1711 Commits

Author	SHA1	Message	Date
win	58ad47ba80	fix: 对齐 Claude Code 2.1.88 源码指纹 ... - 1P event_logging/batch 添加 OAuth Bearer auth header - DD hostname 改为固定 "claude-code"（与真实 CLI 一致） - 事件名对齐真实 CLI: tengu_api_query/tengu_api_success/tengu_api_error/tengu_tool_use_success - DD header 大小写改为 DD-API-KEY - ResponseHeaderTimeout 300s → 600s（与真实 CLI 10min 超时对齐）	2026-04-01 08:53:39 +08:00
win	d8d8adb37f	feat: 移除 Node.js TLS 代理依赖，全部走 Go 原生 utls 指纹 ... - Do() 路由从 doViaNodeTLSProxy（转发到 localhost:3456 Node.js 进程） 改为 doWithTLSFingerprint（直接使用 Go utls dialer），解决 h2 connect timeout 问题（Node.js proxy 的 H2 路径不支持 per-account 代理隧道） - 新增 internal/pkg/telemetry 包，从 proxy.js 移植全部遥测逻辑： Anthropic event_logging/batch + Datadog log intake + 虚拟主机身份 + 会话状态管理 + process metrics 模拟 - 保留 proxy.js 中的 H1 降级修复作为备用	2026-04-01 08:24:49 +08:00
win	b856586412	修复h1	2026-04-01 01:35:49 +08:00
win	1e19d9caca	feat: 行为模拟补全 — GrowthBook/PolicyLimits 轮询 + tengu_exit ... 补全真实 CLI 的后台行为模式，消除关联分析缺口： 1. GrowthBook SDK 轮询: 每 20min GET /sub/features/sdk-zAZezfDKGoZuXXKe - 匹配真实 CLI 的 setupPeriodicGrowthBookRefresh() - 带 OAuth Bearer + anthropic-beta header - per-account jitter 避免同时请求 2. Policy Limits 轮询: 每 1h GET /api/claude_code/policy_limits - 匹配真实 CLI 的 refreshPolicyLimits() - OAuth 认证 + ETag 缓存模式 3. tengu_exit 会话结束: 10min 空闲后触发 - 匹配真实 CLI 进程退出时的遥测事件 - 清理 session 状态允许下次请求重新 bootstrap 4. 重构 bootstrap_preflight.go 为 backgroundSimulator 统一管理 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 22:32:38 +08:00
win	dab4142ab2	feat: Claude Code 2.1.88 源码级指纹还原 ... 基于 Claude Code 2.1.88 反编译源码，完成全面的反追踪指纹还原： 1. 版本升级 2.1.87 → 2.1.88（constants.go, identity_service.go, proxy.js） 2. 新增 6 个 beta header 常量（task-budgets, token-efficient-tools, structured-outputs, advisor, web-search） 3. 更新所有组合 beta header 字符串，加入 context-1m, redact-thinking, effort 等 4. 注入 x-anthropic-billing-header attribution block 到 system prompt 首位 - 完整复刻 fingerprint 算法: SHA256(salt + msg[4,7,20] + version)[:3] - 正确省略 cch 字段（npm 版行为，非原生二进制） 5. X-Claude-Code-Session-Id: 有则同步，无则按 account 生成 6. x-client-request-id: 每请求自动生成 UUID 7. Bootstrap 预热: 模拟 GET /api/claude_cli/bootstrap（per-account, 1h cooldown） 8. 停止无条件剥离 temperature/tool_choice（与真实 CLI 行为一致） Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 21:57:51 +08:00
win	1eed02c325	fix: restore node-tls-proxy routing lost during rebase ... - Re-add NodeTLSProxyConfig struct to GatewayConfig (removed by upstream) - Re-create http_upstream_antigravity.go with proxy routing functions - Add proxy intercept hook in Do() for api.anthropic.com requests	2026-03-31 14:08:24 +08:00
win	d3d885cf75	fix: node-tls-proxy not receiving traffic due to viper BindEnv bug ... - Add explicit viper.BindEnv() for all gateway.node_tls_proxy.* keys to fix viper's AutomaticEnv+Unmarshal nested struct bug where env vars are silently ignored when config.yaml lacks the corresponding section - Sync proxy.js CLI_VERSION 2.1.84→2.1.87 and BUILD_TIME to match constants.go, eliminating API/telemetry version mismatch	2026-03-31 13:16:02 +08:00
win	53eaae61a3	fix: TLS fingerprint lifecycle consistency and bump CLI version to 2.1.87 ... - Update User-Agent from claude-cli/2.1.84 to 2.1.87 in constants.go and identity_service.go to match latest Claude Code binary - Replace ImpersonateChrome() in OAuth createReqClient with Node.js 24.x uTLS profile (tlsfingerprint.Profile) to ensure consistent JA3 hash across token exchange, refresh, and API calls - Support direct/HTTP-proxy/SOCKS5 proxy modes with uTLS in OAuth client Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 13:14:56 +08:00
win	6620b56b5a	fix: encode ls model credits topic values as base64	2026-03-31 08:34:00 +08:00
win	0e9f780815	fix: surface ls quota exhaustion in antigravity streams	2026-03-31 01:26:48 +08:00
win	860fc736bf	Merge branch 'codex/internal-sync-20260330'	2026-03-31 00:00:49 +08:00
win	0cda0e0b96	feat: add dockerized antigravity ls worker mode	2026-03-30 23:57:25 +08:00
win	8eb2bbcb20	feat: 从 main 分支迁移 Claude 指纹常量和实例级隔离配置 ... 将 main 分支的 Claude/Anthropic 相关逆向工作迁移到 codex 分支: - claude/constants.go: 添加 4 个新 Beta 常量 + 版本升级至 2.1.84/0.74.0 - config.go: 添加 InstanceSalt 和 FingerprintDefaultsConfig 配置 - identity_service: 版本升级 + instanceSalt 支持 + ApplyDefaultFingerprintOverrides - wire_gen.go: 初始化指纹覆盖 + 使用 NewIdentityServiceWithSalt Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 19:04:52 +08:00
Wesley Liddick	6a2cf09ee0	Merge pull request #1349 from touwaeriol/feat/antigravity-internal500-penalty ... feat(antigravity): progressive penalty for consecutive INTERNAL 500 errors	2026-03-30 15:54:04 +08:00
Wesley Liddick	c6fd88116b	Merge pull request #1354 from wucm667/fix/billing-use-requested-model ... fix(billing): 计费始终使用用户请求的原始模型，而非映射后的上游模型	2026-03-30 15:52:31 +08:00
Wesley Liddick	8f0dbdeaba	Merge pull request #1343 from yilinyo/fix/api-key-unique-conflict-after-soft-delete ... fix(api-key):软删除apikey后key没有被释放后续无法再自定义相同的key	2026-03-30 15:47:28 +08:00
Wesley Liddick	9a92fa4a60	Merge pull request #1370 from YanzheL/fix/1320-openai-messages-gpt54-xhigh ... fix(gateway): normalize gpt-5.4-xhigh for /v1/messages	2026-03-30 15:44:34 +08:00
Wesley Liddick	576af710be	Merge pull request #1352 from StarryKira/feat/add-file-upload-oauth-scope ... Feat/add file upload oauth scope	2026-03-30 15:41:18 +08:00
Wesley Liddick	b5642bd068	Merge pull request #1377 from DaydreamCoding/fix/lifecycle-stop-duplicate-close ... fix(lifecycle): TokenRefreshService Stop() 防重复 close	2026-03-30 15:38:39 +08:00
Wesley Liddick	128f322252	Merge pull request #1376 from weak-fox/fix/privacy-without-refresh-token ... 修复缺少 refresh_token 时被临时停调度	2026-03-30 15:38:27 +08:00
Wesley Liddick	17d7e57a2e	Merge pull request #1375 from weak-fox/fix/batch-reset-temp-unsched ... 修复重置状态时未清理临时停调度	2026-03-30 15:37:58 +08:00
shaw	50288e6b01	fix: 修复模型定价文件更新url	2026-03-30 15:36:53 +08:00
shaw	ab3e44e4bd	fix: 适配X-Claude-Code-Session-Id头	2026-03-30 11:43:07 +08:00
QTom	61607990c8	fix(lifecycle): TokenRefreshService Stop() 防重复 close ... 使用 sync.Once 包裹 close(stopCh)，避免多次调用 Stop() 时 触发 panic: close of closed channel。	2026-03-30 10:33:06 +08:00
shaw	b65275235f	feat: Anthropic oauth/setup-token账号支持自定义转发URL	2026-03-30 09:10:57 +08:00
weak-fox	e298a71834	fix: clear temp unsched when resetting account status	2026-03-30 00:22:02 +08:00
weak-fox	3f6fa1e3db	fix: avoid temp unsched when refresh token is missing	2026-03-30 00:21:51 +08:00
YanzheL	f2c2abe628	fix(openai): keep xhigh normalization scoped to messages	2026-03-29 21:09:19 +08:00
YanzheL	ff5b467fbe	fix(handler): normalize compat model for message routing	2026-03-29 20:53:14 +08:00
YanzheL	8c10941142	fix(openai): normalize gpt-5.4-xhigh compat mapping	2026-03-29 20:52:29 +08:00
wucm667	f5764d8dc6	fix(billing): 计费始终使用用户请求的原始模型，而非映射后的上游模型 ... 当账号配置了模型映射（如 claude-sonnet-4-6 → glm-5.0）时，系统错误地 使用映射后的上游模型名计算费用。由于上游模型（如 glm-5.0）在定价系统中 没有价格配置，导致计费失败后被静默置为 0，用户不被扣费。 修改 forwardResultBillingModel 优先返回请求模型名，并移除 OpenAI 路径 中 BillingModel 字段对计费模型的覆盖逻辑。	2026-03-28 16:22:06 +08:00
Elysia	81ca4f12dd	修复误删的url	2026-03-28 00:55:55 +08:00
Elysia	941c469ab9	fix: use standard PKCE code verifier generation ... Replace charset→base64url double-encoding with standard random bytes→base64url approach to match official client behavior and avoid risk control detection. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 00:47:31 +08:00
Elysia	8fcd819e6f	feat: add user:file_upload OAuth scope ... Align OAuth scopes with upstream Claude Code client which now includes the user:file_upload scope for file upload support. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 00:40:36 +08:00
erio	9abdaed20c	style: gofmt antigravity_internal500_penalty.go	2026-03-27 20:18:07 +08:00
erio	eb94342f78	chore: adjust internal500 penalty durations to 30m / 2h	2026-03-27 20:11:24 +08:00
erio	d563eb2336	test: add unit tests for INTERNAL 500 progressive penalty ... Cover isAntigravityInternalServerError body matching, applyInternal500Penalty tier escalation, handleInternal500RetryExhausted nil-safety and error handling, and resetInternal500Counter paths.	2026-03-27 20:11:24 +08:00
erio	3ee6f085db	refactor: extract internal500 penalty logic to dedicated file ... Move constants, detection, and penalty functions from antigravity_gateway_service.go to antigravity_internal500_penalty.go. Fix gofmt alignment and replace hardcoded duration strings with constant references.	2026-03-27 20:11:24 +08:00
erio	7cca69a136	fix: move internal500 counter reset to cover all success paths ... Move the reset logic after urlFallbackLoop so it covers both direct success and smart retry (429/503) success paths.	2026-03-27 20:11:24 +08:00
erio	093a5a260e	feat(antigravity): progressive penalty for consecutive INTERNAL 500 errors ... When an antigravity account returns 500 "Internal error encountered." on all 3 retry attempts, increment a Redis counter and apply escalating penalties: - 1st round: temp unschedulable 10 minutes - 2nd round: temp unschedulable 10 hours - 3rd round: permanently mark as error Counter resets on any successful response (< 400).	2026-03-27 20:11:24 +08:00
YilinMacAir	1f39bf8a78	fix:修复由于数据库唯一键导致软删除apikey后key没有被释放后续无法再自定义相同的key	2026-03-27 16:37:10 +08:00
Wesley Liddick	9398ea7af5	Merge pull request #1340 from DaydreamCoding/fix/privacy-and-system-prompt ... fix(openai): OpenAI 隐私模式全场景覆盖 & 修复转发路径 system prompt 丢失	2026-03-27 15:03:57 +08:00
QTom	c729ee425f	fix(gateway): 修复 OpenAI→Anthropic 转换路径 system prompt 被静默丢弃的 bug ... injectClaudeCodePrompt 和 systemIncludesClaudeCodePrompt 的 type switch 无法匹配 json.RawMessage 类型（Go typed nil 陷阱），导致 ForwardAsResponses 和 ForwardAsChatCompletions 路径中用户 system prompt 被替换为仅 Claude Code banner。新增 normalizeSystemParam 将 json.RawMessage 转为标准 Go 类型。 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 14:51:36 +08:00
QTom	c489f23810	feat(privacy): 创建/批量创建 OpenAI OAuth 账号时异步设置隐私模式 ... 参照 Antigravity 的模式，单个创建时同步调用 ForceOpenAIPrivacy， 批量创建时收集 OpenAI OAuth 账号后异步 goroutine 设置，避免阻塞请求。 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 14:51:36 +08:00
QTom	47a544230a	fix(privacy): 刷新令牌失败时也尝试设置 OpenAI 隐私模式 ... 刷新失败不代表 access_token 无效，在后台定时刷新（不可重试错误 + 重试耗尽）和前端批量/单次刷新的失败路径中，均利用可能仍有效的 access_token 调用隐私设置。 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 14:51:36 +08:00
QTom	c13c81f09d	feat(privacy): 为 OpenAI OAuth 账号添加前端手动设置隐私按钮 ... 复用已有的 set-privacy API 端点，Handler 通过 platform 分发到 ForceOpenAIPrivacy / ForceAntigravityPrivacy，前端 AccountActionMenu 扩展隐私按钮支持 OpenAI OAuth 账号。 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 14:51:36 +08:00
Wesley Liddick	20544a4447	Merge pull request #1300 from xilu0/fix/forward-failed-log-missing-account-proxy-info ... fix: add account and proxy details to forward_failed log	2026-03-27 14:47:51 +08:00
Wesley Liddick	b688ebeefa	Merge pull request #1215 from weak-fox/fix/privacy-retry-failed-mode ... fix: 允许 OpenAI privacy_mode修改失败后能在 token 刷新时重试	2026-03-27 14:46:38 +08:00
shaw	1854050df3	feat(tls-fingerprint): 新增 TLS 指纹 Profile 数据库管理及代码质量优化 ... 新增功能： - 新增 TLS 指纹 Profile CRUD 管理（Ent schema + 迁移 + Admin API + 前端管理界面） - 支持账号绑定数据库中的自定义 TLS Profile，或随机选择（profile_id=-1） - HTTPUpstream.DoWithTLS 接口从 bool 改为 *tlsfingerprint.Profile，支持按账号指定 Profile - AccountUsageService 注入 TLSFingerprintProfileService，统一 usage 场景与网关的 Profile 解析逻辑 代码优化： - 删除已被 TLSFingerprintProfileService 完全取代的 registry.go 死代码（418 行） - 提取 3 个 dialer 的重复 TLS 握手逻辑为 performTLSHandshake() 共用函数 - 修复 GetTLSFingerprintProfileID 缺少 json.Number 处理的 bug - gateway_service.Forward 中 ResolveTLSProfile 从重试循环内重复调用改为预解析局部变量 - 删除冗余的 buildClientHelloSpec() 单行 wrapper 和 int64(e.ID) 无效转换 - tls_fingerprint_profile_cache.go 日志从 log.Printf 改为 slog 结构化日志 - dialer_capture_test.go 添加 //go:build integration 标签，防止 CI 失败 - 去重 TestProfileExpectation 类型至共享 test_types_test.go - 修复 9 个测试文件缺少 tlsfingerprint import 的编译错误 - 修复 error_policy_integration_test.go 中 handleError 回调签名被错误替换的问题	2026-03-27 14:33:05 +08:00
shaw	d571f300e5	feat(rectifier): 请求整流器增加 API Key 账号签名整流支持 ... 新增独立开关控制 API Key 账号的签名整流功能，支持配置自定义 匹配关键词以捕获不同格式的上游错误响应。 - 新增 apikey_signature_enabled 开关（默认关闭） - 新增 apikey_signature_patterns 自定义关键词配置 - 内置签名检测规则对 API Key 账号同样生效 - 自定义关键词对完整响应体做不区分大小写匹配 - 重试二阶段检测仅做模式匹配，不重复校验开关 - Handler 层校验关键词数量（≤50）和长度（≤500） - API 响应 nil patterns 统一序列化为空数组 - OAuth/SetupToken/Upstream/Bedrock 账号行为不变	2026-03-26 16:43:38 +08:00