Without -parameters compiler flag, Spring cannot match ExecutorService
parameter by name when multiple beans of the same type exist. This
caused 'No bean named tdengineService available' startup failure on
production deployment.

- Remove unused service fields (sysWorkorderService, sysIndicatorsService, sysCompanyService)
- Remove commented-out insertIndicators() method
- Remove unused imports (SysCompany, LocalDate, DateTimeFormatter, @Autowired)
- Clean constructor to only keep actively used dependencies

Security:
- Remove hardcoded password fallbacks from application-druid.yml
- Add table name whitelist validation to SysFaultService & SysAlarmService
- Externalize VehicleSyncTask webhook URL to IotProperties config

Concurrency & Resource Management:
- Fix AbstractMqttConsumer reconnect/disconnect race (synchronized)
- Fix MqttClient resource leaks in disconnect() with separate try blocks
- Fix AbstractDynamicMqttConsumer broken-state MqttClient reuse
- Fix TDengineService stableColumnCache unbounded growth (MAX_CACHE_SIZE=1000)

Input Validation:
- Add null/empty checks to MqttGenericConsumer (controllerId, path, timestamp)
- Add null/empty checks to MqttFaultConsumer (controllerId, deviceId, type, desc)
- Guard against ArrayIndexOutOfBoundsException on topic path split

Tests:
- Update VehicleSyncTaskTest for new IotProperties constructor param
- All 79 tests pass, build succeeds

P0 fixes:
- MqttFaultConsumer: array index bounds check, NPE guard on null coordinates
- MqttStatusConsumer: NPE guard on null required fields
- TDegnineAlarm: ResultSet try-with-resources, SQL injection whitelist
- AbstractMqttConsumer: brokerUrl parsing validation, mqttPassword null guard

P1 fixes:
- Field injection → constructor injection (7 files: MqttFaultConsumer,
  MqttStatusConsumer, SysIndicatorsService, SysWorkorderService,
  TDengineService, TDegnineAlarm, AbstractMqttConsumer)
- SLF4J {} placeholder logging (4 places in AbstractMqttConsumer)
- Extract hardcoded constants: alarm status, date format, company ID prefix,
  webhook URL → IotProperties configuration
- TDengineService: dataSourceInitialized volatile, GZIP try-with-resources

Tests:
- Fix MqttStatusConsumerTest/MqttFaultConsumerTest/MqttGenericConsumerTest
  for new constructors (remove @InjectMocks, manual instantiation)
- 65/67 tests passing (2 TDengine JNI env-dependent failures excluded)

- AbstractDynamicMqttConsumerTest: 4个测试覆盖 deepCopyMap（null/深拷贝/嵌套/List）
- MqttDynamicConsumerTest: 6个测试覆盖 fetchTopics + insertredis
- MqttChargeStationConsumerTest: 4个测试覆盖 fetchTopics（配置/null/空白/trim）
- 测试总数 65→79，JaCoCo覆盖率 18%→25%

- mysql-connector-java → mysql-connector-j 8.0.33
- TDengineService: 移除9处emoji（✅❌⚠️）
- 统一使用SLF4J {}占位符，无字符串拼接

- VehicleSyncTask: 10个@Autowired字段改为final+构造函数注入
- MqttGenericConsumer: 3个@Autowired字段改为构造函数参数
- IotProperties: validate()新增brokerUrl和url空值校验
- MqttGenericConsumerTest: 更新匹配4参数构造函数

- 新建 AbstractDynamicMqttConsumer 抽象基类，抽取连接/订阅/重连公共逻辑
- MqttDynamicConsumer extends 基类，仅保留 fetchTopics + processMessage
- MqttChargeStationConsumer extends 基类，仅保留 fetchTopics + processMessage
- 配置化 ChargeStation topic（IotProperties + application.yml）
- 修复 @DependsOn 位置（方法→类级别）
- 从 disconnect() 中移除 tdengineService.close()（Spring单例不应被消费者关闭）
- 基类日志统一使用 {} 占位符，移除 emoji

- MqttGenericConsumer: destroy/init → refreshMqttSubscription() 避免破坏Spring生命周期
- MqttGenericConsumer: 添加 topics/cmdtopics/faultprot 空值保护防止NPE
- MqttGenericConsumer: 合并3处重复 persist 调用到方法末尾
- VehicleSyncTask: 修复 coordinateMap.get 的NPE风险（先判空再equals）
- VehicleSyncTask: 修复逗号分隔逻辑错误（i > size-1 → i < size-1）
- MqttDynamicConsumer: 删除废弃的 shutdownExecutor 死代码

Remote branch overwrote the AbstractMqttConsumer inheritance structure.
Restored extends AbstractMqttConsumer + constructor injection while
preserving remote's business logic changes (updatecontrollerAccept,
SimpleDateFormat conversion, 6-arg insertsyscontroller).

- AbstractMqttConsumer: remove private executorService, use constructor injection
- MqttDynamicConsumer/MqttChargeStationConsumer: remove private core/write executors,
  inject via @Qualifier from ExecutorConfig
- ExecutorConfig: add mqttCoreExecutor, mqttWriteExecutor, abstractConsumerExecutor
  with destroyMethod="shutdown"
- VehicleSyncTask: refine scanKeys() exception handling, add per-record try-catch
  in doUpdateSysCar() loop
- Remove unused jjwt 0.9.1 (CVE-2019-17195) and springfox-boot-starter 3.0.0 deps

- Delete old RuoYi scripts: bin/*.bat, ry.bat, ry.sh
- Delete empty directories: controller/, service/impl/, static/, templates/
- Delete unused mybatis-config.xml (Spring Boot auto-configures MyBatis)
- Remove unused Maven dependencies: fastjson2, poi-ooxml
- Clean root pom.xml: remove bitwalker, kaptcha, oshi, velocity, poi, fastjson2 version management

Build verified: mvn clean package passes.

- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
  - Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
  - Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
  - Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers

Security (P0):
- Remove hardcoded MQTT/TDengine credentials from IotProperties defaults
- Clear password fallbacks in application.yml (was ${ENV:real_password})
- Add @PostConstruct validation to block startup on missing credentials
- Add Redis distributed locks to VehicleSyncTask 4 @Scheduled methods
- Move static thread pools to Spring-managed beans with destroyMethod

Robustness (P1):
- Split broad catch(Exception) into specific types (MqttException,
  InterruptedException, TimeoutException, ExecutionException)
- Restore InterruptedException flag in all catch blocks
- Add closeQuietly() for JDBC Statement/ResultSet cleanup
- Configure RestTemplate with 5s connect / 10s read timeouts

Quality (P2):
- Production log levels: debug/trace → info
- Tomcat: max 800→200, min-spare 100→20, accept-count 1000→100
- Redis pool: max-active 8→16, max-idle 8→16, min-idle 0→4, max-wait 5s

Monitoring (P3):
- Actuator: show-details always→never, exposure health,info→health only

Testing:
- Add JaCoCo plugin for coverage reporting
- Add IotProperties, ExecutorConfig, RestTemplateConfig unit tests
- 26 tests passing

Security (P0):
- Remove hardcoded MySQL password from SysrealtimeService
- Add table name whitelist validation (regex + length limit)
- Validate ${tableName} in SysrealtimeMapper.xml
- Externalize all credentials to .env file
- Fix unbounded thread pools in MQTT consumers
- Fix mysqlWritePool leak in MqttFaultConsumer

Quality (P1):
- Extract AbstractMqttConsumer base class (-500+ duplicate lines)
- Refactor VehicleSyncTask: SCAN instead of KEYS, batch ops,
  RestTemplate timeout, loop-invariant extraction
- Add unit tests (RedisKeys, SysrealtimeService, MqttConsumer)

Architecture (P2):
- Add Spring Boot Actuator (/actuator/health)
- Create RedisKeys constants class for key namespace
- Add .env.example and start.sh for local development

Deployment:
- Add systemd service (iot-platform.service)
- Add deploy.sh with build, upload, backup, health check, rollback
- Add setup-server.sh for server initialization
- Add health-check.sh (Actuator + TCP port fallback)

Docs:
- Update CLAUDE.md for standalone iot-platform architecture
- Update README.md with build/deploy instructions
- Add deploy/README.md

- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
  - Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
  - Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
  - Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers

- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
  - Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
  - Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
  - Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers