172 Commits

Author	SHA1	Message	Date
win	158785bfc9	chore: merge upstream v0.1.127 — keep omniroute customizations ... Upstream highlights: - v0.1.127 release (150 commits): channel-monitor 协议管理、OpenAI Responses 路由配置、模型定价 LiteLLM 默认、payment 强制扫码、 钉钉 OAuth、用户用量按平台拆分、Ops 错误分类 SLA 调整、 Anthropic passthrough keepalive、Gemini chat completions 路由 ... - 91da8159 feat(risk-control): 内容审计新增关键词拦截 - 3d22dd34 feat: gemini-3.5-flash 模型支持 Conflicts resolved: - Dockerfile: keep pnpm pin to 9.15.9 (upstream pinned generic v9 floating). - wire_gen.go: combine upstream NewSettingHandler(+userAttributeService) with local NewOpsHandler(opsService, requestEventBus, opsLogBroadcaster). Verified by re-running wire generate. - scheduler_cache.go: keep both upstream openai_responses_{mode,supported} keys and local model_rate_limits key in filterSchedulerExtra(). - gateway_service.go: keep local context-compression block; drop now-dead setOpsUpstreamRequestBody call (upstream removed ops retry replay). - docker-compose.yml: keep local windsurf-ls service profile and named volumes; keep local healthcheck start_period values. Test mock signatures bumped to match current constructors: - gateway_models_test.go: add nil for RPMTokenBucketService. - account_handler_available_models_test.go: add nil for windsurfChatService.	2026-05-20 12:39:40 +08:00
DaydreamCoding	b19da9c7fe	feat(dingtalk): 钉钉 OAuth 登录接入与 internal_only 用户属性同步 ... ⚠️ 应用类型约束：当前实现仅支持「钉钉登录-企业内部应用」（DingTalk 开放平台 internal_app 类型）。第三方个人应用、第三方企业应用类型暂不支持——OAuth 流程 相同但 corp 校验、跨企业行为不同。backend 通过 DingTalkAppKind 校验对非 internal_app 类型 fail-closed（硬约束）。 钉钉 OAuth 登录主链 - 4 步 OAuth 链：ExchangeCodeForUserToken / GetUnionIdByUserToken / GetUserIdByUnionId / GetStaffInfoByUserId；app token 缓存 - pending session 机制持久化 OAuth 中间态；cookie-only token 持久化 - 三种分流：bind_login_required / email_completion / choose_account_action - corp_restriction_policy 支持 none + internal_only；stale "whitelist" 在 加载层与写入层均静默 coerce 为 none + slog.Warn - bypass_registration 开关：企业内部模式豁免全局 REGISTRATION_DISABLED - isReservedEmail / signup_source / canUnbindProvider / OAuth pending flow 等横切点支持 dingtalk provider - migration 136：4 表 CHECK 约束加入 'dingtalk' provider 值 internal_only 模式同步企业邮箱/姓名/部门到用户属性 - SyncCorpEmail / SyncDisplayName / SyncDept 三个独立开关 + 对应 SyncXxxAttrKey 目标属性 key（默认 dingtalk_email / dingtalk_name / dingtalk_department）；非 internal_only policy 在写入层与加载层均 coerce 为 false，admin handler 与 setting_service 双层兜底 - 同步语义：首次注册写 users.username（昵称优先 → 企业姓名 fallback）， 之后每次登录刷新 3 个属性；空值也写入以覆盖旧值 - 邮箱三级 fallback：org_email > email > extension["企业邮箱"] （钉钉自定义字段 JSON） - 部门路径递归向上拼接，跳过 dept_id=1 选首个真实子部门，剥离根组织名 - GetUnionIdByUserToken 同时返回 OIDC /contact/users/me 的 nick 字段； 新增 GetDeptInfo 调用 OAPI /topapi/v2/department/get - AuthHandler 注入 UserAttributeService；OAuth pending flow 在 createPendingOAuthAccount / bindPendingOAuthLogin 分别派发到 AfterRegistration（syncUsername=true）/ AfterLogin - migration 137 seed dingtalk_email/name/department 三个用户属性定义 附带修复（同集成路径暴露的两个 OAuth 注册回归） - LoginOrRegisterOAuthWithTokenPair 新建用户分支用 inferLegacySignupSource 覆写 caller 显式传入的 signupSource，导致 dingtalk/linuxdo/oidc/wechat 渠道授权按 email 渠道读取；改为只在 caller 未显式传入时回退邮箱推断 - mergeProviderDefaultGrantSettings 把 parse fallback 默认值 (Concurrency=5 / Balance=0) 当作"未配置"哨兵，admin 显式设 5 时被误判 退回全局默认（复现：全局默认 1 + 渠道默认并发 5 + grant_on_signup → 新 用户实际 concurrency=1）；去掉哨兵，admin 任何 >=0 值都覆盖 globalDefaults 前端 - DingTalk Login / Callback / EmailCompletion / ChoiceAccount / Error 视图；router + auth API client - admin SettingsView：corp policy radio（none / internal_only）+ bypass 注册开关 + i18n；internal_only 下展示三同步开关 + 目标 attr key 下拉 （拉取 user attribute definitions），展示 fieldEmail / qyapi_get_department_list 钉钉权限申请提示 - Profile：S1 主动绑定 / S5 解绑钉钉按钮 + 合成邮箱防自锁 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-19 15:27:47 +08:00
win	35c6c2b097	chore: merge upstream v0.1.126 — Airwallex, OpenAI fixes, Antigravity UA config ... 吸收上游 26 个新 commit: - feat: Airwallex 支付 + 多币种支持 (b23055af) - feat: Antigravity user agent 版本可配置 (a07a0dac) - fix(mimic): 同步 messages 里 tool_use 名称 (f97b8534) - fix: cache_control 改写默认关闭 (9377c967) - fix(openai): 多 tool_use 上下文延续 (87d73236) - fix(openai): 未定价模型零成本记录 (6d69ae87) - fix(openai): WS replay tool 输出延续 (16a31557) - fix(openai): 429 plan type 同步 (c3a14717) - fix(gemini): Vertex token 走 account proxy (2a17c0b2) - fix(ccswitch): codex 模型 import deeplink (65493df9) - fix: 订单详情/支付页 NaN 修复 (ba1c6fa5, 6884b03e) - 系统设置标签导航优化 (18cc4691) 本地解决: - config.go CSP: 合并 Firebase Auth (Windsurf) + Airwallex 域名 - KeysView.vue: 删除死代码（已被 buildCcSwitchImportDeeplink 取代） - ccswitchImport.ts: 补充 windsurf 平台 case - 修复 NewOpsHandler/RegisterGatewayRoutes/SelectAccountWithScheduler 测试签名 保留: - Antigravity newapi 兼容 (ForwardUpstream /v1/messages 透传) - Antigravity 核心（gateway_service, oauth, client, credits_overages 等） - Windsurf 全套 - Claude 网关 + TLS 指纹路由 - 其他本地 feat: P2C 调度 / viewer / context 压缩 / RPM / fallback / health	2026-05-12 13:48:40 +08:00
win	8d0ef3d2ef	chore: antigravity 瘦身，删除边缘文件保留核心	2026-05-12 12:19:22 +08:00
shaw	b23055af5b	feat: add Airwallex payments and multi-currency support	2026-05-11 11:17:26 +08:00
win	7347dfffc1	chore: merge upstream v0.1.124-125, keep Windsurf/Antigravity customizations ... Upstream changes: - feat: 邮箱 + GitHub + Google OAuth 快捷登录 - feat: Codex image bridge 开关 - feat: 内容审核 (content moderation) — 新增 contentModerationService/Handler - feat: redeem code 返利、批量并发 API、markdown 页面渲染 - feat: 登录注册条款确认 - fix(security): pages API 加 JWT + 可见性校验 - fix: 修复 markdown 页面图片路径 - fix(gateway): 不再默认注入 redact thinking beta - fix: 稳定 anthropic passthrough 超时错误 - chore: VERSION 升到 0.1.125 + golang:1.26.3-alpine Conflict resolutions: - Dockerfile/backend/Dockerfile: 取 upstream golang:1.26.3-alpine - backend/go.mod: 取 upstream term v0.42.0，保留定制 protobuf v1.36.10 - frontend/src/api/admin/index.ts: 并集 (windsurf + riskControl) - backend/cmd/server/wire_gen.go: 接 upstream contentModeration*，保留 windsurfHandler/windsurfGatewayService/billingCacheService/requestEventBus；并通过 wire 重生成 - frontend/src/views/admin/AccountsView.vue: 采用 upstream 双层布局 + OpenAI Meta，保留 is_enterprise prop 和 Windsurf tier badge Note: - WIP commit (de048fad) preserved Windsurf tier access service / NLU extractor / ops log stream / Google OAuth login modal et al before merge. - 3 pre-existing go vet issues in test files (NewOpsHandler, RegisterGatewayRoutes, DefaultCLIProductVersion) are unrelated to this merge — leftover from local customization refactors; production code (go build ./...) passes.	2026-05-09 01:42:39 +08:00
win	de048fad25	chore(wip): save Windsurf/Antigravity/ops customizations before upstream merge ... WIP commit保存以下定制工作以便后续合并 upstream v0.1.124-125: - Windsurf: tier access service, NLU extractor, cold threshold, Google login - Antigravity: client/oauth 调整 - Ops: log stream handler/broadcaster/middleware, OpsLogStreamView - Frontend: WindsurfLoginModal Google, GoogleIcon, AccountsView, sidebar/router/i18n	2026-05-09 00:41:19 +08:00
Wesley Liddick	45b1e6ae41	Merge pull request #2233 from Arron196/fix/codex-image-generation-bridge-switch ... fix(openai): 增加 Codex 图片生成桥接显式开关	2026-05-07 10:30:26 +08:00
Jlypx	26043a8f29	fix(openai): gate Codex image bridge injection ... Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent) Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>	2026-05-07 00:10:20 +08:00
lyen1688	af550fa64e	feat: 增加 GitHub 和 Google 邮箱快捷登录	2026-05-06 16:06:11 +08:00
win	3fe228d143	chore: merge upstream v0.1.122-123, keep Windsurf/Antigravity customizations ... New upstream features: - feat: improve OpenAI messages compatibility for Claude Code - feat: image generation stream & concurrency controls - fix(rate-limit): remove 429 cooldown config option - fix: skip previous_response_id recovery when payload has function_call_output - feat: support select search in group/account views - fix: ops cleanup settings - chore: remove openspec and update axios Conflict resolutions: - config.go: kept AntigravityLSWorker+NodeTLSProxy AND added ImageConcurrency - account_test_service.go: kept windsurf import AND added openai_compat import - docker-compose.yml: kept Windsurf env vars AND added image concurrency env vars	2026-05-06 11:50:54 +08:00
shaw	11ae6f2105	fix(rate-limit): remove 429 cooldown config option	2026-05-05 20:11:12 +08:00
Wesley Liddick	37f7c7128c	Merge pull request #2120 from gaoren002/fix/rate-limit-429-cooldown-config ... fix(rate-limit): make 429 fallback cooldown configurable	2026-05-05 19:46:11 +08:00
2ue	6faa344916	feat: add OpenAI image generation controls	2026-05-05 03:26:54 +08:00
gaoren002	4b904c887c	fix(rate-limit): make 429 fallback cooldown configurable	2026-04-30 03:01:39 +00:00
win	fdd2d08a4d	feat: merge feat/omniroute-ideas — P2C scheduler, quota scoring, tier fallback	2026-04-29 15:42:37 +08:00
win	5123d92b44	feat(scheduling): add cross-tier fallback chain (subscription → API Key → Bedrock) ... Adds an opt-in tier-based fallback scheduling path for Anthropic accounts: - accountTierLevel(): derives tier from account type without DB migration (tier-0=OAuth/SetupToken, tier-1=APIKey, tier-2=Bedrock) - enableTierFallbackChain(): new config flag gateway.scheduling.enable_tier_fallback_chain (default false) - selectAccountWithTierFallback(): loads all Anthropic accounts, groups by tier, honors sticky sessions, applies all existing schedulability guards, then tries tiers 0→1→2 in order via tryAcquireByLegacyOrder - Wired into SelectAccountForModelWithExclusions: Anthropic platform + tier fallback enabled → calls new path instead of mixed scheduling - Fix pre-existing unit-test build break: NewGatewayService now requires *RPMTokenBucketService (added in Task #5); add missing nil param - 7 tests: tier mapping, config toggle, subscription preference, APIKey fallback, exclusion handling, empty-pool error, Bedrock last resort	2026-04-29 03:23:39 +08:00
win	a2ab67f8c7	feat(scheduler): add P2C + quota-aware scheduling for OpenAI accounts ... - Add GetQuotaRemainingFraction() to Account: returns [0,1] fraction of remaining quota; 1.0 when no limit is configured (unlimited accounts) - Add Quota float64 weight field to GatewayOpenAIWSSchedulerScoreWeights and EnableP2CScheduling bool to GatewayOpenAIWSConfig (both default off) - Extend selectByLoadBalance scoring with quota factor (gated by Quota>0) - Add selectByPowerOfTwo(): O(1) P2C selection — samples 2 random candidates, tries the better-scored one first then the other, falls back to wait plan; activated when EnableP2CScheduling=true - Add openAIWSP2CEnabled() helper on OpenAIGatewayService - Add 6 tests covering quota fraction edge cases, P2C toggle, weight defaults, single-candidate P2C, two-candidate P2C selection, and quota score ordering	2026-04-29 03:13:30 +08:00
win	d535688bfd	feat(context): add proactive context compression for long conversations ... - New context_compressor.go: pure functions operating on raw JSON body (gjson/sjson pattern). approxTokens uses chars/4 heuristic. - compressMessages: removes oldest messages from front, treating consecutive assistant(tool_use)+user(tool_result) pairs as atomic units to prevent orphaned tool_result blocks. - Hooked into Forward() after StripEmptyTextBlocks, gated on account.Credentials[enable_context_compression]. - Config: gateway.context_compression.max_tokens (default 190000). - 8 unit tests covering: approx tokens, no-op when under budget, oldest-message trimming, tool pair preservation, atomic pair removal, body passthrough, body trimming.	2026-04-29 01:33:05 +08:00
win	95814974de	feat(rpm): add token bucket smoothing for RPM rate limiting ... - New RPMTokenBucketService: per-account continuous-refill token buckets (rate = rpm/60 tokens/sec, capacity = rpm). No new dependencies. - GatewayService.AcquireRPMToken() delegates to the bucket service. - Gateway handler inserts RPM token wait BEFORE wrapReleaseOnDone in both Gemini and Anthropic dispatch paths; timeout returns 429 and releases slot. - Config: gateway.rpm_smoothing.enabled (default false) + max_wait_ms (default 5000). - 7 unit tests covering: immediate acquire, zero RPM, timeout, wait+refill, context cancel, account isolation, bucket reset on RPM change.	2026-04-29 01:22:54 +08:00
win	cbf696bc82	chore(wip): save windsurf changes before upstream v0.1.118 merge	2026-04-25 21:56:42 +08:00
win	9156585a23	chore: gofmt/goimports 后处理 ... 合并上游后统一运行 gofmt/goimports，消除排序差异与空行不一致。	2026-04-24 11:52:53 +08:00
win	21325afb33	feat(windsurf): 补全ops日志记录与endpoint派生，对齐其他平台 ... - windsurf_gateway_service: 添加上游延迟/TTFT/错误上下文记录 - endpoint: DeriveUpstreamEndpoint 添加 PlatformWindsurf 分支 - ops_error_logger: guessPlatformFromPath 添加 /windsurf/ 识别	2026-04-23 20:46:27 +08:00
win	ff7eab0392	Merge remote-tracking branch 'origin/main' ... # Conflicts: # backend/go.mod # backend/go.sum # backend/internal/repository/migrations_runner.go	2026-04-22 21:27:18 +08:00
IanShaw027	36aed35957	fix(auth): harden oauth identity upgrade paths	2026-04-22 14:56:56 +08:00
IanShaw027	b2e0712190	fix(settings): preserve oauth config compatibility on upgrade	2026-04-22 12:30:07 +08:00
IanShaw027	84628108fc	fix(auth): preserve backward-compatible oauth defaults	2026-04-22 11:17:32 +08:00
IanShaw027	c229f33e9e	fix(review): harden payment, oauth, and migration paths	2026-04-22 10:26:22 +08:00
IanShaw027	b13e34f831	fix(ci): align auth and payment verification tests	2026-04-22 02:32:53 +08:00
IanShaw027	da1d26001f	Merge branch 'main' into rebuild/auth-identity-foundation	2026-04-22 00:35:34 +08:00
IanShaw027	e9de839d87	feat: rebuild auth identity foundation flow	2026-04-20 17:39:57 +08:00
IanShaw027	d3d4267731	fix: harden oidc callback security	2026-04-20 16:23:42 +08:00
erio	bf0bbe0be7	feat(gateway): raise upstream response read limit 8MB -> 128MB (configurable) ... 图片生成 API 返回的 base64 内联图响应经常超过 8MB 单次读取上限，被 ReadUpstreamResponseBody 拦截成 502 upstream_error。 单张 4K PNG base64 最坏约 67MB，多张候选图或 imageSize=4K 的 image_generation 一次请求能轻松到 30MB+。把默认上限提到 128MB 能覆盖 2-3 张 4K 图，相对 请求体上限 256MB 仍有缓冲；同时抽出 config.DefaultUpstreamResponseReadMaxBytes 共享常量，viper 默认值和 service 层兜底共用，消除两处同步魔法数字。 仍可通过 gateway.upstream_response_read_max_bytes 配置项覆盖。	2026-04-17 22:07:15 +08:00
win	b6e1c64c25	chore: merge upstream v0.1.113, keep Antigravity customizations	2026-04-16 19:23:37 +08:00
win	435ae221bc	x	2026-04-16 19:11:47 +08:00
erio	6ac8ccde46	fix: merge 30 general improvements from release branch ... Bug fixes: - Detached context for GetAccountConcurrencyBatch (prevent all-zero on request cancel) - Filter soft-deleted users in GetByGroupID - Stripe CSP policy (allow Stripe.js in script-src and frame-src) - WebSearch API key validation on save - RECHARGING status in payment result success check - Windows test fixes (logger Sync deadlock, config path escaping) Feature enhancements: - Webhook multi-instance dispatch (extractOutTradeNo + GetWebhookProvider) - EasyPay mobile H5 payment (device param + PayURL2) - SSE error propagation in WebSearch emulation - AccountStatsCost DTO field for admin usage logs - Plans sort by sort_order instead of created_at - UsageMapHook for streaming response usage data - apicompat Instructions field passthrough - EffectiveLoadFactor for ops concurrency/metrics - Usage billing RETURNING balance for notify system - BulkUpdate mixed channel warning with details - println to slog migration in auth cache - Wire ProviderSet cleanup - CI cache-dependency-path optimization Frontend: - Refund eligibility check per provider (canRequestRefund) - Plan sort_order editing - Dead code cleanup (simulate_claude_max, client_affinity) - GroupsView platform switch guard - channels features_config API type - UsageView account_stats_cost export	2026-04-14 17:35:27 +08:00
win	32c98292e7	chore: merge upstream v0.1.111, keep Antigravity customizations ... # Conflicts: # backend/cmd/server/wire_gen.go # backend/go.mod # backend/internal/server/router.go # backend/internal/service/wire.go	2026-04-13 01:14:28 +08:00
Wesley Liddick	bbc79796dc	Merge pull request #1529 from IanShaw027/feat/group-messages-dispatch-redo ... feat: 为openai分组增加messages调度模型映射并支持instructions模板注入	2026-04-09 21:14:38 +08:00
Wesley Liddick	74302f60ab	Merge pull request #1010 from Glorhop/pr/oidc-login ... feat(auth): support OIDC login and prefer IdP real email on sign-in	2026-04-09 21:13:22 +08:00
IanShaw027	4de4823a65	feat(openai): 支持messages模型映射与instructions模板注入	2026-04-09 12:29:49 +08:00
ruiqurm	02a66a01c3	feat: support OIDC login.	2026-04-09 02:20:51 +00:00
ius	265687b56d	fix: 优化调度快照缓存以避免 Redis 大 MGET	2026-04-08 10:39:15 -07:00
win	3ba3a17652	chore: merge upstream origin/main (v0.1.109) - delete Sora, add group account filter, Cache-Driven RPM, Beta model whitelist, OpenAI normalize fixes, refresh token race fix, Gemini customtools fix	2026-04-08 06:28:50 +08:00
erio	93b42ccfea	fix: resolve CI failures — gofmt, unused functions, missing test helpers ... - Run gofmt on user schema, config test, group handler - Remove unused mergeGroupIDs function - Restore shared test helpers (newJSONResponse, queuedHTTPUpstream) that were in deleted Sora test file	2026-04-05 17:21:36 +08:00
erio	62e80c602d	revert: completely remove all Sora functionality	2026-04-05 17:11:01 +08:00
win	1eed02c325	fix: restore node-tls-proxy routing lost during rebase ... - Re-add NodeTLSProxyConfig struct to GatewayConfig (removed by upstream) - Re-create http_upstream_antigravity.go with proxy routing functions - Add proxy intercept hook in Do() for api.anthropic.com requests	2026-03-31 14:08:24 +08:00
win	d3d885cf75	fix: node-tls-proxy not receiving traffic due to viper BindEnv bug ... - Add explicit viper.BindEnv() for all gateway.node_tls_proxy.* keys to fix viper's AutomaticEnv+Unmarshal nested struct bug where env vars are silently ignored when config.yaml lacks the corresponding section - Sync proxy.js CLI_VERSION 2.1.84→2.1.87 and BUILD_TIME to match constants.go, eliminating API/telemetry version mismatch	2026-03-31 13:16:02 +08:00
win	860fc736bf	Merge branch 'codex/internal-sync-20260330'	2026-03-31 00:00:49 +08:00
win	0cda0e0b96	feat: add dockerized antigravity ls worker mode	2026-03-30 23:57:25 +08:00
win	8eb2bbcb20	feat: 从 main 分支迁移 Claude 指纹常量和实例级隔离配置 ... 将 main 分支的 Claude/Anthropic 相关逆向工作迁移到 codex 分支: - claude/constants.go: 添加 4 个新 Beta 常量 + 版本升级至 2.1.84/0.74.0 - config.go: 添加 InstanceSalt 和 FingerprintDefaultsConfig 配置 - identity_service: 版本升级 + instanceSalt 支持 + ApplyDefaultFingerprintOverrides - wire_gen.go: 初始化指纹覆盖 + 使用 NewIdentityServiceWithSalt Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 19:04:52 +08:00