246 Commits

Author	SHA1	Message	Date
win	a420179abb	chore: merge upstream Wei-Shaw/sub2api v0.1.133	2026-05-29 17:48:27 +08:00
wucm667	c9caadb378	fix(account): address second-round review on quota auto-pause ... - TopK initial filter now drops quota-paused accounts: fold the quota check into isAccountRequestCompatible so session-hash, TopK pool, and per-candidate rechecks all skip paused accounts. Previously the candidate pool was built without the quota check, so paused accounts could fill TopK and leave the scheduler returning "no available accounts" even with healthy ones available. - Add per-account explicit disable flags auto_pause_5h_disabled / auto_pause_7d_disabled with toggles in EditAccountModal. Without these, leaving the account threshold blank silently falls back to the global default, so admins could not exempt a single account once a global default existed. Disable is per-window: an account can opt out of 5h auto-pause while still honoring 7d. Schedule snapshot whitelist includes the new fields, i18n EN/ZH updated, threshold-hint text revised to explain "blank = global default". - Move quota auto-pause settings off the request hot path: replace the per-repo TTL+singleflight sync DB read with a per-SettingService stale-while-revalidate in-memory snapshot. Get is non-blocking (atomic.Pointer load + async refresh on staleness); writes via UpdateOpsAdvancedSettings push directly into the cache through an injected sink; wire warms the cache at startup. Adds Warm (sync) for tests/init and SetOpenAIQuotaAutoPauseSettings (sink target). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-29 14:32:45 +08:00
win	f519a02ec9	chore: merge upstream Wei-Shaw/sub2api v0.1.132 ... Conflicts resolved (preserving fork customizations): - config.go: keep NodeTLSProxy + add upstream OpenAIHTTP2 - gateway_service.go: NewGatewayService now takes both rpmTokenBucketSvc (local) and userPlatformQuotaRepo (upstream) - wire_gen.go: wire both new args into the call site - http_upstream.go: drop redundant settings re-assignment; keep proxy URL log redaction - http_upstream_test.go: adopt upstream's explicit-0-disables semantics; keep 600s default constant in nil-cfg fallback test - user_handler_test.go / gateway_record_usage_test.go: pick up new userPlatformQuotaRepo nil parameter Also updated test stubs (windsurf_google_login_test.go, windsurf_tier_access_service_test.go, gateway_models_test.go) for new SetModelRateLimit variadic signature and the extra NewGatewayService arg. Upstream highlights: OpenAI embeddings gateway, user x platform USD quota, content-moderation risk thresholds, OAuth 401 credentials no-overwrite fix, HTTP/2 OpenAI upstream config, pool retry status code configurability, long-context cache pricing multipliers.	2026-05-29 07:21:32 +08:00
DaydreamCoding	6b39b344d8	feat(quota): 用户 × 平台 USD 配额 ... 为用户在 anthropic/openai/gemini/antigravity 四个平台上提供日/周/月 三个窗口的 USD 配额管控。配额语义：未设置=不限制，0=禁用，>0=美元上限。 两层模型： - 配置层：系统默认配额，以及 email/linuxdo/oidc/wechat/github/google/ dingtalk 七个鉴权来源的默认配额，存于 settings，以嵌套 JSON 整体读写 （系统 1 个 key + 每个来源 1 个 key），整体替换语义。 - 运行时层：user_platform_quota 表按用户记录实际配额，与配置层解耦。 后端：新增 ent schema 与 140_user_platform_quotas.sql 迁移、repository 与 service 端口、计费链路集成、管理端与用户端读写接口。 前端：管理端设置页配额编辑、用户配额管理 Modal、用户 Dashboard 展示、 中英文案。 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-26 10:49:20 +08:00
win	e938be5f3f	chore: merge upstream Wei-Shaw/sub2api latest (v0.1.130+) ... Upstream features: bedrock CC compat, email whitelist wildcard, content moderation per-model toggle, redeem code batch update, OIDC verified-email fast path, subscription expiry email, cache hit rate fix, audit dedup, js-cookie security fix, x/net vulnerability fix, OpenAI account cooldown optimization, reverse proxy client IP fix, API key ACL trusted forwarded IP. Local additions preserved: rpmTokenBucketService, quotaFactor scoring, P2C scheduler selection.	2026-05-24 15:54:54 +08:00
shaw	1e406fed52	fix: optimize OpenAI account cooldown scheduling	2026-05-23 10:18:43 +08:00
shaw	a613a587ba	feat: add subscription expiry email toggle	2026-05-21 14:27:50 +08:00
win	82bc1e199f	chore: remove unused real-time log stream / request event bus ... 删除 fork 独有的实时日志相关功能（上游 Wei-Shaw/sub2api 不存在）： A. OpsLogBroadcaster + SSE 日志流（前端有用但用户不需要）: - backend/internal/service/ops_log_broadcaster{,_test}.go - backend/internal/handler/ops_log_stream_middleware.go - backend/internal/handler/admin/ops_log_stream_handler.go - backend/internal/server/routes/admin.go: GET /admin/ops/logs/{stream,recent} - backend/internal/server/routes/{gateway,windsurf_gateway}.go: opsLogStream middleware - backend/internal/service/wire.go: ProvideOpsLogBroadcaster - frontend/src/views/admin/ops/OpsLogStreamView.vue - frontend/src/api/admin/ops.ts: subscribeOpsLogStream, getRecentOpsLogs, OpsLogEntry/OpsLogFilter/OpsLogRecentResponse 类型 - frontend/src/router/index.ts: AdminOpsLogStream 路由 - frontend/src/components/layout/AppSidebar.vue: 侧边栏入口 - frontend/src/i18n/locales/{en,zh}.ts: nav.opsLogStream + admin.ops.logStream 全部文案 B. RequestEventBus + WS 请求事件流（前端零调用 dead code）: - backend/internal/service/request_event_bus{,_test}.go - backend/internal/handler/admin/ops_ws_requests_handler.go - backend/internal/server/routes/admin.go: GET /admin/ops/ws/requests - backend/internal/handler/gateway_handler.go: RequestEventBus 字段/参数 + reqStartTime + reqEventAccountID/reqEventStatus 跟踪 + defer Publish - backend/internal/service/wire.go: NewRequestEventBus - backend/internal/handler/admin/ops_handler.go: OpsHandler 中 requestEventBus + logBroadcaster 字段,简化 NewOpsHandler 签名 保留: - /admin/ops/ws/qps (前端 QPS 监控仍在用) - /admin/ops/realtime-traffic (前端在用) - OpsErrorLoggerMiddleware (与本次无关) 签名变更: - NewOpsHandler(opsService) — 移除 requestEventBus, logBroadcaster - NewGatewayHandler(...): 移除 requestEventBus 末位参数 - ProvideRouter / SetupRouter / registerRoutes / RegisterGatewayRoutes / RegisterWindsurfGatewayRoutes: 移除 opsLogBroadcaster 参数 - 同步更新 wire_gen.go + 测试调用点 验证: - 后端 go build/vet 通过 - 前端 pnpm run build 通过 (9.48s) - 测试: 2 个 baseline 既存失败 (TestProxyImportData..., TestWindsurfTierAccessService_Snapshot_HappyPath) 与本次无关	2026-05-20 22:43:20 +08:00
win	92433656f5	chore: merge upstream Wei-Shaw/sub2api v0.1.128 — keep fork customizations ... Upstream 新功能 (34 commits, ~main..origin/main): - feat(email): 通知邮件模板服务、模板编辑器、订阅/余额提醒邮件 - feat(notification): NotificationEmailService 注入到 Balance/Payment/Setting - feat(payment): 支付成功通知邮件 - feat(usage): 用户 API Key 用量页支持按日明细 - feat(openai-gateway): Codex OAuth 浏览器 UA 自动改写规避 Cloudflare 质询 - feat(admin): 邮件模板管理接口 - fix(auth): 停用/删除分组后阻断 API Key - fix(group): 修正分组账号可用计数口径 - fix(openai): /v1/responses respect force chat completions, images n 参数透传 - test(repository): AES Encryptor 单元测试 - chore: VERSION 0.1.128 冲突解决 (backend/cmd/server/wire_gen.go): - 引入 upstream 新 wire providers: notificationEmailService, ProvidePaymentService(10 args), ProvideAdminSettingHandler(8 args) - 保留 fork 独有依赖: rpmTokenBucketService (RPM 平滑), NewOpsHandler 3 参数版本 (requestEventBus, opsLogBroadcaster) - ProvideBalanceNotifyService 接受 4 参数 (含 notificationEmailService) 修复 session-id helper 设计 (claude_code_session_id.go): - 发现: TestGatewayService_AnthropicOAuth_InjectsClaudeCodeSessionHeaderFromMetadata 在 OAuth + mimicClaudeCode=false 场景失败 - 重新审视设计原则: OAuth 凭证本身就是 Claude Code 客户端,可信任 metadata 派生 session_id;不应受 mimicClaudeCode 标志阻止 - 修复: metadata 派生只看 tokenType=="oauth";UUID 兜底仍需 oauth && mimic - 更新测试: OAuthNonMimicDerivesFromMetadata 取代原 IgnoresMetadata 所有 fork 独有功能保留: - Claude Code 2.1.145 mimicry bundle (上个 commit 引入) - RPM token bucket smoothing (commit 95814974) - Windsurf/Antigravity/Omniroute 定制 - claudemask/ 校验包 (upstream 已删除,我们仍在 gateway_service 中使用) 不在范围: - 不修复 baseline 既存的 2 个测试失败 (TestProxyImportData..., TestWindsurfTierAccessService_Snapshot_HappyPath) - 与 merge 无关	2026-05-20 17:50:44 +08:00
Wesley Liddick	378a0a6a61	Merge pull request #2599 from Arron196/feature/email-template-editor ... feat: 添加邮件模板编辑器与通知邮件模板化	2026-05-20 15:12:57 +08:00
win	158785bfc9	chore: merge upstream v0.1.127 — keep omniroute customizations ... Upstream highlights: - v0.1.127 release (150 commits): channel-monitor 协议管理、OpenAI Responses 路由配置、模型定价 LiteLLM 默认、payment 强制扫码、 钉钉 OAuth、用户用量按平台拆分、Ops 错误分类 SLA 调整、 Anthropic passthrough keepalive、Gemini chat completions 路由 ... - 91da8159 feat(risk-control): 内容审计新增关键词拦截 - 3d22dd34 feat: gemini-3.5-flash 模型支持 Conflicts resolved: - Dockerfile: keep pnpm pin to 9.15.9 (upstream pinned generic v9 floating). - wire_gen.go: combine upstream NewSettingHandler(+userAttributeService) with local NewOpsHandler(opsService, requestEventBus, opsLogBroadcaster). Verified by re-running wire generate. - scheduler_cache.go: keep both upstream openai_responses_{mode,supported} keys and local model_rate_limits key in filterSchedulerExtra(). - gateway_service.go: keep local context-compression block; drop now-dead setOpsUpstreamRequestBody call (upstream removed ops retry replay). - docker-compose.yml: keep local windsurf-ls service profile and named volumes; keep local healthcheck start_period values. Test mock signatures bumped to match current constructors: - gateway_models_test.go: add nil for RPMTokenBucketService. - account_handler_available_models_test.go: add nil for windsurfChatService.	2026-05-20 12:39:40 +08:00
benjamin	8cef9a7ab1	chore(wire): 注入通知邮件服务 ... Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent) Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>	2026-05-20 11:09:18 +08:00
wucm667	92ad68a314	feat(channels): 模型定价支持一键同步最新模型 ... 从 LiteLLM 定价目录中读取指定平台的最新模型列表， 将尚未录入的模型以新定价条目（价格留空）的形式追加， 管理员只需点击同步最新模型按钮即可完成操作。 - backend/service: PricingService 新增 ListModelNamesByProvider - backend/handler: ChannelHandler 新增 SyncPricingModels (GET /api/v1/admin/channels/pricing/sync-models) - backend/routes: 注册新路由（在 /:id 通配符之前） - backend/wire_gen: 手动更新 NewChannelHandler 调用 - frontend/api: channels.ts 新增 syncPricingModels - frontend/i18n: zh.ts / en.ts 新增 5 个 key - frontend/view: ChannelsView 定价区域标题行新增「同步最新模型」按钮 - tests: pricing_service_test + channel_handler_test 新增单元测试	2026-05-19 20:32:32 +08:00
DaydreamCoding	b19da9c7fe	feat(dingtalk): 钉钉 OAuth 登录接入与 internal_only 用户属性同步 ... ⚠️ 应用类型约束：当前实现仅支持「钉钉登录-企业内部应用」（DingTalk 开放平台 internal_app 类型）。第三方个人应用、第三方企业应用类型暂不支持——OAuth 流程 相同但 corp 校验、跨企业行为不同。backend 通过 DingTalkAppKind 校验对非 internal_app 类型 fail-closed（硬约束）。 钉钉 OAuth 登录主链 - 4 步 OAuth 链：ExchangeCodeForUserToken / GetUnionIdByUserToken / GetUserIdByUnionId / GetStaffInfoByUserId；app token 缓存 - pending session 机制持久化 OAuth 中间态；cookie-only token 持久化 - 三种分流：bind_login_required / email_completion / choose_account_action - corp_restriction_policy 支持 none + internal_only；stale "whitelist" 在 加载层与写入层均静默 coerce 为 none + slog.Warn - bypass_registration 开关：企业内部模式豁免全局 REGISTRATION_DISABLED - isReservedEmail / signup_source / canUnbindProvider / OAuth pending flow 等横切点支持 dingtalk provider - migration 136：4 表 CHECK 约束加入 'dingtalk' provider 值 internal_only 模式同步企业邮箱/姓名/部门到用户属性 - SyncCorpEmail / SyncDisplayName / SyncDept 三个独立开关 + 对应 SyncXxxAttrKey 目标属性 key（默认 dingtalk_email / dingtalk_name / dingtalk_department）；非 internal_only policy 在写入层与加载层均 coerce 为 false，admin handler 与 setting_service 双层兜底 - 同步语义：首次注册写 users.username（昵称优先 → 企业姓名 fallback）， 之后每次登录刷新 3 个属性；空值也写入以覆盖旧值 - 邮箱三级 fallback：org_email > email > extension["企业邮箱"] （钉钉自定义字段 JSON） - 部门路径递归向上拼接，跳过 dept_id=1 选首个真实子部门，剥离根组织名 - GetUnionIdByUserToken 同时返回 OIDC /contact/users/me 的 nick 字段； 新增 GetDeptInfo 调用 OAPI /topapi/v2/department/get - AuthHandler 注入 UserAttributeService；OAuth pending flow 在 createPendingOAuthAccount / bindPendingOAuthLogin 分别派发到 AfterRegistration（syncUsername=true）/ AfterLogin - migration 137 seed dingtalk_email/name/department 三个用户属性定义 附带修复（同集成路径暴露的两个 OAuth 注册回归） - LoginOrRegisterOAuthWithTokenPair 新建用户分支用 inferLegacySignupSource 覆写 caller 显式传入的 signupSource，导致 dingtalk/linuxdo/oidc/wechat 渠道授权按 email 渠道读取；改为只在 caller 未显式传入时回退邮箱推断 - mergeProviderDefaultGrantSettings 把 parse fallback 默认值 (Concurrency=5 / Balance=0) 当作"未配置"哨兵，admin 显式设 5 时被误判 退回全局默认（复现：全局默认 1 + 渠道默认并发 5 + grant_on_signup → 新 用户实际 concurrency=1）；去掉哨兵，admin 任何 >=0 值都覆盖 globalDefaults 前端 - DingTalk Login / Callback / EmailCompletion / ChoiceAccount / Error 视图；router + auth API client - admin SettingsView：corp policy radio（none / internal_only）+ bypass 注册开关 + i18n；internal_only 下展示三同步开关 + 目标 attr key 下拉 （拉取 user attribute definitions），展示 fieldEmail / qyapi_get_department_list 钉钉权限申请提示 - Profile：S1 主动绑定 / S5 解绑钉钉按钮 + 合成邮箱防自锁 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-19 15:27:47 +08:00
win	8d0ef3d2ef	chore: antigravity 瘦身，删除边缘文件保留核心	2026-05-12 12:19:22 +08:00
win	7347dfffc1	chore: merge upstream v0.1.124-125, keep Windsurf/Antigravity customizations ... Upstream changes: - feat: 邮箱 + GitHub + Google OAuth 快捷登录 - feat: Codex image bridge 开关 - feat: 内容审核 (content moderation) — 新增 contentModerationService/Handler - feat: redeem code 返利、批量并发 API、markdown 页面渲染 - feat: 登录注册条款确认 - fix(security): pages API 加 JWT + 可见性校验 - fix: 修复 markdown 页面图片路径 - fix(gateway): 不再默认注入 redact thinking beta - fix: 稳定 anthropic passthrough 超时错误 - chore: VERSION 升到 0.1.125 + golang:1.26.3-alpine Conflict resolutions: - Dockerfile/backend/Dockerfile: 取 upstream golang:1.26.3-alpine - backend/go.mod: 取 upstream term v0.42.0，保留定制 protobuf v1.36.10 - frontend/src/api/admin/index.ts: 并集 (windsurf + riskControl) - backend/cmd/server/wire_gen.go: 接 upstream contentModeration*，保留 windsurfHandler/windsurfGatewayService/billingCacheService/requestEventBus；并通过 wire 重生成 - frontend/src/views/admin/AccountsView.vue: 采用 upstream 双层布局 + OpenAI Meta，保留 is_enterprise prop 和 Windsurf tier badge Note: - WIP commit (de048fad) preserved Windsurf tier access service / NLU extractor / ops log stream / Google OAuth login modal et al before merge. - 3 pre-existing go vet issues in test files (NewOpsHandler, RegisterGatewayRoutes, DefaultCLIProductVersion) are unrelated to this merge — leftover from local customization refactors; production code (go build ./...) passes.	2026-05-09 01:42:39 +08:00
win	de048fad25	chore(wip): save Windsurf/Antigravity/ops customizations before upstream merge ... WIP commit保存以下定制工作以便后续合并 upstream v0.1.124-125: - Windsurf: tier access service, NLU extractor, cold threshold, Google login - Antigravity: client/oauth 调整 - Ops: log stream handler/broadcaster/middleware, OpsLogStreamView - Frontend: WindsurfLoginModal Google, GoogleIcon, AccountsView, sidebar/router/i18n	2026-05-09 00:41:19 +08:00
Wesley Liddick	d52da45363	Merge pull request #2202 from Michael-Jetson/main ... 新增三大功能：兑换码邀请返利、批量修改用户并发数、Markdown页面渲染	2026-05-07 09:35:14 +08:00
shaw	fff4a300c6	feat(risk-control): add content moderation audit	2026-05-07 09:14:47 +08:00
win	3fe228d143	chore: merge upstream v0.1.122-123, keep Windsurf/Antigravity customizations ... New upstream features: - feat: improve OpenAI messages compatibility for Claude Code - feat: image generation stream & concurrency controls - fix(rate-limit): remove 429 cooldown config option - fix: skip previous_response_id recovery when payload has function_call_output - feat: support select search in group/account views - fix: ops cleanup settings - chore: remove openspec and update axios Conflict resolutions: - config.go: kept AntigravityLSWorker+NodeTLSProxy AND added ImageConcurrency - account_test_service.go: kept windsurf import AND added openai_compat import - docker-compose.yml: kept Windsurf env vars AND added image concurrency env vars	2026-05-06 11:50:54 +08:00
Michael-Jetson	4cbd4932a0	feat: add redeem code affiliate rebate, batch concurrency API, and markdown page rendering ... 1. Redeem code affiliate rebate: balance-type redeem codes now trigger invite rebate for the inviter. Payment fulfillment uses context key to prevent double-rebate. 2. Batch concurrency update: new POST /admin/users/batch-concurrency endpoint supporting mode=set/add with all=true for all users. 3. Markdown page rendering: new GET /api/v1/pages/:slug API serves local .md files. Custom menu items with url="md:slug" render markdown with collapsible TOC sidebar, scroll spy, and copy buttons on code blocks. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-05 06:44:37 -07:00
erio	c4598aa9b6	fix(ops-cleanup): 让 UI 数据保留策略真正生效 ... UI 上 admin 改的数据保留策略（cron + retention 天数）此前只写入 settings 表的 ops_advanced_settings.data_retention，但 OpsCleanupService 启动时只读 cfg.Ops.Cleanup（config.yaml / 环境变量），从未读取 settings 表，导致 UI 配置 完全不生效——cron 实际仍按默认 0 2 * * * 每日跑、retention 30 天。 改动： - OpsCleanupService 增加 settingRepo 依赖，新增 effective 配置 + Reload 方法。 Start/Reload 时从 settings.ops_advanced_settings.data_retention 覆盖 cfg.Ops.Cleanup（Enabled、Schedule、*RetentionDays），无 settings 时整体 fallback 到 cfg。runScheduled 顶部刷新一次 effective，让 retention 改动当次 即生效（schedule/enabled 改动需要 Reload 才换 cron）。 - 用 mu + started/stopped 替换 startOnce/stopOnce 以支持 Reload 重建 cron。 - OpsService 增加 CleanupReloader 接口与 SetCleanupReloader setter； UpdateOpsAdvancedSettings 写入后调用 Reload。 - wire 通过 setter 注入 cleanup hook，避免构造期循环依赖。 - 新增单测覆盖 overlay 五种情形 + Update 触发 Reload。	2026-05-04 12:43:15 +08:00
win	c5eb305f7f	chore: merge upstream v0.1.119-121, keep Windsurf/Antigravity customizations ... Upstream changes merged: - fix(scheduler): resolve SetSnapshot race conditions with Lua CAS script - fix: improve sticky session scheduling (debug logs + layer 1.5 checks) - feat: Anthropic cache TTL injection toggle - fix(gateway): stream EOF failover + sanitize stream errors - feat(httputil): zstd/gzip/deflate request decompression + bomb guard - feat(openai): OpenAI Fast/Flex Policy (HTTP + WebSocket + Admin) - feat(vertex): Vertex Service Account support - feat: account bulk edit scope and compact settings - feat(affiliate): rebate freeze migration - fix(openai): various fixes (passthrough fields, compact payload, etc.) Conflict resolutions: - domain/constants.go: keep both AccountTypeWindsurfSession + AccountTypeServiceAccount - scheduler_cache_unit_test.go: keep both test functions - gateway_service.go: remove dead code (claudeCodeUserAgentRe, isClaudeCodeRequest) - wire_gen.go: keep Windsurf service chain + add upstream claudeTokenProvider param - frontend/src/types/index.ts: keep windsurf + service_account types - frontend CreateAccountModal.vue: keep Windsurf login + Vertex service_account blocks - frontend PlatformTypeBadge.vue: keep both Session + Vertex cases - account_test_service.go: fix createTestPayload call to pass empty prompt arg	2026-05-02 16:52:21 +08:00
Wesley Liddick	17ced6b73a	Merge pull request #2027 from hansnow/codex/fix-api-key-rate-limit-reset ... fix(api-key): reset rate limit usage cache	2026-04-29 21:27:52 +08:00
Wesley Liddick	63ef23108c	Merge pull request #1977 from sholiverlee/vertex ... feat: 支持 Vertex Service Account（Anthropic / Gemini）	2026-04-29 15:48:26 +08:00
win	fdd2d08a4d	feat: merge feat/omniroute-ideas — P2C scheduler, quota scoring, tier fallback	2026-04-29 15:42:37 +08:00
win	0a3666ef24	x	2026-04-29 10:32:36 +08:00
win	d1e2d39c26	feat(viewer): add real-time request stream WebSocket endpoint ... Adds GET /api/v1/admin/ops/ws/requests — a fan-out WebSocket that pushes per-request metadata (method, path, model, account_id, status, latency_ms) to all connected admin clients the moment each gateway dispatch completes. - service/request_event_bus.go: lock-free pub/sub with non-blocking drop when per-subscriber buffer (64 slots) is full; nil-safe Publish - service/request_event_bus_test.go: 6 tests (basic, fanout, drop, nil, close) - GatewayHandler: records reqStartTime at entry; defer emits RequestEvent on every return; sets status success/error/rate_limited in both Gemini and Anthropic dispatch paths - OpsHandler: accepts *RequestEventBus; wires it to RequestStreamWSHandler - ops_ws_requests_handler.go: subscribes to bus, pushes JSON per event, reuses existing upgrader/conn-limit/ping-pong infrastructure - Route: ws.GET("/requests", ...) alongside existing /ws/qps - wire_gen.go: requestEventBus shared between OpsHandler and GatewayHandler	2026-04-29 01:48:15 +08:00
win	95814974de	feat(rpm): add token bucket smoothing for RPM rate limiting ... - New RPMTokenBucketService: per-account continuous-refill token buckets (rate = rpm/60 tokens/sec, capacity = rpm). No new dependencies. - GatewayService.AcquireRPMToken() delegates to the bucket service. - Gateway handler inserts RPM token wait BEFORE wrapReleaseOnDone in both Gemini and Anthropic dispatch paths; timeout returns 429 and releases slot. - Config: gateway.rpm_smoothing.enabled (default false) + max_wait_ms (default 5000). - 7 unit tests covering: immediate acquire, zero RPM, timeout, wait+refill, context cancel, account isolation, bucket reset on RPM change.	2026-04-29 01:22:54 +08:00
win	110902ad4b	feat(health): split liveness and readiness probes ... Add HealthService with Liveness (no-op) and Readiness (DB+Redis ping with per-component timeout) checks. Expose three endpoints: - /healthz : new liveness endpoint, zero-dependency, always 200 - /ready : new readiness endpoint, returns 503 with details on dep failure; suitable for K8s readinessProbe and load balancers - /health : preserved for backward compatibility, equivalent to /healthz Switch primary docker-compose healthcheck to /ready so the container is only marked healthy once DB+Redis are reachable. Standalone/dev/ local compose files keep /health to avoid disrupting existing setups. Tests: unit tests cover liveness, readiness with both deps healthy, each dep failing independently, and per-component timeout enforcement.	2026-04-28 23:39:50 +08:00
DaydreamCoding	30f55a1f72	feat(openai): OpenAI Fast/Flex Policy 完整实现（HTTP + WebSocket + Admin） ... 对称参照 Claude BetaPolicy 的 fast-mode 过滤实现，新增针对 OpenAI 上游 service_tier 字段（priority / flex，含客户端 "fast" → "priority" 归一化）的 pass / filter / block 三态策略，覆盖全部 OpenAI 入口 + admin 配置入口。 后端核心 - 新增 SettingKeyOpenAIFastPolicySettings、OpenAIFastPolicyRule、 OpenAIFastPolicySettings 配置模型，含规则的 service_tier × action × scope × 模型白名单 × fallback action 维度。 - SettingService.Get/SetOpenAIFastPolicySettings；缺失时返回内置默认策略 （所有模型的 priority 走 filter，whitelist 为空，fallback=pass）。设计 依据：service_tier=fast 是用户级开关，与 model 字段正交，默认锁定特定 model slug 会留下"用 gpt-4 + fast 透传 priority 上游"的绕过路径。JSON 解析失败不再静默 fallback，slog.Warn 记录脏数据，便于运维定位。 - service_tier 归一化（trim + ToLower + fast→priority + 白名单 priority/flex） 与策略评估（evaluateOpenAIFastPolicy）作为唯一真实来源，HTTP / WS 共用。 抽出纯函数 evaluateOpenAIFastPolicyWithSettings，配合 ctx-bound settings 快照（withOpenAIFastPolicyContext / openAIFastPolicySettingsFromContext）， WS 长会话入口预取一次后所有帧复用，避免每帧打到 settingService。 HTTP 入口（4 个） - Chat Completions、Anthropic 兼容（Messages，含 BetaFastMode→priority 二次 命中）、原生 Responses、Passthrough Responses 全部接入 applyOpenAIFastPolicyToBody，filter 走 sjson 顶层删除 service_tier，block 返回 403 forbidden_error JSON。 - 4 入口统一使用 upstream 视角的 model（GetMappedModel + normalizeOpenAIModelForUpstream + Codex OAuth normalize 后的 slug）， 避免 chat/messages/native /responses/passthrough 因为 model 维度不同 造成 whitelist 命中差异。 - 在 pass 路径也把客户端 "fast" 别名归一化为 "priority" 写回 body， 否则 native /responses 与 passthrough 入口会把 "fast" 原样透传给上游 导致 400/拒绝（chat-completions 入口的 normalizeResponsesBodyServiceTier 此前已具备同等行为）。 WebSocket 入口 - 新增 applyOpenAIFastPolicyToWSResponseCreate：严格匹配 type="response.create"，仅处理顶层 service_tier；filter 用 sjson 删字段， block 返回 typed *OpenAIFastBlockedError。 - ingress 路径在 parseClientPayload 内调用，block 命中先 Write Realtime 风格 error event 再返回 OpenAIWSClientCloseError(StatusPolicyViolation =1008)，依赖底层 WebSocket Conn.Write 的同步 flush 保证 error 先于 close。 - passthrough 路径在 RunEntry 前对 firstClientMessage 应用策略，并通过 openAIWSPolicyEnforcingFrameConn 包装 ReadFrame 对每个 client→upstream 帧执行策略；后续帧无 model 字段时回退到 capturedSessionModel。 filter 闭包内同时侦测 session.update / session.created 帧的 session.model 字段刷新 capturedSessionModel，封堵"首帧 model=gpt-4o（pass）→ session.update 改为 gpt-5.5 → 不带 model 的 response.create fallback 到 gpt-4o"的 mid-session 绕过路径。 - passthrough billing：requestServiceTier 在策略 filter 之后再从 firstClientMessage 提取，filter 命中时 OpenAIForwardResult.ServiceTier 上报 nil（default tier），与 HTTP 入口（reqBody 来自 post-filter map） / WS ingress（payload 来自 post-filter bytes）的语义一致。 - 错误事件 schema：{event_id: "evt_<32hex>", type: "error", error: {type: "forbidden_error", code: "policy_violation", message}}， 与 OpenAI codex 客户端 error event 解析兼容。 Admin / Frontend - dto.SystemSettings / UpdateSettingsRequest 新增 openai_fast_policy_settings 字段（omitempty），bulk GET/PUT 接入。 - Settings 页 Gateway 页签新增 Fast/Flex Policy 表单卡片： service_tier × action × scope × 模型白名单 × fallback action 全字段配置。 - 前端守门：openaiFastPolicyLoaded 标志仅在 GET 真带回字段时才允许回写， 避免 rollout/错误把默认规则覆盖成空；saveSettings 回写循环 skip 该字段， 由专用刷新逻辑处理；仅 action=block 时发送 error_message，匹配后端 omitempty 行为。 测试 - HTTP 路径：openai_fast_policy_test.go 覆盖默认配置（whitelist=[]，所有 模型 priority filter）/ block 自定义错误 / scope 区分 / filter 删字段 / block 不改 body / block 短路上游 / Anthropic BetaFastMode 触发 OpenAI fast policy 等场景。 - WebSocket 路径：openai_fast_policy_ws_test.go 覆盖 helper 单元（filter / fast→priority 归一化 / flex 透传 / block typed error / 无 service_tier 字节不变 / 非 response.create 帧不动 / 空 type 帧不动 / event_id+code 字段断言 / 非字符串 service_tier 容错）+ pass 路径 fast 别名归一化回归 + ingress 端到端（filter 后上游不含 service_tier / block 后客户端先收 error event 再收 close 1008 且上游 0 写）+ passthrough capturedSessionModel fallback 用例（whitelist 策略下首帧 建立、缺 model 命中 fallback、缺少 fallback 时的 leak 文档化）+ passthrough session.update / session.created 旋转 capturedSessionModel 的 mid-session 绕过回归 + passthrough billing post-filter ServiceTier 与 idempotent filter 回归。 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-28 11:15:09 +08:00
win	9da079a5ee	x	2026-04-27 19:01:41 +08:00
hansnow	53f919f8f0	fix(api-key): reset rate limit usage cache	2026-04-27 16:47:44 +08:00
Oliver	6d11f9ed77	Add Vertex service account support	2026-04-25 20:39:58 -04:00
win	898a65314c	chore: 删除 Antigravity 订制代码，回退至上游 v0.1.118 ... - 删除自定义文件：gateway_attribution, gateway_claude_runtime_headers, identity_service_antigravity, language_server_service, lsrpc_handler, antigravity_http handler/routes, 所有 antigravity 专项测试 - 将 antigravity pkg/service 文件回退至上游版本（移除 IsEnterprise、 claude_code_tool_map、dynamic fingerprint 等定制逻辑） - 修复 gateway_service.go：移除 NormalizeSystemPromptEnv、 generateSessionIDForAccount、applyClaudeRuntimeOptionalHeaders 调用， 使用上游的 session-id 同步逻辑 - 恢复 language_server_pb gen 文件（Windsurf local_ls.go 依赖） - 保留全部 Windsurf 集成代码不变	2026-04-25 22:35:48 +08:00
win	2064c1a19f	chore: merge upstream Wei-Shaw/sub2api 至 v0.1.118 ... - 保留 Windsurf 订制代码 - 上游新增：Affiliate 邀返佣功能、OpenAI compact 支持、Claude Code 完整 mimicry - 解决冲突：handler/wire.go、wire_gen.go、constants.go、gateway_service.go 等	2026-04-25 22:08:18 +08:00
win	cbf696bc82	chore(wip): save windsurf changes before upstream v0.1.118 merge	2026-04-25 21:56:42 +08:00
shaw	4e1bb2b445	feat(affiliate): add feature toggle and per-user custom invite settings ... - 在系统设置「功能开关」中新增邀请返利总开关，默认关闭； 关闭态：菜单隐藏、注册忽略 aff、新充值不返利，但已有 quota 仍可转余额 - 支持管理员为指定用户设置专属邀请码（覆盖随机码，全局唯一） - 支持管理员为指定用户设置专属返利比例（覆盖全局比例，可单条/批量调整） - 在系统设置邀请返利卡片内嵌入专属用户管理表格（搜索/编辑/批量/删除）， 删除采用项目通用 ConfirmDialog，会同时清除专属比例并把邀请码重置为系统随机码 - /affiliate 用户页新增「我的返利比例」卡片与动态使用说明，让用户直观看到 分享后能拿到多少（同源 resolveRebateRatePercent 计算，与实际充值一致） - 新增数据库迁移 132 添加 aff_rebate_rate_percent 与 aff_code_custom 列 - 新增 admin 路由组 /api/v1/admin/affiliates/users/* 共 5 个端点 - AffiliateService 改为只依赖 *SettingService，去除冗余的 SettingRepository - 邀请码格式校验放宽到 [A-Z0-9_-]{4,32}，兼容旧 12 位系统码与新自定义码 - 补充单元测试与集成测试覆盖新方法、冲突路径与边界值	2026-04-25 20:22:07 +08:00
shaw	aa8ee33b0a	refactor(affiliate): tighten DI and harden inviter code validation ... - Drop SetAffiliateService setters and ProvideAuthService / ProvidePaymentService / ProvideUserHandler wrappers in favor of direct Wire constructor injection. AffiliateService has no back-edge to Auth/Payment/User, so the indirection was never required. - Change RegisterWithVerification's variadic affiliateCode to a fixed parameter; adjust all call sites. - Validate aff_code length and charset in BindInviterByCode before any DB lookup, eliminating timing-side-channel and useless DB roundtrips on malformed input. - Make affiliate cache invalidation synchronous; surface Redis errors via the project logger instead of swallowing them in a detached goroutine. - Add an integration test guarding cross-layer tx propagation in AccrueQuota and a unit test pinning the aff_code format rules.	2026-04-25 08:44:18 +08:00
VpSanta33	f03de00cb9	feat: add affiliate invite rebate flow and admin rebate-rate setting	2026-04-24 22:22:26 +08:00
win	2d2f677a64	chore: merge upstream Wei-Shaw/sub2api 至 v0.1.117 ... 主要合并内容： - feat(channel-monitor): admin 渠道监控 MVP + 日聚合/模板/用户端卡片 - feat(available-channels): 新增"可用渠道"聚合视图与平台聚合 - feat(settings): 功能开关联动到配置页 - refactor(channel-monitor): 事件驱动调度器 / runner 生命周期 + 单测 - fix(openai/codex): 图像生成桥接修复、支付 webhook 未知单号处理 - misc: i18n/UI polish, typing tightening 冲突已手动解决，保留本地订制： - handler.Handlers / AdminHandlers 联合 windsurf + channel_monitor/available_channel 字段 - wire/wire_gen 清理步骤同时注册 WindsurfRefreshService 与 ChannelMonitorRunner - routes/admin 同时注册 windsurf 与 channel-monitor 路由 - service/wire 合并 Windsurf* 与 ChannelMonitor* 的 provider - frontend admin API barrel 取两侧并集 - 采纳上游对 migrationChecksumCompatibilityRule 字段的重命名（非订制代码）	2026-04-24 11:52:21 +08:00
win	2a4103298e	Merge remote-tracking branch 'origin/main' ... # Conflicts: # backend/cmd/server/wire_gen.go	2026-04-24 01:21:36 +08:00
erio	5e060b2222	Merge remote-tracking branch 'upstream/main' into feat/channel-insights ... # Conflicts: # backend/cmd/server/wire_gen.go	2026-04-23 22:30:45 +08:00
erio	a3ea8ecac5	fix(wire): add ChannelMonitorRunner.Stop() to cleanup steps in wire_gen.go	2026-04-23 21:06:51 +08:00
erio	748a84d871	sync: bring over remaining release/custom-0.1.115 changes ... - Extract PublicSettingsInjectionPayload named struct with drift test - Add channel_monitor_default_interval_seconds to SSR injection - Add image_output_price to SupportedModelChip - Simplify AppSidebar buildSelfNavItems (admins see available channels) - Add gateway WARN logs for 503 no-available-accounts branches - Wire ChannelMonitorRunner into provideCleanup for graceful shutdown - Add migrations 130/131 (CC template userid fix + mimicry field cleanup) - Clean up fork-only features (sora, claude max simulation, client affinity) - Remove ~320 obsolete i18n keys - Add codexUsage utility, WechatServiceButton, BulkEditAccountModal - Tidy go.sum	2026-04-23 20:55:18 +08:00
win	21325afb33	feat(windsurf): 补全ops日志记录与endpoint派生，对齐其他平台 ... - windsurf_gateway_service: 添加上游延迟/TTFT/错误上下文记录 - endpoint: DeriveUpstreamEndpoint 添加 PlatformWindsurf 分支 - ops_error_logger: guessPlatformFromPath 添加 /windsurf/ 识别	2026-04-23 20:46:27 +08:00
james-6-23	dc5d42addc	feat(rpm): RPM 限流模块优化 ... P0: - rpm_override 嵌入 Auth Cache Snapshot，消除每请求 DB 查询 (snapshot v6→v7) - 429 RPM 响应返回 Retry-After 头（当前分钟剩余秒数） P1: - ClearAll 按钮直连 DELETE API，带 loading 防重复 - 新增 GET /admin/users/:id/rpm-status 管理员 RPM 用量查询端点 优化: - checkRPM 从级联互斥改为并行取最严，user.rpm_limit 作为全局硬上限始终生效 - Override/Group 变更后自动失效 auth cache - fail-open 语义不变，Redis 故障不阻塞业务	2026-04-23 16:34:37 +08:00
wx-11	11cf23da7d	修改403逻辑: 先临时冷却，再根据连续次数决定是否判坏号	2026-04-23 12:58:13 +08:00
win	ff7eab0392	Merge remote-tracking branch 'origin/main' ... # Conflicts: # backend/go.mod # backend/go.sum # backend/internal/repository/migrations_runner.go	2026-04-22 21:27:18 +08:00
erio	6cd7c60549	fix(channels): supported models = mapping ∪ pricing with global LiteLLM fallback ... Why: channels with model pricing entries but no model mapping (e.g. azcc with 3 priced claude models, no mapping) were rendering as 未配置模型 in the 'Available Channels' page. The algorithm only iterated ModelMapping and silently dropped any platform without a mapping entry. Changes: - channel.go: SupportedModels now unions mapping + pricing entries. For exact mapping src → target, pricing is looked up by target (the actually billed name), not by src. - channel_available.go: ListAvailable enriches each entry with nil pricing via PricingService.GetModelPricing (global LiteLLM fallback) so the popover always shows a price. - channel_service.go: NewChannelService takes *PricingService as 4th param. - channel_test.go: rewrote 4 tests that froze the old mapping-only semantics; added pricing-only / mapping-target / target-missing coverage.	2026-04-23 00:45:10 +08:00