zfc/sub2api
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
3,588 Commits 3 Branches 0 Tags
Commit Graph

18 Commits

Author SHA1 Message Date
wucm667
44995404ef fix(docker): pin frontend builder pnpm to v9 
`corepack prepare pnpm@latest` now resolves to pnpm 11, which promotes
ERR_PNPM_IGNORED_BUILDS to a hard error and breaks the frontend stage of
`docker build`. Pin pnpm to v9 to match the CI workflow
(pnpm/action-setup version: 9) and keep image builds reproducible.

Fixes #2442
 2026-05-17 11:19:47 +08:00
shaw
33db04fb75 chore: 修复 CI 安全与 lint 检查 2026-05-08 14:42:20 +08:00
shaw
7060596a30 fix: bump Go from 1.26.1 to 1.26.2 to resolve 6 stdlib CVEs 
Fixes GO-2026-4947, GO-2026-4946, GO-2026-4870, GO-2026-4869,
GO-2026-4866, GO-2026-4865 in crypto/x509, crypto/tls, archive/tar,
and html/template.
 2026-04-08 16:17:15 +08:00
shaw
aa5846b282 fix(docker): resolve /app/data permission denied on volume mounts 
Docker named volumes and host bind-mounts may be owned by root,
causing "open data/model_pricing.sha256: permission denied" when
the container runs as the non-root sub2api user.

Add an entrypoint script that fixes /app/data ownership before
dropping to sub2api via su-exec. Replace USER directive with the
entrypoint approach across all three Dockerfiles and update both
GoReleaser configs to include the script in Docker build contexts.
 2026-03-16 19:52:14 +08:00
Rose Ding
53ad1645cf feat: 数据库定时备份与恢复(S3 兼容存储,支持 Cloudflare R2) 
新增管理员专属的数据库备份与恢复功能:
- 全量 PostgreSQL 备份(pg_dump),gzip 压缩后上传到 S3 兼容存储
- 支持手动备份和 cron 定时备份
- 支持从备份恢复(psql --single-transaction)
- 备份文件自动过期清理(默认 14 天)
- 前端完整管理页面(S3 配置、定时配置、备份列表、恢复/下载/删除)
- 内置 Cloudflare R2 配置教程弹窗
- Dockerfile 从 postgres 镜像多阶段复制 pg_dump/psql,确保版本一致

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 10:38:19 +08:00
shaw
0c9ba9e86c fix(security): upgrade Go 1.25.7 to 1.26.1 to resolve 4 stdlib vulnerabilities 
GO-2026-4602 (os), GO-2026-4601 (net/url), GO-2026-4600 and
GO-2026-4599 (crypto/x509). The crypto/x509 fixes are only
available in go1.26.1+, not backported to go1.25.x.
 2026-03-07 08:45:55 +08:00
yangjianbo
bb664d9bbf feat(sync): full code sync from release 2026-02-28 15:01:20 +08:00
yangjianbo
372e04f69a fix(docker): 默认从cmd/server/VERSION读取版本号 2026-02-14 23:28:33 +08:00
yangjianbo
e2107ce45e fix(build): Docker 构建注入版本号并同步 aicodex 镜像脚本 2026-02-14 21:16:21 +08:00
yangjianbo
98f793155f build(工具链): 升级 Go 到 1.25.7 2026-02-06 07:41:23 +08:00
shaw
6599b366dc fix: 升级Go版本至1.25.6修复标准库安全漏洞 
修复GO-2026-4341和GO-2026-4340两个标准库漏洞
 2026-01-30 08:53:53 +08:00
yangjianbo
3f0017d1f1 fix(安全): 修复依赖漏洞并强化安全扫描 
主要改动:
- 固定 Go 1.25.5 与 CI 校验并更新扫描流程
- 升级 quic-go、x/crypto、req 等依赖并通过 govulncheck
- 强化 JWT 校验、TLS 配置与 xlsx 动态加载
- 新增审计豁免清单与校验脚本
 2026-01-06 11:36:38 +08:00
Jiahao Luo
0f79c3cc0e fix(docker): 修复 Dockerfile npm 构建错误并优化测试配置 
- 修复 Dockerfile 使用 pnpm 替代 npm ci(适配 pnpm 迁移)
- 为 docker-compose-test.yml 添加自动构建配置
- 更新测试配置文档说明一键构建命令

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-05 11:10:31 +08:00
yangjianbo
a792f32d5b feat: 优化dockerfile文件 2025-12-29 16:59:07 +08:00
yangjianbo
89b1b744f2 fix(构建): 支持配置基础镜像仓库 
允许通过构建参数/脚本选项切换基础镜像来源,避免镜像源 403 影响构建
 2025-12-29 12:00:33 +08:00
yangjianbo
3a8dbf5a99 feat: 
golang 1.24-> 1.25
node 20 -> node 24
具体提升请查看官方文档
 2025-12-27 10:57:53 +08:00
shaw
e6add93ae3 fix(build): add -tags embed to ensure frontend is embedded 
- Add -tags=embed flag to GoReleaser builds
- Add -tags embed flag to Dockerfile builds
- Fix Dockerfile COPY order to prevent frontend dist being overwritten
- Update README build instructions with embed tag explanation
 2025-12-20 19:13:26 +08:00
shaw
642842c29e First commit 2025-12-18 13:50:39 +08:00