624 Commits

Author	SHA1	Message	Date
win	8d0ef3d2ef	chore: antigravity 瘦身，删除边缘文件保留核心	2026-05-12 12:19:22 +08:00
win	7347dfffc1	chore: merge upstream v0.1.124-125, keep Windsurf/Antigravity customizations ... Upstream changes: - feat: 邮箱 + GitHub + Google OAuth 快捷登录 - feat: Codex image bridge 开关 - feat: 内容审核 (content moderation) — 新增 contentModerationService/Handler - feat: redeem code 返利、批量并发 API、markdown 页面渲染 - feat: 登录注册条款确认 - fix(security): pages API 加 JWT + 可见性校验 - fix: 修复 markdown 页面图片路径 - fix(gateway): 不再默认注入 redact thinking beta - fix: 稳定 anthropic passthrough 超时错误 - chore: VERSION 升到 0.1.125 + golang:1.26.3-alpine Conflict resolutions: - Dockerfile/backend/Dockerfile: 取 upstream golang:1.26.3-alpine - backend/go.mod: 取 upstream term v0.42.0，保留定制 protobuf v1.36.10 - frontend/src/api/admin/index.ts: 并集 (windsurf + riskControl) - backend/cmd/server/wire_gen.go: 接 upstream contentModeration*，保留 windsurfHandler/windsurfGatewayService/billingCacheService/requestEventBus；并通过 wire 重生成 - frontend/src/views/admin/AccountsView.vue: 采用 upstream 双层布局 + OpenAI Meta，保留 is_enterprise prop 和 Windsurf tier badge Note: - WIP commit (de048fad) preserved Windsurf tier access service / NLU extractor / ops log stream / Google OAuth login modal et al before merge. - 3 pre-existing go vet issues in test files (NewOpsHandler, RegisterGatewayRoutes, DefaultCLIProductVersion) are unrelated to this merge — leftover from local customization refactors; production code (go build ./...) passes.	2026-05-09 01:42:39 +08:00
Wesley Liddick	d52da45363	Merge pull request #2202 from Michael-Jetson/main ... 新增三大功能：兑换码邀请返利、批量修改用户并发数、Markdown页面渲染	2026-05-07 09:35:14 +08:00
shaw	fff4a300c6	feat(risk-control): add content moderation audit	2026-05-07 09:14:47 +08:00
win	3fe228d143	chore: merge upstream v0.1.122-123, keep Windsurf/Antigravity customizations ... New upstream features: - feat: improve OpenAI messages compatibility for Claude Code - feat: image generation stream & concurrency controls - fix(rate-limit): remove 429 cooldown config option - fix: skip previous_response_id recovery when payload has function_call_output - feat: support select search in group/account views - fix: ops cleanup settings - chore: remove openspec and update axios Conflict resolutions: - config.go: kept AntigravityLSWorker+NodeTLSProxy AND added ImageConcurrency - account_test_service.go: kept windsurf import AND added openai_compat import - docker-compose.yml: kept Windsurf env vars AND added image concurrency env vars	2026-05-06 11:50:54 +08:00
Michael-Jetson	4cbd4932a0	feat: add redeem code affiliate rebate, batch concurrency API, and markdown page rendering ... 1. Redeem code affiliate rebate: balance-type redeem codes now trigger invite rebate for the inviter. Payment fulfillment uses context key to prevent double-rebate. 2. Batch concurrency update: new POST /admin/users/batch-concurrency endpoint supporting mode=set/add with all=true for all users. 3. Markdown page rendering: new GET /api/v1/pages/:slug API serves local .md files. Custom menu items with url="md:slug" render markdown with collapsible TOC sidebar, scroll spy, and copy buttons on code blocks. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-05 06:44:37 -07:00
2ue	6faa344916	feat: add OpenAI image generation controls	2026-05-05 03:26:54 +08:00
shaw	0b84d12dbb	fix: correct affiliate audit record sources	2026-05-03 22:12:57 +08:00
lyen1688	0a914e034c	fix: include matured affiliate quota in admin overview	2026-05-03 20:33:13 +08:00
lyen1688	6a41cf6a51	feat: add admin affiliate record pages	2026-05-03 20:33:13 +08:00
win	c5eb305f7f	chore: merge upstream v0.1.119-121, keep Windsurf/Antigravity customizations ... Upstream changes merged: - fix(scheduler): resolve SetSnapshot race conditions with Lua CAS script - fix: improve sticky session scheduling (debug logs + layer 1.5 checks) - feat: Anthropic cache TTL injection toggle - fix(gateway): stream EOF failover + sanitize stream errors - feat(httputil): zstd/gzip/deflate request decompression + bomb guard - feat(openai): OpenAI Fast/Flex Policy (HTTP + WebSocket + Admin) - feat(vertex): Vertex Service Account support - feat: account bulk edit scope and compact settings - feat(affiliate): rebate freeze migration - fix(openai): various fixes (passthrough fields, compact payload, etc.) Conflict resolutions: - domain/constants.go: keep both AccountTypeWindsurfSession + AccountTypeServiceAccount - scheduler_cache_unit_test.go: keep both test functions - gateway_service.go: remove dead code (claudeCodeUserAgentRe, isClaudeCodeRequest) - wire_gen.go: keep Windsurf service chain + add upstream claudeTokenProvider param - frontend/src/types/index.ts: keep windsurf + service_account types - frontend CreateAccountModal.vue: keep Windsurf login + Vertex service_account blocks - frontend PlatformTypeBadge.vue: keep both Session + Vertex cases - account_test_service.go: fix createTestPayload call to pass empty prompt arg	2026-05-02 16:52:21 +08:00
shaw	733627cf9d	fix: improve sticky session scheduling	2026-04-30 11:38:11 +08:00
shaw	8bf2a7b88a	fix(scheduler): resolve SetSnapshot race conditions and remove usage throttle ... Backend: Fix three race conditions in SetSnapshot that caused account scheduling anomalies and broken sticky sessions: - Use Lua CAS script for atomic version activation, preventing version rollback when concurrent goroutines write snapshots simultaneously - Add UnlockBucket to release rebuild lock immediately after completion instead of waiting 30s TTL expiry - Replace immediate DEL of old snapshots with 60s EXPIRE grace period, preventing readers from hitting empty ZRANGE during version switches Frontend: Remove serial queue throttle (1-2s delay per request) from usage loading since backend now uses passive sampling. All usage requests execute immediately in parallel.	2026-04-29 22:48:39 +08:00
win	fdd2d08a4d	feat: merge feat/omniroute-ideas — P2C scheduler, quota scoring, tier fallback	2026-04-29 15:42:37 +08:00
win	0a3666ef24	x	2026-04-29 10:32:36 +08:00
win	5c8c15cdb1	feat(refresh,repo): add singleflight to dedupe concurrent token refresh and unschedulable writes ... Two anti-thundering-herd improvements: 1. OAuthRefreshAPI.RefreshIfNeeded Wrap the existing distributed-lock + DB-reread + executor.Refresh pipeline in a per-process singleflight keyed by cacheKey+window. Without this, N concurrent goroutines on the same account each pay one Redis lock RTT and one DB reread; with it, only the leader pays and the rest share the result. The refreshWindow is part of the key so a long background-refresh window cannot starve a short foreground-refresh window. 2. accountRepository.SetTempUnschedulable Wrap the same path (UPDATE + scheduler outbox enqueue + scheduler cache sync) in a per-process singleflight keyed by id+until+reason. The SQL guard (existing < new) already makes the UPDATE idempotent, but N callers still cost N round-trips and N outbox inserts. With singleflight, an upstream 401 burst that hits the same account collapses to one execution. Tests cover dedup behavior, key separation by account / refresh window, and that the SQL exec count drops from N to <=2 (UPDATE + outbox).	2026-04-29 00:43:23 +08:00
win	d6df41feaa	chore(claude): bump CLI fingerprint to 2.1.88 and accept claude-code/ UA ... - Centralize Claude CLI fingerprint constants (UA, x-stainless-*) in pkg/claude with BuildCLI/CodeUserAgent helpers - Reuse constants in DefaultHeaders, identity_service defaults, and antigravity identity defaults to keep all callers in sync - Extend ClaudeCodeValidator to accept both claude-cli/ and claude-code/ UA prefixes (transport/helper requests use the latter) - Update related tests to cover the new UA prefix and version	2026-04-28 22:35:24 +08:00
shaw	9b6dcc57bd	feat(affiliate): 完善邀请返利系统 ... - 修复返利不到账的根因：tryClaimAffiliateRebateAudit 中 PostgreSQL 参数类型推断冲突 - 补全 OAuth 注册路径（LinuxDo/OIDC/WeChat/Pending Flow）的邀请码绑定 - 前端 OAuth 注册页面传递 aff_code 参数 - 新增返利冻结期机制：可配置冻结时间，到期后自动解冻（懒解冻） - 新增返利有效期：绑定后 N 天内有效，过期不再产生返利 - 新增单人返利上限：超出上限部分精确截断 - 增强返利流程 slog 结构化日志，便于排查问题 - 已邀请用户列表增加返利明细列	2026-04-26 12:42:35 +08:00
win	2064c1a19f	chore: merge upstream Wei-Shaw/sub2api 至 v0.1.118 ... - 保留 Windsurf 订制代码 - 上游新增：Affiliate 邀返佣功能、OpenAI compact 支持、Claude Code 完整 mimicry - 解决冲突：handler/wire.go、wire_gen.go、constants.go、gateway_service.go 等	2026-04-25 22:08:18 +08:00
shaw	4e1bb2b445	feat(affiliate): add feature toggle and per-user custom invite settings ... - 在系统设置「功能开关」中新增邀请返利总开关，默认关闭； 关闭态：菜单隐藏、注册忽略 aff、新充值不返利，但已有 quota 仍可转余额 - 支持管理员为指定用户设置专属邀请码（覆盖随机码，全局唯一） - 支持管理员为指定用户设置专属返利比例（覆盖全局比例，可单条/批量调整） - 在系统设置邀请返利卡片内嵌入专属用户管理表格（搜索/编辑/批量/删除）， 删除采用项目通用 ConfirmDialog，会同时清除专属比例并把邀请码重置为系统随机码 - /affiliate 用户页新增「我的返利比例」卡片与动态使用说明，让用户直观看到 分享后能拿到多少（同源 resolveRebateRatePercent 计算，与实际充值一致） - 新增数据库迁移 132 添加 aff_rebate_rate_percent 与 aff_code_custom 列 - 新增 admin 路由组 /api/v1/admin/affiliates/users/* 共 5 个端点 - AffiliateService 改为只依赖 *SettingService，去除冗余的 SettingRepository - 邀请码格式校验放宽到 [A-Z0-9_-]{4,32}，兼容旧 12 位系统码与新自定义码 - 补充单元测试与集成测试覆盖新方法、冲突路径与边界值	2026-04-25 20:22:07 +08:00
shaw	095f457c57	feat(openai): port /responses/compact account support flow (PR #1555) ... 将 vansour/sub2api#1555 的 OpenAI compact 能力建模手工移植到当前 main：账号 级 compact 状态/auto-force_on-force_off 模式、compact-only 模型映射、调度器 tier 分层（已支持 > 未知 > 已知不支持）、管理后台 compact 主动探测，以及对应 i18n/状态徽章。普通 /responses 流量行为不变，无数据库迁移。	2026-04-25 14:52:58 +08:00
shaw	aa8ee33b0a	refactor(affiliate): tighten DI and harden inviter code validation ... - Drop SetAffiliateService setters and ProvideAuthService / ProvidePaymentService / ProvideUserHandler wrappers in favor of direct Wire constructor injection. AffiliateService has no back-edge to Auth/Payment/User, so the indirection was never required. - Change RegisterWithVerification's variadic affiliateCode to a fixed parameter; adjust all call sites. - Validate aff_code length and charset in BindInviterByCode before any DB lookup, eliminating timing-side-channel and useless DB roundtrips on malformed input. - Make affiliate cache invalidation synchronous; surface Redis errors via the project logger instead of swallowing them in a detached goroutine. - Add an integration test guarding cross-layer tx propagation in AccrueQuota and a unit test pinning the aff_code format rules.	2026-04-25 08:44:18 +08:00
VpSanta33	f03de00cb9	feat: add affiliate invite rebate flow and admin rebate-rate setting	2026-04-24 22:22:26 +08:00
win	2d2f677a64	chore: merge upstream Wei-Shaw/sub2api 至 v0.1.117 ... 主要合并内容： - feat(channel-monitor): admin 渠道监控 MVP + 日聚合/模板/用户端卡片 - feat(available-channels): 新增"可用渠道"聚合视图与平台聚合 - feat(settings): 功能开关联动到配置页 - refactor(channel-monitor): 事件驱动调度器 / runner 生命周期 + 单测 - fix(openai/codex): 图像生成桥接修复、支付 webhook 未知单号处理 - misc: i18n/UI polish, typing tightening 冲突已手动解决，保留本地订制： - handler.Handlers / AdminHandlers 联合 windsurf + channel_monitor/available_channel 字段 - wire/wire_gen 清理步骤同时注册 WindsurfRefreshService 与 ChannelMonitorRunner - routes/admin 同时注册 windsurf 与 channel-monitor 路由 - service/wire 合并 Windsurf* 与 ChannelMonitor* 的 provider - frontend admin API barrel 取两侧并集 - 采纳上游对 migrationChecksumCompatibilityRule 字段的重命名（非订制代码）	2026-04-24 11:52:21 +08:00
win	002066e700	chore(wip): 保存订制改动以便合并上游 ... - windsurf: client/pool/local_ls/tool_emulation/tool_names/models 调整 - handler: admin account_data / failover_loop / gateway_handler - repository: scheduler_cache 及测试 - service: windsurf_chat_service / windsurf_gateway_service - deploy: compose 合并为单文件（含 windsurf-ls profile），Dockerfile.ls - cmd: 新增 dump_ls_models / dump_preamble / test_windsurf_tools 辅助工具	2026-04-24 11:14:36 +08:00
win	2a4103298e	Merge remote-tracking branch 'origin/main' ... # Conflicts: # backend/cmd/server/wire_gen.go	2026-04-24 01:21:36 +08:00
erio	5e060b2222	Merge remote-tracking branch 'upstream/main' into feat/channel-insights ... # Conflicts: # backend/cmd/server/wire_gen.go	2026-04-23 22:30:45 +08:00
erio	67518a59ac	revert: remove fork-only changes from release sync ... Revert payment/wechat, sora/claude-max cleanup, fork-only migrations, and cosmetic changes that were brought in by the release sync commit. Keep only channel-monitor related improvements: - PublicSettingsInjectionPayload named struct with drift test - ChannelMonitorRunner graceful shutdown in wire - image_output_price in SupportedModelChip - Simplified buildSelfNavItems in AppSidebar - Gateway WARN logs for 503 branches	2026-04-23 21:40:58 +08:00
erio	748a84d871	sync: bring over remaining release/custom-0.1.115 changes ... - Extract PublicSettingsInjectionPayload named struct with drift test - Add channel_monitor_default_interval_seconds to SSR injection - Add image_output_price to SupportedModelChip - Simplify AppSidebar buildSelfNavItems (admins see available channels) - Add gateway WARN logs for 503 no-available-accounts branches - Wire ChannelMonitorRunner into provideCleanup for graceful shutdown - Add migrations 130/131 (CC template userid fix + mimicry field cleanup) - Clean up fork-only features (sora, claude max simulation, client affinity) - Remove ~320 obsolete i18n keys - Add codexUsage utility, WechatServiceButton, BulkEditAccountModal - Tidy go.sum	2026-04-23 20:55:18 +08:00
win	21325afb33	feat(windsurf): 补全ops日志记录与endpoint派生，对齐其他平台 ... - windsurf_gateway_service: 添加上游延迟/TTFT/错误上下文记录 - endpoint: DeriveUpstreamEndpoint 添加 PlatformWindsurf 分支 - ops_error_logger: guessPlatformFromPath 添加 /windsurf/ 识别	2026-04-23 20:46:27 +08:00
Wesley Liddick	827a4498e0	Merge pull request #1829 from ZHOUKAILIAN/feature/codex-oauth-proxy-message ... fix: 明确 OpenAI OAuth 未配置代理时的错误提示	2026-04-23 16:55:04 +08:00
Wesley Liddick	8dbbd94299	Merge pull request #1836 from wucm667/fix/account-daily-weekly-quota-cache-invalidation ... fix: 修复账户配额跨越时调度快照入队逻辑	2026-04-23 16:49:25 +08:00
james-6-23	dc5d42addc	feat(rpm): RPM 限流模块优化 ... P0: - rpm_override 嵌入 Auth Cache Snapshot，消除每请求 DB 查询 (snapshot v6→v7) - 429 RPM 响应返回 Retry-After 头（当前分钟剩余秒数） P1: - ClearAll 按钮直连 DELETE API，带 loading 防重复 - 新增 GET /admin/users/:id/rpm-status 管理员 RPM 用量查询端点 优化: - checkRPM 从级联互斥改为并行取最严，user.rpm_limit 作为全局硬上限始终生效 - Override/Group 变更后自动失效 auth cache - fail-open 语义不变，Redis 故障不阻塞业务	2026-04-23 16:34:37 +08:00
wucm667	bcf4aedcde	fix: 修复账户配额跨越时调度快照入队逻辑	2026-04-23 14:53:57 +08:00
wx-11	11cf23da7d	修改403逻辑: 先临时冷却，再根据连续次数决定是否判坏号	2026-04-23 12:58:13 +08:00
zhoukailian	2489ea3699	fix: clarify OpenAI OAuth proxy errors	2026-04-23 12:23:04 +08:00
win	ff7eab0392	Merge remote-tracking branch 'origin/main' ... # Conflicts: # backend/go.mod # backend/go.sum # backend/internal/repository/migrations_runner.go	2026-04-22 21:27:18 +08:00
shaw	45065c23d5	fix(ci): run 108a migration before 109 in backfill integration test	2026-04-22 18:36:44 +08:00
IanShaw027	9de7a72cce	fix(upgrade): close payment and oidc compatibility gaps	2026-04-22 18:01:51 +08:00
IanShaw027	ad4600964e	fix(ci): clean up lint and dead code	2026-04-22 16:38:36 +08:00
IanShaw027	36aed35957	fix(auth): harden oauth identity upgrade paths	2026-04-22 14:56:56 +08:00
IanShaw027	01a991f56f	fix(test): restore identity repo integration imports	2026-04-22 13:22:33 +08:00
IanShaw027	81c827ee51	fix(profile): stabilize identity binding management	2026-04-22 13:19:28 +08:00
IanShaw027	06136af805	fix(upgrade): preserve legacy auth and payment compatibility	2026-04-22 13:18:10 +08:00
IanShaw027	1ffebbb568	fix(migrations): keep auth identity and payment upgrades safe	2026-04-22 12:29:52 +08:00
IanShaw027	18481a100b	fix(migrations): defer online ddl follow-ups safely	2026-04-22 11:17:45 +08:00
IanShaw027	7fbd5177c2	fix(ci): make legacy migration cleanup resilient	2026-04-22 09:15:39 +08:00
IanShaw027	fdf72eb511	fix(ci): repair integration repository tests	2026-04-22 02:42:43 +08:00
IanShaw027	b13e34f831	fix(ci): align auth and payment verification tests	2026-04-22 02:32:53 +08:00
IanShaw027	525a320424	Fix user profile writes on postgres conflicts	2026-04-21 10:13:28 -07:00