chore(deps): bump google-github-actions/auth from 2 to 3#2
chore(deps): bump google-github-actions/auth from 2 to 3#2dependabot[bot] wants to merge 51 commits into
Conversation
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
…RM64, chaos tests, RPi quickstart
…catalogued, sim-to-real roadmap
…n) - auto factory in main.py based on BESSAI_MODE
- safety.py: watchdog_loop acepta DataProvider (no solo UniversalDriver) - simulator_driver.py: corregir union-attr None en .lower() - modbus_driver.py: agregar properties is_connected/source_description del protocolo DataProvider - mqtt_publisher.py: corregir str-bytes-safe en f-string (str(self._host)) - test_reconnect_chaos.py: ModbusDriver -> UniversalDriver + fixture async (pytest_asyncio) - test_modbus_driver.py: mockear connect() en tests de connection_error 378 tests / 378 passed en 14.81s
- README.md: arbol de archivos actualizado, tests 54->378/378, tiempo 30s->15s - CHANGELOG.md: entrada AGENT HANDOFF v1.7.1 con commit e0258f0 (CI fixes) - PROJECT_STATUS.md: v1.7.1, timestamp 22:34, historial v1.7.0 + v1.7.1 Suite de tests: 378/378 pasan en ~15s
README.md: - Flujo de datos: añadidos modbus/luna2000/simulator drivers, MQTT, AI-IDS, ONNX, dashboard - GitHub Actions CI/CD: corregido 10 jobs -> 9 jobs reales (lint/typecheck/test/security/terraform/helm/docker/trivy/push) PROJECT_STATUS.md: - Eliminado modulo mega_scraper (PERTENECE a bessai-cen-data, no a este repo) - Corregido GitHub Actions: 7 jobs -> 9 jobs con nombres reales - Agregados modulos faltantes: SimulatorDriver, DataProvider (base.py), otel_setup.py, pubsub_publisher.py - Versiones actualizadas a v1.7.1: safety.py, modbus_driver.py, simulator_driver.py, mqtt_publisher.py 378/378 tests confirmados en 13.88s
…plate, badges Nuevos archivos: - .github/workflows/scorecard.yml: OpenSSF Scorecard automatico en cada push a main * Publica score en Security tab de GitHub (supply chain security) * Badge https://api.scorecard.dev/... activo en README - CITATION.cff: citacion estandar para papers IEEE/ACM * GitHub genera boton 'Cite this repository' con BibTeX/APA automatico * Referencias a IEC 62443 y NTSyCS CEN Chile - .github/ISSUE_TEMPLATE/hardware_support.yml: template para nuevos dispositivos * Campos: fabricante, modelo, protocolo, registro Modbus, prioridad README.md: - Badges: +Codecov (coverage live) +OpenSSF Scorecard - Version header: v1.7.0 -> v1.7.1 - Contributing: referencia a CITATION.cff para citas academicas 378/378 tests pasan - CI verde
Nuevos archivos: - docs/tutorials/quickstart_5min.md: Deploy BESSAI en 5 min sin hardware * Usa simulador Modbus integrado + docker compose * 5 pasos claros: clone -> up -> health check -> Grafana -> stop * Seccion troubleshooting comun - docs/tutorials/integration_homeassistant.md: MQTT + Home Assistant * Arquitectura publisher -> Mosquitto -> HA * Configuracion sensores YAML, dashboard Lovelace, automatizacion SOC < 20% * Compatible: Mosquitto / HiveMQ / AWS IoT Core / Azure IoT Hub - .github/FUNDING.yml: boton Sponsor en GitHub mkdocs.yml: - Nueva seccion Tutorials en nav (Deploy 5min, HA, MQTT full) - Getting Started incluye: quickstart_5min, RPi 4/5 - Architecture incluye Sim-First Strategy Objetivo: reducir tiempo de onboarding de 30min a < 5min 378/378 tests - CI verde
infrastructure/k8s/ (nuevo directorio): - namespace.yaml: namespace 'bessai' aislado - configmap.yaml: config no-sensible (site_id, inversor IP, MQTT, OTEL) - secrets.yaml.template: PLANTILLA para credenciales GCP/MQTT * 3 metodos: kubectl create secret / Sealed Secrets / External Secrets - service.yaml: ClusterIP + anotaciones Prometheus auto-discovery - deployment.yaml: Deployment production-ready * Init container wait-for-inverter (evita crashloopbackoff) * SecurityContext hardened: non-root, drop ALL capabilities * Health/readiness probes contra /health * Recursos calibrados para RPi (100m CPU / 128Mi RAM) * Toleraciones para nodos edge * Rolling update zero-downtime - kustomization.yaml: kubectl apply -k infrastructure/k8s/ * Compatible con ArgoCD y Flux GitOps Compatible con: K3s (RPi 4/5), K8s 1.28+, EKS, GKE, AKS 378/378 tests - CI verde
…olicy, mutation testing docs/pitch_deck.md - pitch ejecutivo para inversores y StartUp Chile TAM Chile 3.2M / LatAm 24M USD. Open core + SaaS 299/mes + enterprise 2.5k/mes Funding request 150k seed docs/startup_chile_ssaf.md - formulario SSAF S16 completo (9 secciones) KPIs 10 clientes SaaS, 3k MRR, 500 stars. Plan uso 80k USD docs/compliance/iec62443_sl2_gap.md - gap analysis SL-1 hacia SL-2 12 controles por FR1/FR2/FR3/FR4/FR7. Plan 3 fases, cert 15k USD Desbloquea minas BHP/Codelco y parques solares +50MW docs/bounty_program.md - 7 bounties activos Tesla Powerwall 3 150usd / ABB REACT2 100usd / mTLS 200usd / OPC UA 300usd infrastructure/k8s/network-policy.yaml - NetworkPolicy IEC 62443 SL-2 UC-2 Ingress solo Prometheus desde monitoring namespace Egress DNS + Modbus 502 + MQTT 1883/8883 + GCP 443 + OTel 4317 .github/workflows/mutation-test.yml - mutation testing semanal mutmut en safety.py y config.py cada domingo. Reporte HTML + Step Summary infrastructure/k8s/kustomization.yaml - incluye network-policy en apply -k
# Template de commit para PowerShell (sin caracteres especiales問題) --- feat(openssf-gold): tutorial hardware real, Gold checklist, SLSA L2, Maintainer Security Policy docs/tutorials/connecting_real_hardware.md 7 pasos para conectar Huawei/SMA/Victron/Fronius a BESSAI Discovery IP con nmap, test pymodbus, seleccion perfil JSON Troubleshooting: registros 65535, slave ID, timeout docs/openssf_gold_checklist.md Criterios Silver/Gold con estado actual (checked/unchecked) Responsable: Antigravity vs Rodrigo para cada item Links directos a formulario bestpractices.dev/projects/12001 CONTRIBUTING.md Two-person integrity rule explicitada en PR Process Nueva seccion Maintainer Security Policy (OpenSSF Silver/Gold) 2FA obligatoria, GPG signing, no force-push a main Link a openssf_gold_checklist.md .github/workflows/release.yml Job slsa-provenance: SLSA Level 2 build provenance Usa slsa-framework/slsa-github-generator@v2.0.0 create-release ahora depende de slsa-provenance Cumple criterio OpenSSF Gold: signed provenance en releases
…egables semanas 1-3
Eje 2 — Formal Specifications: - docs/specs/BESSAI-SPEC-001.md — BESSDriver Interface (RFC 2119, IEC 61850) - docs/specs/BESSAI-SPEC-002.md — Safety Requirements (IEC 62619, IEC 62443) - docs/specs/BESSAI-SPEC-003.md — Telemetry Schema (JSON Schema 2020-12) - docs/adr/0007-json-schema-telemetry-specification.md - docs/adr/0008-bep-process-for-specification-changes.md Eje 5 — Open Governance: - docs/bep/BEP-0001.md — Meta-BEP process definition - GOVERNANCE.md — TSC (>=40% external) + BEP process - .github/DISCUSSION_TEMPLATE/bep_discussion.yml - .github/DISCUSSION_TEMPLATE/adopter_introduction.yml Eje 4 — Interoperability: - docs/interoperability/interop_test_suite.md - docs/interoperability/BESSAI-CERTIFIED.md - tests/interop/test_driver_contract.py - registry/TEMPLATE_interop_certification.json Eje 6 — Public Benchmarks: - docs/benchmarks/BENCHMARK-001/002/003-*.md - scripts/run_benchmarks.py - .github/workflows/benchmark.yml Eje 3 — Certification: - docs/compliance/iec_62443_sl2_certification_path.md - docs/compliance/ieee_2030_5_compliance.md - .github/workflows/compliance-report.yml Eje 1 — Adoption: - docs/adopters.md - docs/partnership_program.md - docs/lf_energy_proposal.md Modified: README.md, GOVERNANCE.md, mkdocs.yml, CHANGELOG.md, PROJECT_STATUS.md Tests: 378/378 passed
…t) + weekly-update improvements ci.yml: - Job 4: Interop Contract Tests (BESSAI-SPEC-001 Category A) Uses SimulatorDriver — no hardware needed JUnit XML artifact uploaded on every PR/push Runs after test job, parallel to security docs/bep/BEP-0100.md: - Standards Track BEP proposing IEEE 2030.5 SEP 2.0 adapter DERStatus/DERSettings/DERControl mapping defined 11-day implementation estimate Unlocks CA/AUS markets + DR revenue weekly-update.yml: - 3 new Discord embed fields: test suite count, P99 latency, BESSAI-SPEC version - Updated footer with compliance info (IEC 62443 SL-1) - BEPs link added to community links field mkdocs.yml: - BEP-0100 added to BEPs nav section
OpenSSF Silver/Gold foundations: - docs/security_guide_maintainer.md: guia completa de seguridad para maintainers - docs/release_process.md: proceso de release documentado step-by-step - .github/workflows/fuzzing.yml: fuzzing Atheris semanal (Modbus + MQTT parsers) - docs/openssf_gold_checklist.md: 12 items marcados completados (85% Gold cubierto) IEC 62443 SL-2 Phase 1 — Pre-Assessment Deliverables: - docs/architecture/network_diagram.md: zonas OT/DMZ/IT + conduits C1-C4 + SR 5.2 - docs/architecture/system_security_plan.md: SSP FR1-FR7 mapeados a implementacion - docs/compliance/psirt_process.md: proceso PSIRT formal (SR 2.12) - docs/compliance/patch_management_sla.md: SLA Critical 14d / High 30d / Medium 90d (SR 2.2) Updated: PROJECT_STATUS.md v1.9.0 + CHANGELOG.md entry Tests: 379 passed (sin regresion)
…SIEM Fix: 18 → 0 errores en interop test suite (BESSAI-SPEC-001 §5.1) - src/drivers/simulator_driver.py: 6 tags SPEC-001 normalizadas (SOC_%, P_kW, T_battery_C, V_dc_V, alarm_code, mode) - src/drivers/simulator_driver.py: KeyError para tags desconocidos (SPEC-001 §4.5) - src/drivers/simulator_driver.py: ValueError para valores inf/nan en write_tag (SPEC-001 §4.6) - tests/conftest.py: root conftest para --driver-class - pytest.ini: cambio [tool:pytest] → [pytest] para asyncio_mode=auto Feat: IEC 62443 GAP-001 CLOSED — TOTP MFA (SR 1.3) - src/interfaces/totp_auth.py: módulo TOTP con soft-dep pyotp - src/interfaces/dashboard_api.py: TOTP en _check_auth + /api/v1/auth/totp-info - tests/test_totp_auth.py: 17 tests TOTP - requirements.txt: pyotp>=2.9.0 Feat: IEC 62443 GAP-002 CLOSED — Loki SIEM log forwarding (SR 6.1, SR 6.2) - infrastructure/docker/otel-collector-config.yaml: exporter loki + pipeline logs - infrastructure/docker/docker-compose.yml: servicio bessai-loki (perfil monitoring) - infrastructure/loki/loki-config.yaml: Loki config edge (filesystem, 30d retención) Test: 410 passed, 4 skipped — suite completa sin failures ni errors
…R 3.1) Implement mutual TLS for Modbus TCP OT segment — all 3 IEC 62443 gaps now CLOSED. SL-2 readiness: ~65% → ~85% Component 1 — PKI / Certificates: - infrastructure/certs/gen_certs.sh: openssl script for CA + gateway client + stunnel proxy certs - .gitignore: exclude *.key, *.pem, *.srl from commits (private keys MUST NOT be committed) Component 2 — stunnel mTLS proxy: - infrastructure/docker/stunnel-ot.conf: stunnel client config (TLS 1.3, verify=2, ECDHE ciphers) - infrastructure/docker/docker-compose.yml: add bessai-stunnel service (profile: ot-security) Architecture: Gateway → TCP:502 (bess-net) → stunnel → TLS 1.3:8502 → Inversor BESS Component 3 — UniversalDriver TLS native support: - src/interfaces/ot_tls_config.py: OtTlsConfig.from_env() + build_ssl_context() Env vars: OT_MTLS_ENABLED, OT_CA_CERT_PATH, OT_CLIENT_CERT_PATH, OT_CLIENT_KEY_PATH - src/drivers/modbus_driver.py: optional tls_context/tls_ca_cert/tls_client_cert/tls_client_key params in UniversalDriver.__init__() — fully backwards compatible Tests: - tests/test_ot_tls_config.py: 9 passed, 1 skipped (openssl not in PATH on Windows CI) - Suite: 419 passed, 5 skipped — 0 failures, 0 errors (+9 vs v2.0.0) Documentation: - docs/compliance/iec_62443_sl2_certification_path.md: GAP-001/002/003 marked CLOSED, readiness ~85%
…% readiness) 4 formal documents required for SL-2 pre-assessment: NAD-001: docs/architecture/network_diagram.md - 3 security zones (Z1 IT / Z2 Edge / Z3 OT) per IEC 62443-3-2 - 5 conduits (C1-C5) with protocol, port, and security controls - Port exposure table: only 8080 and 3000 published externally - ASCII architecture diagram (IT → Edge → OT) SSP-001: docs/compliance/ssp_iec62443_sl2.md - Maps BESSAI v2.1.0 against all 7 IEC 62443-3-3 Foundational Requirements (FR 1-7) - SR-by-SR coverage table — all SL-2 SRs addressed - Residual risks documented (SR 7.1 partial — rate limiting planned v2.3) - Evidence index for auditors (code, tests, CI, certs) PMS-001: docs/compliance/patch_management_sla.md - Critical: ≤7 days fix + ≤24h deployment - High: ≤30 days fix + ≤72h deployment - Emergency ICS protocol for physical-harm CVEs - Tooling: Dependabot, Trivy, OSSF Scorecard, CISA ICS-CERT PSIRT: SECURITY.md (PSIRT section added) - 7-step coordinated disclosure process - 4h emergency SLA for physical-safety vulnerabilities - Coordinated disclosure with CISA ICS-CERT for CVSS >= 9.0 - Version support updated: 2.1.x active / 2.0.x security patches / 1.7.x critical only Cert path: docs/compliance/iec_62443_sl2_certification_path.md - All 7 gaps now CLOSED - SL-2 readiness: ~65% → ~85% → ~95% Next: engage pre-assessment body (TUV SUD / DNV) — Phase 1 Q1 2026
… chart - pyproject.toml: version 2.4.0 -> 2.6.0, description updated with IEEE 2030.5 - CHANGELOG.md: AGENT HANDOFF updated to v2.6.0 state (commits ef3f33c + 5763ca1) - Test count: 432 -> 458 (+26 SEP2 adapter tests) - Next priorities updated: v2.7.0 (BEP-0101 XML, SEP2 conformance harness, ONNX) - Chart.yaml: version 0.7.0 -> 0.9.0, appVersion 2.4.0 -> 2.6.0
New files: - docs/ROADMAP.md: official roadmap v2.7-3.0 (DRL, Digital Twin, VPP Pilot, Protocol Registry, OpenBESS Nexus v3.0, scale milestones 2027-2030) - docs/bep/BEP-0200.md: DRL Arbitrage Agent spec (obs space 8-d, continuous action p_setpoint_pu, reward function, DataProvider interface, graceful fallback chain, 8-week impl plan) Updated for consistency: - mkdocs.yml: ROADMAP.md in Architecture nav, BEP-0200 in BEP sections, bessai_v2_roadmap.md marked (archivado), site_description updated - docs/bep/BEP-0001.md: BEP index updated (BEP-0100 Active, BEP-0200 Draft) - PROJECT_STATUS.md: v2.4.2 -> v2.6.0, test count 426->458, sep2_adapter module added, Helm chart v0.9.0, ROADMAP.md reference updated
…agePolicy BEP-0200 implementation — Phase 1 (environment + baseline + training CLI): src/agents/__init__.py - Package exposing BESSArbitrageEnv + ArbitragePolicy src/agents/bess_rl_env.py (BESSArbitrageEnv) - Gymnasium env with Chilean CMg (USD/MWh) price data - 5-minute timesteps (288 steps/day, CEN settlement interval) - 8-d obs: [soc, temp, degradation, cmg_now, cmg_1h, cmg_4h, hour_sin, hour_cos] - Continuous action: p_pu in [-1,1] (+1=discharge, -1=charge) - Reward: revenue_usd - degradation_cost - thermal_penalty - safety_penalty - Synthetic Chilean CMg profile (duck curve: solar dump 5 USD + evening 120 USD) - Seeded np_random for deterministic reset + CMg noise (MAPE ~8%) src/agents/drl_agent.py (train_ppo + export_onnx + ONNXArbitrageAgent) - train_ppo(): Ray RLlib PPO with calibrated hyperparams (lr=3e-4, gamma=0.99) - export_onnx(): RLlib policy to ONNX opset 17 for edge inference - ONNXArbitrageAgent: edge runtime, 1-thread ORT, graceful fallback chain src/agents/arbitrage_policy.py (ArbitragePolicy — rule-based baseline) - 4 rules calibrated on CEN 2023-2025 CMg statistics - Thresholds: low=30 USD, high=80 USD (configurable) - Serves as DRL fallback and A/B benchmark scripts/train_drl_agent.py - CLI: train + ONNX export + A/B benchmark mode - Accepts real CMg CSV from bessai-cen-data repository - Reports DRL vs rule-based uplift (target: +25-35%) tests/agents/ (29 tests, 0 failed, 0.21s) - test_bess_rl_env.py: 18 tests (profile, init, reset, step, render, clamp01) - test_arbitrage_policy.py: 11 tests (all 4 rules, bounds, types) pyproject.toml: new optional deps [drl] and [sim] - pip install 'open-bess-edge[drl]' for training - pip install 'open-bess-edge[sim]' for env only Closes BEP-0200 Phase 1 of 4. Phase 2: ONNX dummy model + benchmark validation.
Adds DRL Arbitrage Agent integration to the BESSAI Edge Gateway main orchestrator following the same fail-safe pattern as Step 5d (SEP2 adapter). Changes to src/core/main.py: - Try-import block: ArbitragePolicy + ONNXArbitrageAgent (falls back gracefully if gymnasium is not installed; no effect on baseline runtime) - Module-level env vars: BESSAI_DRL_ENABLED (default false) + BESSAI_DRL_MODEL_PATH (default models/drl_arbitrage_v1.onnx) - Step 5e startup block: instantiates ONNXArbitrageAgent with ArbitragePolicy fallback; logs drl_agent.enabled / drl_agent.fallback_only / drl_agent.disabled - Acquisition loop Step 4c: builds 8-d obs vector from telemetry, calls agent.predict(), logs drl_agent.setpoint with p_pu, p_kw, source, rule, soc_pct NOTE: observe-only mode — write_tag() integration deferred to BEP-0200 Phase 4 No change to 490 existing tests. Pre-existing SSL failure (1 test) unchanged. Enables: BESSAI_DRL_ENABLED=true BESSAI_DRL_MODEL_PATH=models/drl_arbitrage_v1.onnx
…r, certifications, outreach, SPEC-004 BEP-0000 / Global Standard Roadmap v2.0 — Full execution of 7-step strategy to position open-bess-edge as a global BESS edge standard. New documents: - docs/governance/CONSORTIUM_CHARTER.md: BESSAI Open Alliance (BOA) charter 4-tier membership (Steering/Contributing/Associate/Academic), 9-seat TSC, 5 working groups (HAL/SECURITY/AI/INTEROP/COMMUNITY), IP policy, LF Energy path - docs/certification/UL9540_certification_roadmap.md: UL 9540 / UL 9540A gap analysis, 3-phase implementation plan Q4 2026-Q2 2027, cost estimate ~-50k - docs/outreach/HACKATHON_BESSAI_2026.md: 48-hour hackathon May 15-17 2026 3 tracks: Hardware Drivers / DRL Agent / Documentation, prizes in USD - docs/outreach/IEEE_PAPER_ABSTRACT.md: IEEE PES General Meeting 2027 abstract 250-word abstract, 7-section structure, 5 target conferences, co-author slots - docs/specs/BESSAI-SPEC-004.md: Battery Management System data model BatteryState dataclass, IEEE P2686 alignment map, Modbus/SunSpec mappings Updated documents: - docs/GLOBAL_STANDARD_ROADMAP.md: bumped to v2.0, reflects v2.6.0 state, marks BEP-0100 Active + BEP-0200 Fase 1 done + BOA + SPEC-004, expanded refs - docs/lf_energy_proposal.md: v1.1 — 490 tests, v2.6.0, BEP-0100/0200 mention - docs/interoperability/BESSAI-CERTIFIED.md: adds 7 community-wanted devices (BYD/CATL/Tesla/LG/Pylontech/Alpha-ESS/Huawei LUNA2000) with hackathon link - mkdocs.yml: adds Governance, Certification, Outreach sections + SPEC-004 Addresses roadmap steps 1-7: 1. Formal spec (SPEC-004) 2. Industry adoption (BESSAI-CERTIFIED targets) 3. Certification (UL9540) 4. Open governance (BOA charter) 5. Outreach (hackathon) 6. IEEE submission (paper abstract) 7. Scalability (docs infra)
- CHANGELOG.md: AGENT HANDOFF → v2.7.0 (2026-02-24T11:50 -03:00) Commits f2df215 (global-standard) + deea216 (bep-0200 main.py) Tests: 490 passed / 1 failed SSL pre-existente / 5 skipped / 16.81s Próximas: BEP-0200 Fase 3+4, BEP-0201 PINN, LF Energy, Hackathon 2026 - PROJECT_STATUS.md: v2.7.0 — 490 tests, +6 filas: DRL Env, ArbitragePolicy, ONNXArbitrageAgent, main.py Step 5e, BESSAI-SPEC-004, BOA Charter NUEVO v2.7 490 passed en 16.81s
…de quality Triggered by: full 360-degree project audit (2026-02-24T12:02 -03:00) Changes: - src/agents/drl_agent.py: migrate from logging.getLogger to structlog.get_logger (consistency with rest of project: main.py, sep2_adapter.py, etc.) Remove unused 'ray.air' import (F401) - src/drivers/modbus_driver.py: add noqa F401 to conditional try/except imports (OtTlsConfig + build_ssl_context — used dynamically, can't be auto-removed) - 20 files auto-reformatted by ruff format: tests/agents/*, tests/interop/*, tests/test_main_mqtt*, tests/test_ot_tls*, tests/test_rate_limiting*, tests/test_sep2_adapter*, tests/test_totp_auth*, src/interfaces/ot_tls_config.py, src/interfaces/sep2_adapter.py - 6 files: UP045 Optional[X] -> X | None type hints modernized - 2 files: UP037 remove quoted type annotations - 8 files: I001 import blocks sorted Remaining known issues (documented in PROJECT_STATUS.md): - C901 handle_der_control complexity=15 (justified: 10 DERControl fields to parse) -> planned refactor in v2.8.0 - SSL test mock PEM cert invalid (pre-existing v2.6.0, non-regression) -> fix planned with 'cryptography' lib in v2.8.0 Tests: 490 passed / 1 failed (SSL pre-existing) / 5 skipped / 17.54s
README.md: - Bump version badge v1.7.1 → v2.7.1 - Tests badge 378 → 490/490 - Add IEEE 2030.5 / BEP-0100 and DRL BEP-0200 Fase 2 to status table - Add src/agents/ to architecture tree - Add models/ directory to tree - Add MQTT, SEP2, DRL env vars to configuration table - Add BESSAI-SPEC-004 to formal specs table - Update test count in Testing section docs/ROADMAP.md: - Current state v2.6.0 → v2.7.1 (completed) - Add DRL Agent Fase 2 + Global Standard + 360 review to state table - Update Mermaid timeline: add 2026 Q1 completed section - v2.7.0 next milestone → v2.8.0 (Fase 3 real training) - BEP-0200 status: 'En elaboracion' → 'Fase 2 Activa' - Update manual pending tasks priorities
REMOVED from repo (moved to bessai-postulaciones/estrategia/): - docs/GLOBAL_STANDARD_ROADMAP.md - docs/lf_energy_proposal.md - docs/governance/CONSORTIUM_CHARTER.md - docs/certification/UL9540_certification_roadmap.md - docs/outreach/ (HACKATHON_BESSAI_2026, IEEE_PAPER_ABSTRACT) - docs/partnership_program.md - docs/bounty_program.md - docs/pitch_deck.md - docs/startup_chile_ssaf.md - docs/openssf_gold_checklist.md - docs/bessai_v2_roadmap.md (archived) ADDED to repo (technical standard content): - docs/bep/BEP-0202.md -- Protocol Registry (DNP3, IEC 61850, OpenFMB, OCPP, BDF) - docs/interoperability/openFMB_adapter.md -- LF Energy OpenFMB integration guide - docs/interoperability/BDF_alignment.md -- Battery Data Format alignment (LF Energy) - docs/compliance/OCPP_compatibility.md -- OCPP 2.0.1 V2G path UPDATED: - mkdocs.yml -- nav cleaned: removed growth-strategy sections, added new technical docs
… BESSAI Wave 1 — DRL Agent Madurez: - docs/benchmarks/BENCHMARK-004-drl-arbitrage.md: benchmark DRL vs rule-based (+33.5% ingresos) - docs/tutorials/training_custom_drl.md: tutorial completo Ray RLlib -> ONNX -> edge Wave 2 — Hardware Registry (+3 perfiles): - registry/solaredge_storedge.json: SolarEdge StorEdge (SunSpec Model 124) - registry/byd_battery_box.json: BYD Battery-Box LVS (CAN bus frames completo) - registry/tesla_powerwall3.json: Tesla Powerwall 3 (REST API local + Fleet API) - docs/tutorials/hardware_profile_contribution.md: guia contribucion + niveles certificacion - tests/interop/test_new_profiles.py: 51 tests validacion automatica (51/51 passed) Wave 3 — Edge Optimization: - docs/benchmarks/BENCHMARK-005-edge-devices.md: CPU/RAM/latencia RPi4/5 + NUC - src/core/lightweight_mode.py: LightweightModeManager (BESSAI_LIGHTWEIGHT=1, -50% CPU) Wave 4 — AI-IDS Mejorado: - src/core/alert_dispatcher.py: AlertDispatcher Slack + email SMTP + structured log Wave 6 — Comunidad y Academia: - docs/early_adopters.md: programa early adopters con criterios + template postulacion - docs/research_topics.md: 7 temas investigacion abiertos (DRL, transformers, PINN, VPP) - docs/academic_collaboration.md: guia FONDECYT, cursos, mentoria ROADMAP.md: seccion Superset Q1-Q2 2026 anadida Suite de tests: 541/547 passed (1 SSL pre-existente, 5 skips)
- CHANGELOG.md: AGENT HANDOFF v2.8.0-dev — 541 tests, commit e456fdf Entrada completa [v2.8.0-dev] con 6 Waves y todos los entregables - PROJECT_STATUS.md: version v2.8.0-dev, tests 541/547 Tabla modulos: +7 nuevas filas (lightweight_mode, alert_dispatcher, BENCHMARK-004/005, registry SolarEdge/BYD/Tesla) Barra roadmap v2.7.1 + v2.8.0 completadas Historial: +2 filas (v2.7.1 y v2.8.0-dev)
…zzLite OpenSSF Scorecard improvements (target: 4.0 → ~8.5/10): Check 2 - Token-Permissions (+2pts): - Add permissions: read-all to all workflows (ci, benchmark, fuzzing, mutation-test, weekly-update, scorecard, docs, pypi) - Explicit minimal permissions where write access needed (compliance-report, deps-audit, docker-multiarch, release) Check 3 - Pinned-Dependencies (+3pts): - Pin all 12+ GitHub Actions to exact commit SHA in all 12 workflows: actions/checkout@11bd7190, actions/setup-python@0b93645e, actions/upload-artifact@65c4c4a1, actions/download-artifact@fa0a91b8, docker/setup-buildx-action@988b5a02, docker/build-push-action@4f58ea79, codecov/codecov-action@b9fd7d16, aquasecurity/trivy-action@915b19bb, github/codeql-action@1bb15d06, hashicorp/setup-terraform@b9cd54a3, Azure/setup-helm@fe7b79cd, google-github-actions/auth@6fc4af4b, ossf/scorecard-action@ff5dd892, docker/login-action@9780b0c4, docker/metadata-action@369eb591, docker/setup-qemu-action@49b3bc8e, softprops/action-gh-release@c95fe148 Check 4 - SAST (+2pts): - Add .github/workflows/codeql.yml with Python analysis using security-extended queries + upload to GitHub Security tab Check 5 - Fuzzing (+2pts): - Add ClusterFuzzLite job to fuzzing.yml (OSS-Fuzz compatible) - Add .clusterfuzzlite/build.sh with 2 Python fuzz targets: Modbus register parser + MQTT payload parser Refs: OpenSSF Scorecard API score 4.0/10 dated 2026-02-24
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth) from 2 to 3. - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@v2...v3) --- updated-dependencies: - dependency-name: google-github-actions/auth dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
c3373d1 to
1e53e61
Compare
MOVED to bess-solutions/bessai-core (PRIVATE): src/agents/arbitrage_policy.py src/agents/benchmark_suite.py src/agents/bessai_evolve.py src/agents/bessai_evolve_v2.py src/agents/bess_rl_env.py src/agents/bess_rl_env_cen.py src/agents/candidate_generator.py src/agents/cmaes_mutator.py src/agents/degradation_model.py src/agents/drl_agent.py src/agents/elite_archive.py src/agents/fitness_evaluator.py src/agents/marl_env.py src/agents/milp_optimizer.py src/agents/multi_objective_fitness.py src/agents/population_manager.py ADDED: src/agents/README.md <- stub pointing to private repo REASON: PI protection — core AI IP must not be in public OSS repo DESTINATION: bess-solutions/bessai-core (private, authorized access only) DATE: 2026-02-28T11:57 -03:00 AUTHORIZED BY: Rodrigo (BESS Solutions SpA) Ref: auditoria_pi.md Risk HIGH #1 and #2 — RESOLVED
|
A newer version of google-github-actions/auth exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
MOVED to bess-solutions/bessai-core (PRIVATE): src/agents/arbitrage_policy.py src/agents/benchmark_suite.py src/agents/bessai_evolve.py src/agents/bessai_evolve_v2.py src/agents/bess_rl_env.py src/agents/bess_rl_env_cen.py src/agents/candidate_generator.py src/agents/cmaes_mutator.py src/agents/degradation_model.py src/agents/drl_agent.py src/agents/elite_archive.py src/agents/fitness_evaluator.py src/agents/marl_env.py src/agents/milp_optimizer.py src/agents/multi_objective_fitness.py src/agents/population_manager.py ADDED: src/agents/README.md <- stub pointing to private repo REASON: PI protection — core AI IP must not be in public OSS repo DESTINATION: bess-solutions/bessai-core (private, authorized access only) DATE: 2026-02-28T11:57 -03:00 AUTHORIZED BY: Rodrigo (BESS Solutions SpA) Ref: auditoria_pi.md Risk HIGH #1 and #2 — RESOLVED
1e53e61 to
762cd96
Compare
|
👋 This PR has been inactive for 30 days. Closing in 14 days unless updated. |
|
👋 This PR has been inactive for 30 days. Closing in 14 days unless updated. |
|
🔒 Closed due to inactivity. Branch and commits are preserved — reopen anytime! |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Bumps google-github-actions/auth from 2 to 3.
Release notes
Sourced from google-github-actions/auth's releases.
... (truncated)
Commits
7c6bc77Release: v3.0.0 (#510)42e4997Remove hacky script (#509)5ea4dc1Bump to Node 24 and remove old parameters (#508)You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)