- Fix bulk edit: send 0 instead of null/NaN to clear load_factor
- Fix edit modal: explicit NaN check instead of implicit falsy
- Fix create modal: use ?? instead of || for load_factor
- Add load_factor upper limit validation (max 10000)
- Add //go:build unit tag and self-contained intPtrHelper in test
- Add design intent comments on WaitPlan.MaxConcurrency
- Extract postUsageBilling() to consolidate billing logic across
GatewayService.RecordUsage, RecordUsageWithLongContext, and
OpenAIGatewayService.RecordUsage, eliminating ~120 lines of
duplicated code
- Fix account quota to use TotalCost × accountRateMultiplier
(was using raw TotalCost, inconsistent with account cost stats)
- Fix RecordUsageWithLongContext API Key quota only updating in
balance mode (now updates regardless of billing type)
- Fix WebSocket client disconnect detection on Windows by adding
"an established connection was aborted" to known disconnect errors
Antigravity APIKey accounts were incorrectly routed to
testAntigravityAccountConnection which calls AntigravityTokenProvider,
but the token provider only handles OAuth and Upstream types, causing
"not an antigravity oauth account" error.
Extract routeAntigravityTest to route APIKey accounts to native
Claude/Gemini test paths based on model prefix, matching the
gateway_handler routing logic for normal requests.
The existing regex only matched the old format where account_uuid is
empty (account__session_). Real Claude Code clients and newer sub2api
generated user_ids use account_{uuid}_session_ which was silently
skipped, causing the original metadata.user_id to leak to upstream
when User-Agent is rewritten by an intermediate gateway.
Closes#766
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix fileChecksum for 061 migration: use TrimSpace hash (66207e7a) instead
of raw sha256sum (97bdd9a3), matching the actual runtime computation
- Add 222b4a09 as accepted DB checksum for 061 migration
- Add missing GetAPIKeyRateLimit/SetAPIKeyRateLimit/UpdateAPIKeyRateLimitUsage/
InvalidateAPIKeyRateLimit methods to mock BillingCache in test stubs
- Fix NewBillingCacheService call in singleflight test (add apiKeyRepo param)
Replaced by filterUserVisibleMenuItems which includes both array
validation and admin-item filtering.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1. (Critical) Filter admin-only menu items from public API responses -
both GetPublicSettings handler and GetPublicSettingsForInjection now
exclude visibility=admin items, preventing unauthorized access to
admin menu URLs.
2. (Medium) Validate JSON array structure in sanitizeCustomMenuItemsJSON -
use json.Unmarshal into []json.RawMessage instead of json.Valid to
reject non-array JSON values that would cause frontend runtime errors.
3. (Medium) Decouple router from business JSON parsing - move origin
extraction logic from router.go to SettingService.GetFrameSrcOrigins,
eliminating direct JSON parsing of custom_menu_items in the routing
layer.
4. (Low) Restrict custom menu item ID charset to [a-zA-Z0-9_-] via
regex validation, preventing route-breaking characters like / ? # or
spaces.
5. (Low) Handle crypto/rand error in generateMenuItemID - return error
instead of silently ignoring, preventing potential duplicate IDs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add configurable custom menu items that appear in sidebar, each rendering
an iframe-embedded external page. Includes shared URL builder with
src_host/src_url tracking, CSP frame-src multi-origin deduplication,
admin settings UI, and i18n support.
chore: bump version to 0.1.87.19
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
