- 服务器新建独立 TDengine 容器实例（Podman），端口 6031
- 数据卷挂载至 /mnt/tdengine-new/（大容量数据盘）
- 部署 taos-explorer Web 控制台，nginx 6060 端口反向代理 + Basic Auth
- 升级 taos-jdbcdriver 3.2.7 → 3.3.2
- 应用 JDBC URL 指向新实例 localhost:6031
- TdEngineService 删除 device_id VARCHAR(32) 特殊处理，统一 VARCHAR(255)

安全修复:
- MqttFaultConsumer: 修复 SSRF 漏洞，使用 UriComponentsBuilder + controllerId 白名单
- TdEngineService: 修复 SQL 注入，information_schema 查询改用 PreparedStatement
- TdEngineService: 收紧 ALLOWED_COLUMNS 正则，仅允许 ASCII 字母数字下划线
- TdEngineService: 修复静默数据丢失，超长字符串截断存储而非返回 NULL
- TdEngineAlarm: SQL 查询参数化，防止注入
- MqttFaultConsumer/MqttDynamicConsumer: topic/controllerId/dbName 白名单校验
- SysDeviceService: 添加表名校验

代码质量:
- 统一使用 Fastjson2 替代 Jackson ObjectMapper
- Domain 类字段全部改为 private（13 个类）
- topics.java 重命名为 Topics.java
- SimpleDateFormat 替换为线程安全的 DateTimeFormatter
- 提取魔法数字为常量（DEFAULT_BATCH_SIZE 等）
- SysWorkorderMapper.xml 修复 SQL 逻辑错误（AND/OR 括号）
- SysIndicatorsMapper.xml 修正字段名 createtime -> createdata
- SysControllerService 移除 Service 层 @Param 注解
- MqttGenericConsumer 提取过长方法
- NumericIdGenerator 支持 @Value 注入 workerId/dataCenterId
- 空 catch 块补充日志

日志级别优化:
- WARN 31 -> 9 (-71%)，数据校验/格式问题降级为 INFO
- INFO 28 -> 50 (+79%)，正常业务流使用 INFO
- ERROR 37 -> 33 (-11%)，仅最终失败使用 ERROR

- mysql-connector-java → mysql-connector-j 8.0.33
- TDengineService: 移除9处emoji（✅❌⚠️）
- 统一使用SLF4J {}占位符，无字符串拼接

- Delete old RuoYi scripts: bin/*.bat, ry.bat, ry.sh
- Delete empty directories: controller/, service/impl/, static/, templates/
- Delete unused mybatis-config.xml (Spring Boot auto-configures MyBatis)
- Remove unused Maven dependencies: fastjson2, poi-ooxml
- Clean root pom.xml: remove bitwalker, kaptcha, oshi, velocity, poi, fastjson2 version management

Build verified: mvn clean package passes.

- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
  - Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
  - Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
  - Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers

- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
  - Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
  - Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
  - Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers

- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
  - Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
  - Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
  - Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers