b4b7cd7d0f
feat(authz): remove SystemPlatform scope + permission-trie walk (Galaxy resolves via Equipment)
2026-06-12 21:54:28 -04:00
95be607a07
feat(opcua): remove SystemPlatform-mirror GalaxyTags contract end-to-end (composer+applier+artifact, byte-parity)
2026-06-12 21:45:19 -04:00
5dfb797817
refactor(adminui): strip alias/relay machinery from UnsTreeService + EquipmentPage; Galaxy tags use standard TagModal
2026-06-12 21:28:13 -04:00
e2c6c15ae0
feat(opcua): remove SystemPlatform mirror producer + Galaxy exception from Phase7Composer
2026-06-12 21:17:39 -04:00
499c9b9165
feat(validation): allow GalaxyMxGateway under Equipment; rename Galaxy-tag FullName check
2026-06-12 21:11:06 -04:00
6218512365
fix(historian-sidecar): don't wedge the TCP listener when Start() bind fails
...
v2-ci / build (push) Failing after 46s
v2-ci / unit-tests (tests/Core/ZB.MOM.WW.OtOpcUa.Cluster.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.ControlPlane.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.Runtime.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.Security.Tests) (push) Has been skipped
v2-ci / integration (tests/Server/ZB.MOM.WW.OtOpcUa.Host.IntegrationTests) (push) Has been skipped
v2-ci / integration (tests/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer.IntegrationTests) (push) Has been skipped
Live verification on a Windows VM surfaced a crash loop: TcpFrameServer.EnsureListening
assigned _listener = new TcpListener(...) BEFORE calling Start(). When Start() throws —
e.g. the port is in a Windows excluded/reserved range (WSAEACCES) or already in use — the
field was left non-null-but-unstarted, so the `if (_listener is not null) return` guard
permanently skipped re-Start() and every subsequent AcceptTcpClientAsync() threw the
misleading InvalidOperationException "Not listening" → 20 failures → exit 2 → NSSM restart
→ loop. Now _listener is assigned only after Start() succeeds, so a transient bind failure
is retried and a permanent one surfaces the real bind error each iteration. Adds a
regression test that forces a bind conflict and asserts the SocketException persists.
2026-06-12 13:02:22 -04:00
fcf84adbad
fix(historian-client): cancellable TLS client handshake + default-fields test (review)
2026-06-12 12:13:04 -04:00
d4ecc9138f
feat(adminui): historian TCP-connect probe + TLS form fields
2026-06-12 12:07:06 -04:00
72f32045a4
refactor(historian): remove named-pipe transport
2026-06-12 11:51:53 -04:00
6104eaba60
test(historian-client): TCP-ify FakeSidecarServer + client tests
2026-06-12 11:46:47 -04:00
ac12633087
feat(historian-client): default ctor dials TCP
2026-06-12 11:37:42 -04:00
706077f02f
feat(historian-sidecar): TCP bootstrap + env, drop allowed-SID
2026-06-12 11:34:06 -04:00
999e58c605
fix(historian-sidecar): cancel SocketException guard + version-reject log + TLS test (review)
2026-06-12 11:31:04 -04:00
6e152047eb
feat(historian-client): TCP connect factory + FrameChannel rename
2026-06-12 11:21:28 -04:00
7ce7505a36
feat(historian-host): bind TCP host/port/tls config
2026-06-12 11:19:46 -04:00
3528702185
feat(historian-sidecar): TcpFrameServer (TCP + optional TLS)
2026-06-12 11:16:28 -04:00
35ac0b8c4e
feat(historian-client): add TCP/TLS options fields
2026-06-12 11:14:36 -04:00
57355405a6
chore(security): drop dead audit suppressions; patch OpenTelemetry + Tmds.DBus CVEs
...
All five suppressed advisories are now resolved at baseline/resolved versions,
so every NuGetAuditSuppress is removed repo-wide:
- System.Security.Cryptography.Xml (GHSA-37gx-xxp4-5rgx / GHSA-w3x6-4m5h-cxqf)
-> fixed by the .NET 10 baseline (10.0.6)
- OPCFoundation Opc.Ua.Core (GHSA-h958-fxgg-g7w3) -> fixed at resolved 1.5.378.106
Two were still live and are now patched via direct security pins:
- OpenTelemetry.Api 1.9.0 -> 1.15.3 (GHSA-g94r-2vxg-569j) pinned in Cluster;
Runtime/ControlPlane/AdminUI + tests inherit via project reference
- Tmds.DBus.Protocol 0.20.0 -> 0.21.3 (GHSA-xrw6-gwf8-vvr9) pinned in Client.UI
Also correct the Historian sidecar runtime comments (x86 -> x64, matching the
csproj PlatformTarget). Solution audit: 0 vulnerable packages; full build clean.
2026-06-12 09:03:42 -04:00
d19271fff8
fix(adminui): converter skips name-collisions + disabled relays (review)
2026-06-11 21:44:19 -04:00
943bc5f709
feat(adminui): ConvertRelayVirtualTagsToAliasesAsync (relay VTag -> alias Tag)
2026-06-11 21:32:43 -04:00
fe068652b3
fix(adminui): alias update pins invariants + LoadAliasTagAsync + null-driver guard (review)
2026-06-11 21:25:06 -04:00
9f13101896
feat(validation): require TagConfig.FullName on Galaxy alias tags; reframe Tag doc
2026-06-11 21:21:32 -04:00
53116bdd83
feat(adminui): CreateAliasTagAsync/UpdateAliasTagAsync + Galaxy-gateway guard
2026-06-11 21:17:45 -04:00
fcc73ccd2d
fix(adminui): null Source for alias rows without a FullName (review nits)
2026-06-11 21:12:52 -04:00
bc9e83ed9f
feat(composer): admit GalaxyMxGateway-backed equipment alias tags (+byte-parity)
2026-06-11 21:10:21 -04:00
4b4738a891
feat(adminui): alias DTO + Galaxy gateway lookup + Source/IsAlias on tag rows
2026-06-11 21:05:02 -04:00
2ba2f8a899
feat(commons): TryParseRelayBody — detect pure ctx.GetTag relay scripts
2026-06-11 20:59:10 -04:00
80b19d6fc8
chore(uns): create-redirect null guard + alarm isolation test + alarm-authoring doc (final review)
2026-06-11 15:23:06 -04:00
f1c4392b0d
refactor(uns): drop dead LoadEquipmentChildrenAsync + LinesForCluster; fix stale comment
2026-06-11 15:11:28 -04:00
826ffdc1a0
feat(uns): equipment is a tree leaf linking to the detail page; drop EquipmentModal
2026-06-11 15:01:10 -04:00
7fbfeca451
feat(uns): equipment detail page shell + Details tab + create-redirect
2026-06-11 14:36:48 -04:00
5cae3c5b96
fix(uns): guard scripted-alarm name uniqueness on create/update (code-review)
2026-06-11 14:31:35 -04:00
705ed6234f
feat(uns): scripted-alarm CRUD in IUnsTreeService for the equipment Alarms tab
2026-06-11 14:25:59 -04:00
7c22861598
feat(uns): per-equipment tag/virtual-tag list service methods
2026-06-11 14:19:46 -04:00
7d91737dac
feat(uns): carry created id on UnsMutationResult for equipment create
2026-06-11 14:16:21 -04:00
7f535c0e9d
test(historian): cover non-positive DeadLetterRetentionDays validation warning
2026-06-11 13:24:46 -04:00
56750e110f
fix(alarms): historize the real operator for shelve/unshelve/enable/disable transitions
2026-06-11 13:14:00 -04:00
5ea6e9d7d9
fix(historian): validate non-positive drain/capacity/retention knobs (review) + log prefix
2026-06-11 13:09:13 -04:00
f215982b93
feat(historian): drain/capacity/retention config knobs + startup config-warning validation
2026-06-11 13:04:16 -04:00
61b230d79a
harden(historian): nullable HistorizeToAveva (missing→historize) for rolling-restart-safe deserialize + middle-link test
2026-06-11 13:00:57 -04:00
8012509584
feat(historian): honor per-alarm HistorizeToAveva opt-out at the durable write
2026-06-11 12:48:13 -04:00
f64f7ce669
fix(alarms): historize the operator (not 'system') for CommentAdded transitions (review)
v2-ci / build (push) Failing after 50s
v2-ci / unit-tests (tests/Core/ZB.MOM.WW.OtOpcUa.Cluster.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.ControlPlane.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.Runtime.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.Security.Tests) (push) Has been skipped
v2-ci / integration (tests/Server/ZB.MOM.WW.OtOpcUa.Host.IntegrationTests) (push) Has been skipped
v2-ci / integration (tests/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer.IntegrationTests) (push) Has been skipped
2026-06-11 11:42:56 -04:00
943c621371
feat(historian): config-gated SqliteStoreAndForward→Wonderware sink (AddAlarmHistorian)
2026-06-11 11:30:31 -04:00
e9355e9514
refactor(historian): gate before translate (no discarded alloc on secondary) + strengthen double-write warning (review)
2026-06-11 11:24:48 -04:00
bb42e5834a
feat(historian): subscribe to alerts topic + translate to AlarmHistorianEvent (Primary-gated, exactly-once)
2026-06-11 11:18:26 -04:00
d2cc4a1222
test+docs(galaxy): verify alarm acknowledger recovers after transient fault; document alarm-client reconnect
2026-06-11 11:12:49 -04:00
8ac3ac5be9
feat(alarms): carry AlarmTypeName + operator Comment on AlarmTransitionEvent (historian feed prep)
2026-06-11 11:03:00 -04:00
7891e28b52
fix(redundancy): periodic heartbeat re-publish so late subscribers learn their role
2026-06-11 10:06:46 -04:00
e241332a24
fix(redundancy): key redundancy-state snapshot by canonical host:port NodeId (was host-only — broke ServiceLevel + scripted-alarm emit gate)
2026-06-11 09:56:17 -04:00
f9932f2d8e
refactor(admin): use CorrelationId wrapper for alarm ack/shelve commands
2026-06-11 09:27:24 -04:00
Joseph Doherty