614 Commits

Author	SHA1	Message	Date
win	c5eb305f7f	chore: merge upstream v0.1.119-121, keep Windsurf/Antigravity customizations ... Upstream changes merged: - fix(scheduler): resolve SetSnapshot race conditions with Lua CAS script - fix: improve sticky session scheduling (debug logs + layer 1.5 checks) - feat: Anthropic cache TTL injection toggle - fix(gateway): stream EOF failover + sanitize stream errors - feat(httputil): zstd/gzip/deflate request decompression + bomb guard - feat(openai): OpenAI Fast/Flex Policy (HTTP + WebSocket + Admin) - feat(vertex): Vertex Service Account support - feat: account bulk edit scope and compact settings - feat(affiliate): rebate freeze migration - fix(openai): various fixes (passthrough fields, compact payload, etc.) Conflict resolutions: - domain/constants.go: keep both AccountTypeWindsurfSession + AccountTypeServiceAccount - scheduler_cache_unit_test.go: keep both test functions - gateway_service.go: remove dead code (claudeCodeUserAgentRe, isClaudeCodeRequest) - wire_gen.go: keep Windsurf service chain + add upstream claudeTokenProvider param - frontend/src/types/index.ts: keep windsurf + service_account types - frontend CreateAccountModal.vue: keep Windsurf login + Vertex service_account blocks - frontend PlatformTypeBadge.vue: keep both Session + Vertex cases - account_test_service.go: fix createTestPayload call to pass empty prompt arg	2026-05-02 16:52:21 +08:00
shaw	733627cf9d	fix: improve sticky session scheduling	2026-04-30 11:38:11 +08:00
shaw	8bf2a7b88a	fix(scheduler): resolve SetSnapshot race conditions and remove usage throttle ... Backend: Fix three race conditions in SetSnapshot that caused account scheduling anomalies and broken sticky sessions: - Use Lua CAS script for atomic version activation, preventing version rollback when concurrent goroutines write snapshots simultaneously - Add UnlockBucket to release rebuild lock immediately after completion instead of waiting 30s TTL expiry - Replace immediate DEL of old snapshots with 60s EXPIRE grace period, preventing readers from hitting empty ZRANGE during version switches Frontend: Remove serial queue throttle (1-2s delay per request) from usage loading since backend now uses passive sampling. All usage requests execute immediately in parallel.	2026-04-29 22:48:39 +08:00
win	fdd2d08a4d	feat: merge feat/omniroute-ideas — P2C scheduler, quota scoring, tier fallback	2026-04-29 15:42:37 +08:00
win	0a3666ef24	x	2026-04-29 10:32:36 +08:00
win	5c8c15cdb1	feat(refresh,repo): add singleflight to dedupe concurrent token refresh and unschedulable writes ... Two anti-thundering-herd improvements: 1. OAuthRefreshAPI.RefreshIfNeeded Wrap the existing distributed-lock + DB-reread + executor.Refresh pipeline in a per-process singleflight keyed by cacheKey+window. Without this, N concurrent goroutines on the same account each pay one Redis lock RTT and one DB reread; with it, only the leader pays and the rest share the result. The refreshWindow is part of the key so a long background-refresh window cannot starve a short foreground-refresh window. 2. accountRepository.SetTempUnschedulable Wrap the same path (UPDATE + scheduler outbox enqueue + scheduler cache sync) in a per-process singleflight keyed by id+until+reason. The SQL guard (existing < new) already makes the UPDATE idempotent, but N callers still cost N round-trips and N outbox inserts. With singleflight, an upstream 401 burst that hits the same account collapses to one execution. Tests cover dedup behavior, key separation by account / refresh window, and that the SQL exec count drops from N to <=2 (UPDATE + outbox).	2026-04-29 00:43:23 +08:00
win	d6df41feaa	chore(claude): bump CLI fingerprint to 2.1.88 and accept claude-code/ UA ... - Centralize Claude CLI fingerprint constants (UA, x-stainless-*) in pkg/claude with BuildCLI/CodeUserAgent helpers - Reuse constants in DefaultHeaders, identity_service defaults, and antigravity identity defaults to keep all callers in sync - Extend ClaudeCodeValidator to accept both claude-cli/ and claude-code/ UA prefixes (transport/helper requests use the latter) - Update related tests to cover the new UA prefix and version	2026-04-28 22:35:24 +08:00
shaw	9b6dcc57bd	feat(affiliate): 完善邀请返利系统 ... - 修复返利不到账的根因：tryClaimAffiliateRebateAudit 中 PostgreSQL 参数类型推断冲突 - 补全 OAuth 注册路径（LinuxDo/OIDC/WeChat/Pending Flow）的邀请码绑定 - 前端 OAuth 注册页面传递 aff_code 参数 - 新增返利冻结期机制：可配置冻结时间，到期后自动解冻（懒解冻） - 新增返利有效期：绑定后 N 天内有效，过期不再产生返利 - 新增单人返利上限：超出上限部分精确截断 - 增强返利流程 slog 结构化日志，便于排查问题 - 已邀请用户列表增加返利明细列	2026-04-26 12:42:35 +08:00
win	2064c1a19f	chore: merge upstream Wei-Shaw/sub2api 至 v0.1.118 ... - 保留 Windsurf 订制代码 - 上游新增：Affiliate 邀返佣功能、OpenAI compact 支持、Claude Code 完整 mimicry - 解决冲突：handler/wire.go、wire_gen.go、constants.go、gateway_service.go 等	2026-04-25 22:08:18 +08:00
shaw	4e1bb2b445	feat(affiliate): add feature toggle and per-user custom invite settings ... - 在系统设置「功能开关」中新增邀请返利总开关，默认关闭； 关闭态：菜单隐藏、注册忽略 aff、新充值不返利，但已有 quota 仍可转余额 - 支持管理员为指定用户设置专属邀请码（覆盖随机码，全局唯一） - 支持管理员为指定用户设置专属返利比例（覆盖全局比例，可单条/批量调整） - 在系统设置邀请返利卡片内嵌入专属用户管理表格（搜索/编辑/批量/删除）， 删除采用项目通用 ConfirmDialog，会同时清除专属比例并把邀请码重置为系统随机码 - /affiliate 用户页新增「我的返利比例」卡片与动态使用说明，让用户直观看到 分享后能拿到多少（同源 resolveRebateRatePercent 计算，与实际充值一致） - 新增数据库迁移 132 添加 aff_rebate_rate_percent 与 aff_code_custom 列 - 新增 admin 路由组 /api/v1/admin/affiliates/users/* 共 5 个端点 - AffiliateService 改为只依赖 *SettingService，去除冗余的 SettingRepository - 邀请码格式校验放宽到 [A-Z0-9_-]{4,32}，兼容旧 12 位系统码与新自定义码 - 补充单元测试与集成测试覆盖新方法、冲突路径与边界值	2026-04-25 20:22:07 +08:00
shaw	095f457c57	feat(openai): port /responses/compact account support flow (PR #1555) ... 将 vansour/sub2api#1555 的 OpenAI compact 能力建模手工移植到当前 main：账号 级 compact 状态/auto-force_on-force_off 模式、compact-only 模型映射、调度器 tier 分层（已支持 > 未知 > 已知不支持）、管理后台 compact 主动探测，以及对应 i18n/状态徽章。普通 /responses 流量行为不变，无数据库迁移。	2026-04-25 14:52:58 +08:00
shaw	aa8ee33b0a	refactor(affiliate): tighten DI and harden inviter code validation ... - Drop SetAffiliateService setters and ProvideAuthService / ProvidePaymentService / ProvideUserHandler wrappers in favor of direct Wire constructor injection. AffiliateService has no back-edge to Auth/Payment/User, so the indirection was never required. - Change RegisterWithVerification's variadic affiliateCode to a fixed parameter; adjust all call sites. - Validate aff_code length and charset in BindInviterByCode before any DB lookup, eliminating timing-side-channel and useless DB roundtrips on malformed input. - Make affiliate cache invalidation synchronous; surface Redis errors via the project logger instead of swallowing them in a detached goroutine. - Add an integration test guarding cross-layer tx propagation in AccrueQuota and a unit test pinning the aff_code format rules.	2026-04-25 08:44:18 +08:00
VpSanta33	f03de00cb9	feat: add affiliate invite rebate flow and admin rebate-rate setting	2026-04-24 22:22:26 +08:00
win	2d2f677a64	chore: merge upstream Wei-Shaw/sub2api 至 v0.1.117 ... 主要合并内容： - feat(channel-monitor): admin 渠道监控 MVP + 日聚合/模板/用户端卡片 - feat(available-channels): 新增"可用渠道"聚合视图与平台聚合 - feat(settings): 功能开关联动到配置页 - refactor(channel-monitor): 事件驱动调度器 / runner 生命周期 + 单测 - fix(openai/codex): 图像生成桥接修复、支付 webhook 未知单号处理 - misc: i18n/UI polish, typing tightening 冲突已手动解决，保留本地订制： - handler.Handlers / AdminHandlers 联合 windsurf + channel_monitor/available_channel 字段 - wire/wire_gen 清理步骤同时注册 WindsurfRefreshService 与 ChannelMonitorRunner - routes/admin 同时注册 windsurf 与 channel-monitor 路由 - service/wire 合并 Windsurf* 与 ChannelMonitor* 的 provider - frontend admin API barrel 取两侧并集 - 采纳上游对 migrationChecksumCompatibilityRule 字段的重命名（非订制代码）	2026-04-24 11:52:21 +08:00
win	002066e700	chore(wip): 保存订制改动以便合并上游 ... - windsurf: client/pool/local_ls/tool_emulation/tool_names/models 调整 - handler: admin account_data / failover_loop / gateway_handler - repository: scheduler_cache 及测试 - service: windsurf_chat_service / windsurf_gateway_service - deploy: compose 合并为单文件（含 windsurf-ls profile），Dockerfile.ls - cmd: 新增 dump_ls_models / dump_preamble / test_windsurf_tools 辅助工具	2026-04-24 11:14:36 +08:00
win	2a4103298e	Merge remote-tracking branch 'origin/main' ... # Conflicts: # backend/cmd/server/wire_gen.go	2026-04-24 01:21:36 +08:00
erio	5e060b2222	Merge remote-tracking branch 'upstream/main' into feat/channel-insights ... # Conflicts: # backend/cmd/server/wire_gen.go	2026-04-23 22:30:45 +08:00
erio	67518a59ac	revert: remove fork-only changes from release sync ... Revert payment/wechat, sora/claude-max cleanup, fork-only migrations, and cosmetic changes that were brought in by the release sync commit. Keep only channel-monitor related improvements: - PublicSettingsInjectionPayload named struct with drift test - ChannelMonitorRunner graceful shutdown in wire - image_output_price in SupportedModelChip - Simplified buildSelfNavItems in AppSidebar - Gateway WARN logs for 503 branches	2026-04-23 21:40:58 +08:00
erio	748a84d871	sync: bring over remaining release/custom-0.1.115 changes ... - Extract PublicSettingsInjectionPayload named struct with drift test - Add channel_monitor_default_interval_seconds to SSR injection - Add image_output_price to SupportedModelChip - Simplify AppSidebar buildSelfNavItems (admins see available channels) - Add gateway WARN logs for 503 no-available-accounts branches - Wire ChannelMonitorRunner into provideCleanup for graceful shutdown - Add migrations 130/131 (CC template userid fix + mimicry field cleanup) - Clean up fork-only features (sora, claude max simulation, client affinity) - Remove ~320 obsolete i18n keys - Add codexUsage utility, WechatServiceButton, BulkEditAccountModal - Tidy go.sum	2026-04-23 20:55:18 +08:00
win	21325afb33	feat(windsurf): 补全ops日志记录与endpoint派生，对齐其他平台 ... - windsurf_gateway_service: 添加上游延迟/TTFT/错误上下文记录 - endpoint: DeriveUpstreamEndpoint 添加 PlatformWindsurf 分支 - ops_error_logger: guessPlatformFromPath 添加 /windsurf/ 识别	2026-04-23 20:46:27 +08:00
Wesley Liddick	827a4498e0	Merge pull request #1829 from ZHOUKAILIAN/feature/codex-oauth-proxy-message ... fix: 明确 OpenAI OAuth 未配置代理时的错误提示	2026-04-23 16:55:04 +08:00
Wesley Liddick	8dbbd94299	Merge pull request #1836 from wucm667/fix/account-daily-weekly-quota-cache-invalidation ... fix: 修复账户配额跨越时调度快照入队逻辑	2026-04-23 16:49:25 +08:00
james-6-23	dc5d42addc	feat(rpm): RPM 限流模块优化 ... P0: - rpm_override 嵌入 Auth Cache Snapshot，消除每请求 DB 查询 (snapshot v6→v7) - 429 RPM 响应返回 Retry-After 头（当前分钟剩余秒数） P1: - ClearAll 按钮直连 DELETE API，带 loading 防重复 - 新增 GET /admin/users/:id/rpm-status 管理员 RPM 用量查询端点 优化: - checkRPM 从级联互斥改为并行取最严，user.rpm_limit 作为全局硬上限始终生效 - Override/Group 变更后自动失效 auth cache - fail-open 语义不变，Redis 故障不阻塞业务	2026-04-23 16:34:37 +08:00
wucm667	bcf4aedcde	fix: 修复账户配额跨越时调度快照入队逻辑	2026-04-23 14:53:57 +08:00
wx-11	11cf23da7d	修改403逻辑: 先临时冷却，再根据连续次数决定是否判坏号	2026-04-23 12:58:13 +08:00
zhoukailian	2489ea3699	fix: clarify OpenAI OAuth proxy errors	2026-04-23 12:23:04 +08:00
win	ff7eab0392	Merge remote-tracking branch 'origin/main' ... # Conflicts: # backend/go.mod # backend/go.sum # backend/internal/repository/migrations_runner.go	2026-04-22 21:27:18 +08:00
shaw	45065c23d5	fix(ci): run 108a migration before 109 in backfill integration test	2026-04-22 18:36:44 +08:00
IanShaw027	9de7a72cce	fix(upgrade): close payment and oidc compatibility gaps	2026-04-22 18:01:51 +08:00
IanShaw027	ad4600964e	fix(ci): clean up lint and dead code	2026-04-22 16:38:36 +08:00
IanShaw027	36aed35957	fix(auth): harden oauth identity upgrade paths	2026-04-22 14:56:56 +08:00
IanShaw027	01a991f56f	fix(test): restore identity repo integration imports	2026-04-22 13:22:33 +08:00
IanShaw027	81c827ee51	fix(profile): stabilize identity binding management	2026-04-22 13:19:28 +08:00
IanShaw027	06136af805	fix(upgrade): preserve legacy auth and payment compatibility	2026-04-22 13:18:10 +08:00
IanShaw027	1ffebbb568	fix(migrations): keep auth identity and payment upgrades safe	2026-04-22 12:29:52 +08:00
IanShaw027	18481a100b	fix(migrations): defer online ddl follow-ups safely	2026-04-22 11:17:45 +08:00
IanShaw027	7fbd5177c2	fix(ci): make legacy migration cleanup resilient	2026-04-22 09:15:39 +08:00
IanShaw027	fdf72eb511	fix(ci): repair integration repository tests	2026-04-22 02:42:43 +08:00
IanShaw027	b13e34f831	fix(ci): align auth and payment verification tests	2026-04-22 02:32:53 +08:00
IanShaw027	525a320424	Fix user profile writes on postgres conflicts	2026-04-21 10:13:28 -07:00
IanShaw027	d4c0a99114	feat(auth): support unbinding third-party identities	2026-04-22 00:54:38 +08:00
IanShaw027	0d87f94cb7	Harden adoption decision reassignment	2026-04-21 09:53:15 -07:00
IanShaw027	da1d26001f	Merge branch 'main' into rebuild/auth-identity-foundation	2026-04-22 00:35:34 +08:00
IanShaw027	d5819181ea	feat(auth): reclaim stale identities and refresh profile UI	2026-04-21 07:49:40 -07:00
IanShaw027	d08757ce9e	refactor(admin): remove auth migration reports	2026-04-21 17:34:18 +08:00
IanShaw027	c624cce88e	fix: unblock auth identity compat backfill migration	2026-04-21 15:56:30 +08:00
IanShaw027	0a461d8248	fix: harden auth identity legacy migrations	2026-04-21 01:30:37 +08:00
IanShaw027	ea27ac6fd7	fix: unify email identity sync and retry first-bind defaults	2026-04-21 01:00:59 +08:00
IanShaw027	7a9488ff37	Add legacy identity safety remediation migration	2026-04-21 00:59:20 +08:00
erio	a7415d4d2e	feat(monitor): 30-day raw retention + timeline 4-tier style + CC template seed + JSON format button ... - History retention 1d → 30d（60s × 30d ≈ 43200 行/model，PG 无压力）； ComputeAvailability* 不再 UNION rollup 表，直接扫 histories 精度更高。 - Timeline bar 四级高度+颜色双重编码：operational 高+绿 / degraded 中+黄 / failed+error 短+红 / 未测试 很短+灰。 - migration 113 seed「Claude Code 伪装」模板（ON CONFLICT DO NOTHING）。 user_id 用 legacy 格式（user_<64hex>_account_<uuid>_session_<uuid>）， 避免新版 JSON 字符串内嵌 JSON 在编辑器里一长串 \" 难读。 - MonitorAdvancedRequestConfig 加「格式化」按钮 + white-space:pre 让 body textarea 对长字符串不压扁。	2026-04-21 15:24:48 +08:00