win
2a4103298e
Merge remote-tracking branch 'origin/main'
...
# Conflicts:
# backend/cmd/server/wire_gen.go
2026-04-24 01:21:36 +08:00
win
21325afb33
feat(windsurf): 补全ops日志记录与endpoint派生,对齐其他平台
...
CI / test (push) Failing after 10s
CI / frontend (push) Failing after 8s
CI / golangci-lint (push) Failing after 5s
Security Scan / backend-security (push) Failing after 5s
Security Scan / frontend-security (push) Failing after 4s
- windsurf_gateway_service: 添加上游延迟/TTFT/错误上下文记录
- endpoint: DeriveUpstreamEndpoint 添加 PlatformWindsurf 分支
- ops_error_logger: guessPlatformFromPath 添加 /windsurf/ 识别
2026-04-23 20:46:27 +08:00
Wesley Liddick
827a4498e0
Merge pull request #1829 from ZHOUKAILIAN/feature/codex-oauth-proxy-message
...
fix: 明确 OpenAI OAuth 未配置代理时的错误提示
2026-04-23 16:55:04 +08:00
Wesley Liddick
8dbbd94299
Merge pull request #1836 from wucm667/fix/account-daily-weekly-quota-cache-invalidation
...
fix: 修复账户配额跨越时调度快照入队逻辑
2026-04-23 16:49:25 +08:00
james-6-23
dc5d42addc
feat(rpm): RPM 限流模块优化
...
P0:
- rpm_override 嵌入 Auth Cache Snapshot,消除每请求 DB 查询 (snapshot v6→v7)
- 429 RPM 响应返回 Retry-After 头(当前分钟剩余秒数)
P1:
- ClearAll 按钮直连 DELETE API,带 loading 防重复
- 新增 GET /admin/users/:id/rpm-status 管理员 RPM 用量查询端点
优化:
- checkRPM 从级联互斥改为并行取最严,user.rpm_limit 作为全局硬上限始终生效
- Override/Group 变更后自动失效 auth cache
- fail-open 语义不变,Redis 故障不阻塞业务
2026-04-23 16:34:37 +08:00
wucm667
bcf4aedcde
fix: 修复账户配额跨越时调度快照入队逻辑
2026-04-23 14:53:57 +08:00
wx-11
11cf23da7d
修改403逻辑: 先临时冷却,再根据连续次数决定是否判坏号
2026-04-23 12:58:13 +08:00
zhoukailian
2489ea3699
fix: clarify OpenAI OAuth proxy errors
2026-04-23 12:23:04 +08:00
win
ff7eab0392
Merge remote-tracking branch 'origin/main'
...
# Conflicts:
# backend/go.mod
# backend/go.sum
# backend/internal/repository/migrations_runner.go
2026-04-22 21:27:18 +08:00
shaw
45065c23d5
fix(ci): run 108a migration before 109 in backfill integration test
2026-04-22 18:36:44 +08:00
IanShaw027
9de7a72cce
fix(upgrade): close payment and oidc compatibility gaps
2026-04-22 18:01:51 +08:00
IanShaw027
ad4600964e
fix(ci): clean up lint and dead code
2026-04-22 16:38:36 +08:00
IanShaw027
36aed35957
fix(auth): harden oauth identity upgrade paths
2026-04-22 14:56:56 +08:00
IanShaw027
01a991f56f
fix(test): restore identity repo integration imports
2026-04-22 13:22:33 +08:00
IanShaw027
81c827ee51
fix(profile): stabilize identity binding management
2026-04-22 13:19:28 +08:00
IanShaw027
06136af805
fix(upgrade): preserve legacy auth and payment compatibility
2026-04-22 13:18:10 +08:00
IanShaw027
1ffebbb568
fix(migrations): keep auth identity and payment upgrades safe
2026-04-22 12:29:52 +08:00
IanShaw027
18481a100b
fix(migrations): defer online ddl follow-ups safely
2026-04-22 11:17:45 +08:00
IanShaw027
7fbd5177c2
fix(ci): make legacy migration cleanup resilient
2026-04-22 09:15:39 +08:00
IanShaw027
fdf72eb511
fix(ci): repair integration repository tests
2026-04-22 02:42:43 +08:00
IanShaw027
b13e34f831
fix(ci): align auth and payment verification tests
2026-04-22 02:32:53 +08:00
IanShaw027
525a320424
Fix user profile writes on postgres conflicts
2026-04-21 10:13:28 -07:00
IanShaw027
d4c0a99114
feat(auth): support unbinding third-party identities
2026-04-22 00:54:38 +08:00
IanShaw027
0d87f94cb7
Harden adoption decision reassignment
2026-04-21 09:53:15 -07:00
IanShaw027
da1d26001f
Merge branch 'main' into rebuild/auth-identity-foundation
2026-04-22 00:35:34 +08:00
IanShaw027
d5819181ea
feat(auth): reclaim stale identities and refresh profile UI
2026-04-21 07:49:40 -07:00
IanShaw027
d08757ce9e
refactor(admin): remove auth migration reports
2026-04-21 17:34:18 +08:00
IanShaw027
c624cce88e
fix: unblock auth identity compat backfill migration
2026-04-21 15:56:30 +08:00
IanShaw027
0a461d8248
fix: harden auth identity legacy migrations
2026-04-21 01:30:37 +08:00
IanShaw027
ea27ac6fd7
fix: unify email identity sync and retry first-bind defaults
2026-04-21 01:00:59 +08:00
IanShaw027
7a9488ff37
Add legacy identity safety remediation migration
2026-04-21 00:59:20 +08:00
IanShaw027
bf3ef2d19a
add admin user last used support
2026-04-21 00:22:17 +08:00
IanShaw027
beeab54ae3
Implement latest-used user repo queries
2026-04-21 00:17:48 +08:00
IanShaw027
5d58c7c6fb
Add auth identity legacy backfill and email sync
2026-04-21 00:13:40 +08:00
IanShaw027
31d0183d45
fix: normalize repository email lookups
2026-04-20 21:51:57 +08:00
IanShaw027
c6d8592484
feat: add profile auth identity binding flow
2026-04-20 18:28:44 +08:00
IanShaw027
e9de839d87
feat: rebuild auth identity foundation flow
2026-04-20 17:39:57 +08:00
erio
6579f28b64
fix: delete scheduled test plans when account is deleted
...
Accounts use soft-delete (setting deleted_at), so PostgreSQL's
ON DELETE CASCADE on scheduled_test_plans.account_id never fires.
Add plan deletion to the existing account deletion transaction
to ensure atomicity.
Closes Wei-Shaw/sub2api#1728
2026-04-19 20:38:57 +08:00
win
b6e1c64c25
chore: merge upstream v0.1.113, keep Antigravity customizations
CI / golangci-lint (push) Has been cancelled
CI / test (push) Has been cancelled
Security Scan / backend-security (push) Failing after 7s
Security Scan / frontend-security (push) Failing after 2s
2026-04-16 19:23:37 +08:00
win
435ae221bc
x
CI / test (push) Failing after 1m32s
CI / golangci-lint (push) Failing after 31s
Security Scan / backend-security (push) Failing after 1m32s
Security Scan / frontend-security (push) Failing after 9s
2026-04-16 19:11:47 +08:00
Wesley Liddick
e6e73b4f52
Merge pull request #1690 from KnowSky404/fix/ws-codex-scheduler-cache-1662
...
fix: preserve openai ws flags in scheduler cache
2026-04-16 17:21:32 +08:00
KnowSky404
3944b3d216
fix: preserve openai ws flags in scheduler cache
2026-04-16 02:01:50 +00:00
erio
db27e8f000
feat(usage): add account cost to breakdown sub-table and admin usage log
...
- UserBreakdownItem: add AccountCost field + SQL aggregation
- UserBreakdownSubTable: add orange account cost column
- Admin usage table: add account_cost column (after cost, default visible)
- Column settings: add account_cost toggle option
2026-04-15 15:40:40 +08:00
erio
22680dc602
test(usage): add unit tests for account_cost and fix gofmt
...
- Fix mock for GetModelStatsWithFilters: add account_cost column
- Add assertion: GetStatsWithFilters always returns TotalAccountCost
- New test: GetModelStatsAccountCostColumn verifies scan of AccountCost
- New test: GetGroupStatsAccountCostColumn verifies scan of AccountCost
- New test: GetStatsWithFiltersAlwaysReturnsAccountCost (no AccountID filter)
- Integration test: add TotalAccountCost/TodayAccountCost assertions
- Fix gofmt alignment in usage_log_types.go
2026-04-15 15:02:21 +08:00
erio
6ade6d30a8
feat(usage): add account cost display to admin dashboard and usage pages
...
- Add account_cost column to dashboard aggregation tables (migration 107)
- DashboardStats: add TotalAccountCost/TodayAccountCost fields
- ModelStat/GroupStat: add AccountCost field with SQL aggregation
- GetStatsWithFilters: always return TotalAccountCost (remove accountID filter)
- Dashboard Token cards: show user(green)/cost(orange)/standard(gray)
- Usage stats card: show account cost and standard below main value
- Model/Group distribution tables: add orange cost column
2026-04-15 15:02:21 +08:00
erio
58677dd53f
fix: merge 5 PR-related improvements
...
- gateway_handler: pass ParsedRequest to RecordUsage + set in gin.Context
- channel_handler: add FeaturesConfig to CRUD (WebSearch channel toggle)
- channel_repo: features_config JSONB persistence (Create/Get/Update/List)
- security_headers: add Stripe CSP domains (script-src + frame-src)
2026-04-14 18:34:57 +08:00
erio
6ac8ccde46
fix: merge 30 general improvements from release branch
...
Bug fixes:
- Detached context for GetAccountConcurrencyBatch (prevent all-zero on request cancel)
- Filter soft-deleted users in GetByGroupID
- Stripe CSP policy (allow Stripe.js in script-src and frame-src)
- WebSearch API key validation on save
- RECHARGING status in payment result success check
- Windows test fixes (logger Sync deadlock, config path escaping)
Feature enhancements:
- Webhook multi-instance dispatch (extractOutTradeNo + GetWebhookProvider)
- EasyPay mobile H5 payment (device param + PayURL2)
- SSE error propagation in WebSearch emulation
- AccountStatsCost DTO field for admin usage logs
- Plans sort by sort_order instead of created_at
- UsageMapHook for streaming response usage data
- apicompat Instructions field passthrough
- EffectiveLoadFactor for ops concurrency/metrics
- Usage billing RETURNING balance for notify system
- BulkUpdate mixed channel warning with details
- println to slog migration in auth cache
- Wire ProviderSet cleanup
- CI cache-dependency-path optimization
Frontend:
- Refund eligibility check per provider (canRequestRefund)
- Plan sort_order editing
- Dead code cleanup (simulate_claude_max, client_affinity)
- GroupsView platform switch guard
- channels features_config API type
- UsageView account_stats_cost export
2026-04-14 17:35:27 +08:00
erio
d6965b0676
fix: resolve cherry-pick conflicts and restore compilation
...
- Restore gateway_cache.go to upstream (no lua embeds)
- Restore payment_order.go to upstream (use out_trade_no lookup)
- Restore payment_fulfillment.go to upstream (same reason)
- Add FeaturesConfig field and IsWebSearchEmulationEnabled to Channel
- Add applyAccountStatsCost wrapper function
- Add SettingKeyWebSearchEmulationConfig constant
- Add WebSearchEmulationEnabled to SystemSettings
- Add notify code rate limiting methods to EmailCache interface
- Remove AllowUserRefund references (ent schema not present)
- Fix duplicate import in payment_handler.go
- Fix wire_gen.go argument mismatches
2026-04-14 10:18:39 +08:00
erio
0a4ece5f5b
fix: audit round-3 — proxy safety, intervals persistence, SMTP timeout, sort fix
...
- Skip websearch provider when ProxyID is set but proxy not found (prevent
silent direct connection bypass)
- Fix sortByStableRandomWeight: pair factors with items so sort.Slice swap
keeps weights aligned
- Allow empty platform in account_stats_pricing_rules (wildcard matching),
only force anthropic default for main model_pricing
- Add channel_account_stats_pricing_intervals table and repo layer support
for interval-based pricing in account stats rules
- calculateTokenStatsCost now uses interval pricing when available
- Replace smtp.SendMail/tls.Dial with net.Dialer timeout (10s dial, 20s IO)
to prevent goroutine leak on SMTP hang
- Fix gofmt formatting issues
- Web Search label: black text with red warning hint
2026-04-14 09:35:20 +08:00
erio
a9880ee7b9
fix: round-2 audit fixes — security, code quality, and UI improvements
...
Security (HIGH):
- Normalize all Redis cache keys to lowercase (verifyCode, passwordReset)
- Fix verify code TTL renewal on failed attempts: use remaining TTL via
ExpiresAt field instead of resetting to full 15-minute window
- Add 3 missing fields to diffSettings audit log (promo_code, invitation_code,
custom_endpoints)
Code quality (MEDIUM):
- Extract filterVerifiedEmails shared helper (balance_notify_service.go)
- Add Pricing array non-empty validation for channel pricing rules
- Add platform token semantics comment in gateway_service.go
- Complete validatePlanPatch test coverage (+10 test cases)
- Replace string types with QuotaThresholdType/QuotaResetMode across frontend
- Remove duplicate getPlatformTextColor/getRateBadgeClass in ChannelsView
- Return EMAIL_NOT_FOUND error on RemoveNotifyEmail miss
UI improvements:
- Reorder cost tooltip: user billing above separator, account billing below
- Add NaN guard to accountBilled function
- Move timezone selector inline into reset-mode row (no longer standalone)
2026-04-14 09:35:05 +08:00
