oadmin/sub2api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
1,732 Commits 2 Branches 0 Tags
880868f2d1cf0fab63bfdfacedb2c5620594ffce
Commit Graph

1732 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Wesley Liddick
b7777fb46c Merge pull request #436 from iBenzene/feat/redis-tls-support 
feat: add support for using TLS to connect to Redis
 2026-02-02 10:02:25 +08:00
yangjianbo
99250ec527 fix(Sora): 加固直连安全与下载限制 
补充图片输入 SSRF 防护与重定向限制\n增加媒体下载超时/大小上限配置并更新示例\n完善 recent_tasks 轮询回退策略与相关测试\n\n测试: go test ./... -tags=unit
 2026-02-01 22:10:15 +08:00
yangjianbo
dcf5f60237 feat: add codex skills 2026-02-01 21:38:00 +08:00
yangjianbo
399dd78b2a feat(Sora): 直连生成并移除sora2api依赖 
实现直连 Sora 客户端、媒体落地与清理策略\n更新网关与前端配置以支持 Sora 平台\n补齐单元测试与契约测试,新增 curl 测试脚本\n\n测试: go test ./... -tags=unit
 2026-02-01 21:37:10 +08:00
yangjianbo
78d0ca3775 fix(sora): 修复流式重写与计费问题 2026-01-31 21:46:28 +08:00
yangjianbo
618a614cbf feat(Sora): 完成Sora网关接入与媒体能力 
新增 Sora 网关路由、账号调度与同步服务\n补充媒体代理与签名 URL、模型列表动态拉取\n完善计费配置、前端支持与相关测试
 2026-01-31 20:22:22 +08:00
iBenzene
35f39ca291 chore: 修复了 redis.go 中代码风格(golangci-lint)的问题 2026-01-31 19:06:19 +08:00
iBenzene
f2e206700c feat: add support for using TLS to connect to Redis 2026-01-31 03:58:01 +08:00
cyhhao
adb77af1d9 fix: satisfy golangci-lint (nil checks, remove unused helpers) 2026-01-31 02:07:57 +08:00
cyhhao
3a34746668 refactor: stop rewriting tool descriptions; keep only system sentence rewrite 2026-01-31 02:01:51 +08:00
cyhhao
fe17058700 refactor: limit OpenCode keyword replacement to tool descriptions 2026-01-31 01:40:38 +08:00
ducky
9bee0a2071 chore: gofmt for golangci-lint 2026-01-30 17:28:53 +08:00
ducky
b7f69844e1 feat(announcements): add admin/user announcement system 
Implements announcements end-to-end (admin CRUD + read status, user list + mark read) with OR-of-AND targeting. Also breaks the ent<->service import cycle by moving schema-facing constants/targeting into a new domain package.
 2026-01-30 16:45:04 +08:00
yangjianbo
99dc3b59bc feat(账号): 添加 Sora 账号双表同步与创建 
- 新增 sora_accounts 表与 accounts.extra GIN 索引\n- OpenAI OAuth 支持同时创建 Sora 账号并同步配置\n- Token 刷新同步关联 Sora 账号凭证与扩展表\n- 增加 Sora 账号连通性测试与前端开关文案
 2026-01-30 14:08:04 +08:00
cyhhao
602bf9c017 Merge branch 'main' of github.com:Wei-Shaw/sub2api 2026-01-30 13:21:25 +08:00
Wesley Liddick
c3d1891ccd Merge pull request #427 from touwaeriol/pr/upgrade-antigravity-ua 
chore: upgrade Antigravity User-Agent to 1.15.8
 2026-01-30 09:17:17 +08:00
shaw
4d8f2db924 fix: 更新所有CI workflow的Go版本验证至1.25.6 2026-01-30 08:57:37 +08:00
shaw
6599b366dc fix: 升级Go版本至1.25.6修复标准库安全漏洞 
修复GO-2026-4341和GO-2026-4340两个标准库漏洞
 2026-01-30 08:53:53 +08:00
liuxiongfeng
ba16ace697 chore: upgrade Antigravity User-Agent to 1.15.8 2026-01-30 08:14:52 +08:00
song
7ade9baa15 fix(gateway): 过滤 Gemini 请求中 parts 为空的消息 
Gemini API 不接受 contents 数组中 parts 为空的消息,会返回 400 INVALID_ARGUMENT 错误。
添加 filterEmptyPartsFromGeminiRequest 函数在转发前过滤这类消息。

影响范围:ForwardGemini (antigravity) 和 ForwardNative (gemini)
 2026-01-29 21:09:33 +08:00
yangjianbo
d9e345f23d Merge branch 'test' of https://github.com/mt21625457/aicodex2api into test 2026-01-29 20:34:21 +08:00
yangjianbo
a505d992ee feat: 优化配置 2026-01-29 20:33:26 +08:00
huangzhenpc
8e88d1dd80 Merge upstream/main: v0.1.62-v0.1.64 updates
Some checks failed
CI / test (push) Has been cancelled
Details
CI / golangci-lint (push) Has been cancelled
Details
Security Scan / backend-security (push) Has been cancelled
Details
Security Scan / frontend-security (push) Has been cancelled
Details 
Major updates:
- fix(gateway): fix SSE streaming usage data overwrite issue
- feat(purchase): add purchase subscription iframe page and config
- fix(scheduler): fix race condition from empty cache
- feat(settings): add PurchaseSubscriptionEnabled and PurchaseSubscriptionURL

Resolved conflicts:
- backend/cmd/server/VERSION: updated to 0.1.61
- setting_service.go: keep TianShuAPI site name while adding purchase subscription features

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-29 16:41:17 +08:00
yangjianbo
13262a5698 feat(sora): 新增 Sora 平台支持并修复高危安全和性能问题 
新增功能:
- 新增 Sora 账号管理和 OAuth 认证
- 新增 Sora 视频/图片生成 API 网关
- 新增 Sora 任务调度和缓存机制
- 新增 Sora 使用统计和计费支持
- 前端增加 Sora 平台配置界面

安全修复(代码审核):
- [SEC-001] 限制媒体下载响应体大小(图片 20MB、视频 200MB),防止 DoS 攻击
- [SEC-002] 限制 SDK API 响应大小(1MB),防止内存耗尽
- [SEC-003] 修复 SSRF 风险,添加 URL 验证并强制使用代理配置

BUG 修复(代码审核):
- [BUG-001] 修复 for 循环内 defer 累积导致的资源泄漏
- [BUG-002] 修复图片并发槽位获取失败时已持有锁未释放的永久泄漏

性能优化(代码审核):
- [PERF-001] 添加 Sentinel Token 缓存(3 分钟有效期),减少 PoW 计算开销

技术细节:
- 使用 io.LimitReader 限制所有外部输入的大小
- 添加 urlvalidator 验证防止 SSRF 攻击
- 使用 sync.Map 实现线程安全的包级缓存
- 优化并发槽位管理,添加 releaseAll 模式防止泄漏

影响范围:
- 后端:新增 Sora 相关数据模型、服务、网关和管理接口
- 前端:新增 Sora 平台配置、账号管理和监控界面
- 配置:新增 Sora 相关配置项和环境变量

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-29 16:18:38 +08:00
cyhhao
fa454b1b99 fix: align Claude Code system banner with opencode latest 2026-01-29 15:37:07 +08:00
cyhhao
8375094c69 fix(oauth): match Claude CLI accept header and beta set 2026-01-29 15:31:29 +08:00
cyhhao
91079d3f15 chore(debug): emit Claude mimic fingerprint on credential-scope error 2026-01-29 15:17:46 +08:00
cyhhao
63412a9fcc chore(debug): log Claude mimic fingerprint 2026-01-29 03:13:14 +08:00
cyhhao
d98648f03b fix: rewrite OpenCode identity sentence to Claude Code 2026-01-29 03:03:40 +08:00
cyhhao
c37fe91672 fix(oauth): update Claude CLI fingerprint headers 2026-01-29 02:52:26 +08:00
cyhhao
4d40fb6b60 fix(oauth): merge anthropic-beta and force Claude Code headers in mimic mode 2026-01-29 02:36:28 +08:00
cyhhao
be3b788b8f fix: also prefix next system block with Claude Code banner 2026-01-29 02:03:54 +08:00
cyhhao
723e54013a fix(oauth): mimic Claude Code metadata and beta headers 2026-01-29 01:49:51 +08:00
cyhhao
4d566f68b6 chore: gofmt 2026-01-29 01:34:58 +08:00
cyhhao
31f817d189 fix: add newline separation for Claude Code system prompt 2026-01-29 01:28:43 +08:00
cyhhao
59231668c5 Merge branch 'main' of github.com:Wei-Shaw/sub2api 2026-01-29 01:16:36 +08:00
shaw
cadca752c4 修复SSE流式响应中usage数据被覆盖的问题 2026-01-28 18:36:21 +08:00
Wesley Liddick
edf215e6fd Merge pull request #409 from DuckyProject/feat/purchase-subscription-iframe 
feat(purchase): 增加购买订阅 iframe 页面与配置
 2026-01-28 17:28:47 +08:00
shaw
e12dd079fd 修复调度器空缓存导致的竞态条件bug 
当新分组创建后立即绑定账号时,调度器会错误地将空快照视为有效缓存命中,
导致返回没有可调度的账号。现在空快照会触发数据库回退查询。
 2026-01-28 17:26:32 +08:00
ducky
04a509d45e feat(purchase): 增加购买订阅 iframe 页面与配置 
- 新增 /purchase 页面(iframe + 新窗口兜底)

- 管理员系统设置可配置开关与URL

- 非 simple mode 才在侧边栏展示入口
 2026-01-28 13:54:32 +08:00
Wesley Liddick
269a659200 Merge pull request #406 from geminiwen/main 
fix(openai-oauth): 改进错误处理和代理支持
 2026-01-28 13:53:44 +08:00
Wesley Liddick
2c31bf46b5 Merge pull request #401 from slovx2/heihuzi_main 
feat(gemini): 为 Gemini 原生平台添加图片计费支持
 2026-01-28 13:51:14 +08:00
song
5b787334c8 antigravity: 转发优先 daily 2026-01-28 11:17:39 +08:00
song
f761afb1ef antigravity: 区分切换后重试次数 2026-01-28 00:01:03 +08:00
Gemini Wen
8f6639f825 fix(response): add nil check for c.Request in error logging 
Prevents panic when ErrorFrom is called in test contexts where
gin.CreateTestContext doesn't set up an HTTP request.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 19:26:44 +08:00
Gemini Wen
fc17d9d7df chore: bump version to 0.1.61 and fix tests 
- Update VERSION from 0.1.46 to 0.1.61
- Remove ForceHTTP2 tests for OpenAI OAuth client (ForceHTTP2 was removed)
- Update createOpenAIReqClient test to use new single-arg signature

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 19:22:45 +08:00
Gemini Wen
ab092e88a8 fix(openai-oauth): 改进错误处理和代理支持 
- 使用 ApplicationError 返回详细错误信息到前端
- 添加 User-Agent: codex-cli/0.91.0
- 移除 ForceHTTP2 以兼容 HTTP 代理
- 修复代理获取失败时静默忽略的问题
- 500 错误时记录完整错误日志

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 19:13:01 +08:00
song
877c17251d feat(group): 添加 MCP XML 注入开关 
- Group 新增 mcp_xml_inject 字段,控制 Antigravity 平台的 MCP XML 协议注入
- 默认启用,可在分组设置中关闭
- 修复 GetByKeyForAuth 遗漏查询 mcp_xml_inject 字段导致认证缓存值始终为 false 的问题
 2026-01-27 13:09:56 +08:00
cyhhao
ffe43f6098 Merge branch 'main' of github.com:Wei-Shaw/sub2api 2026-01-27 11:09:11 +08:00
song
66f49b67d6 feat(accounts): 账号列表显示 Antigravity scope 级别限流状态 
- 后端 DTO 新增 scope_rate_limits 字段,从 extra 提取限流信息
- 前端状态列显示 scope 级限流徽章(Claude/Gemini/Image)
- 清除速率限制时同时清除账号级和 scope 级限流(已有实现)
 2026-01-27 11:04:41 +08:00