?
    有性能风险,特别是高频 chunk 事件。文档目前是“单记录原子落盘 + append-only”(README.md:227-233storage/README.md:24-26),建议拆级:
  • 强一致落盘:权限决策、任务状态变化、最终结果、审计关键事件(README.md:236-237
  • 弱一致/批量:中间 chunk/log(按阈值或时间窗口批量 flush)
  • 崩溃恢复靠 event_id 去重(storage/interface.go:57

额外提醒

当前文档内有一处优先级冲突,建议先统一:

  • 总览写的是 hard_deny > explicit_deny > risk_rule > explicit_allow ...README.md:211
  • policy 子文档写的是 explicit deny > explicit allow > risk rule ...policy/README.md:25
    这会直接影响 bypassPermissions 和风险规则的真实行为。

本次处理范围

  • 已完成:基于 PR 文档逐条回答你的 4 个问题,并给出可落地分阶段方案。
  • 未执行:未修改代码/文档。

View job run

520wheat
520wheat reviewed Apr 13, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@520wheat 520wheat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

补充一次任务流程图、core层的职责、agent读取session快照的补充解释

Comment thread docs/bytemind-architecture/README.md

### 10.1 单代理主闭环
1. 用户提交消息到 `agent`。
2. `agent` 读取 `session` 快照。
Copy link
Copy Markdown
Collaborator

@520wheat 520wheat Apr 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agent在处理这次的新提交时,需要先拿到该会话的“完整状态”(历史消息,build/plan模式,计划进行状态,元数据……)。
agent用来继续上下文,而不是将每次请求作为新对话,即使程序重启,也能从持久化状态恢复,不丢上下文

Comment thread docs/bytemind-architecture/README.md

### core
- 做:跨模块共享基础类型(SessionID/TaskID/Role/Decision/RiskLevel/TaskStatus)与通用错误契约。
- 不做:业务流程、模块专属请求结构、具体实现。
Copy link
Copy Markdown
Collaborator

@520wheat 520wheat Apr 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

这一层主要记录一些统一的契约规范
任务状态码均为:pending/running/completed/failed/killed
权限决策值:allow/deny/ask
……

Comment thread docs/bytemind-architecture/README.md
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 13, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@Lwwww1
Revise architecture diagram and user flow
7d7df96 
Updated the architecture diagram and added user interactions.
@Nomikfk1215 Nomikfk1215 mentioned this pull request Apr 13, 2026
Closed
@Nomikfk1215 Nomikfk1215 added the documentation Improvements or additions to documentation label Apr 13, 2026
This was referenced Apr 14, 2026
Closed
Closed
This was referenced Apr 15, 2026
Closed
Closed
Closed
Closed
Closed
Closed
Closed
@Nomikfk1215 Nomikfk1215 mentioned this pull request Apr 16, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fennoai fennoai[bot] fennoai[bot] left review comments

+1 more reviewer

@520wheat 520wheat 520wheat left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

documentation Improvements or additions to documentation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Lwwww1 @Nomikfk1215 @520wheat