xinghuoapi

Author	SHA1	Message	Date
Wesley Liddick	493bd188d5	Merge pull request #680 from alfadb/fix/ops-normalize-nil-error-type fix(ops): validate error_type against known whitelist before classification	2026-02-28 22:39:32 +08:00
Wesley Liddick	9fd95df5cf	Merge pull request #679 from DaydreamCoding/feat/account-rpm-limit feat: 添加账号级别 RPM（每分钟请求数）限流功能	2026-02-28 22:37:10 +08:00
shaw	54de3bf27a	fix(ci): gosec 跳过自动生成的代码文件避免扫描超时为 gosec 添加 -exclude-generated 标志，跳过带有 "// Code generated" 注释的文件（如 wire_gen.go），防止安全扫描因分析自动生成代码而超时。	2026-02-28 22:30:53 +08:00
Wesley Liddick	4587c3e53e	Merge pull request #670 from DaydreamCoding/feat/admin-apikey-group-update feat(admin): 添加管理员直接修改用户 API Key 分组的功能	2026-02-28 22:20:29 +08:00
shaw	be18bc6fc3	chore: 恢复数据库迁移文件060和修正版本号	2026-02-28 22:02:01 +08:00
QTom	212cbbd3a2	fix: add missing rpmCache nil arg in sora_client_handler_test	2026-02-28 21:30:59 +08:00
QTom	6f9e690345	test(sora): 补充测试 stub 中缺失的 AddGroupToAllowedGroups 方法 feat/admin-apikey-group-update 分支给 UserRepository 接口新增了 AddGroupToAllowedGroups 方法，需要在测试 stub 中补充实现以通过编译。 - sora_client_handler_test.go: stubUserRepoForHandler - sora_generation_service_test.go: stubUserRepoForQuota	2026-02-28 20:55:31 +08:00
QTom	115d06edf0	fix: 修复 gofmt 格式问题	2026-02-28 20:38:35 +08:00
QTom	e135435ce2	fix: sync test constructor calls with new rpmCache parameter Add missing nil argument for rpmCache to NewAccountHandler (5 sites) and NewGatewayService (2 sites) after RPM feature expanded their signatures.	2026-02-28 20:38:35 +08:00
QTom	cd09adc3cc	fix: add sanitizeExtraBaseRPM to BatchCreate handler Ensures base_rpm validation (clamp 0-10000) is consistent across all four account mutation paths: Create, Update, BulkUpdate, BatchCreate.	2026-02-28 20:38:06 +08:00
QTom	2491e9b5ad	fix: round-3 review fixes for RPM limiting - Add sanitizeExtraBaseRPM to BulkUpdate handler (was missing) - Add WindowCost scheduling checks to legacy non-sticky selection paths (4 sites), matching existing sticky + load-aware coverage - Export ParseExtraInt from service package, remove duplicate parseExtraIntForValidation from admin handler	2026-02-28 20:38:06 +08:00
QTom	e63c83955a	fix: address deep code review issues for RPM limiting - Move IncrementRPM after Forward success to prevent phantom RPM consumption during account switch retries - Add base_rpm input sanitization (clamp to 0-10000) in Create/Update - Add WindowCost scheduling checks to legacy path sticky sessions (4 check sites + 4 prefetch sites), fixing pre-existing gap - Clean up rpm_strategy/rpm_sticky_buffer when disabling RPM in BulkEditModal (JSONB merge cannot delete keys, use empty values) - Add json.Number test cases to TestGetBaseRPM/TestGetRPMStickyBuffer - Document TOCTOU race as accepted soft-limit design trade-off	2026-02-28 20:38:06 +08:00
QTom	4b72aa33f3	fix: add enableRpmLimit to hasAnyFieldEnabled check in BulkEditModal Without this, submitting a bulk edit with only RPM changes would be rejected as "no fields selected".	2026-02-28 20:37:37 +08:00
QTom	ff9683b0fc	fix: move RPM prefetch before routing segment in legacy/mixed paths Ensures isAccountSchedulableForRPM calls within the routing segment hit the prefetch cache instead of querying Redis individually.	2026-02-28 20:37:37 +08:00
QTom	607237571f	fix: address code review issues for RPM limiting feature - Use TxPipeline (MULTI/EXEC) instead of Pipeline for atomic INCR+EXPIRE - Filter negative values in GetBaseRPM(), update test expectation - Add RPM batch query (GetRPMBatch) to account List API - Add warn logs for RPM increment failures in gateway handler - Reset enableRpmLimit on BulkEditAccountModal close - Use union type 'tiered' \| 'sticky_exempt' for rpmStrategy refs - Add design decision comments for rdb.Time() RTT trade-off	2026-02-28 20:37:37 +08:00
QTom	28ca7df297	feat: add RPM display to AccountCapacityCell	2026-02-28 20:37:10 +08:00
QTom	856c955386	feat: add RPM config to CreateAccountModal	2026-02-28 20:37:10 +08:00
QTom	e1c9016d90	feat: add RPM config to EditAccountModal	2026-02-28 20:37:10 +08:00
QTom	953c5036bf	feat: add RPM types and i18n translations	2026-02-28 20:37:10 +08:00
QTom	37fa980565	feat: flatten RPM config fields in Account DTO	2026-02-28 20:37:10 +08:00
QTom	f648b8e026	feat: increment RPM counter before request forwarding	2026-02-28 20:37:10 +08:00
QTom	678c3ae132	feat: integrate RPM scheduling checks into account selection flow	2026-02-28 20:37:10 +08:00
QTom	c1c31ed9b2	feat: wire RPMCache into GatewayService and AccountHandler	2026-02-28 20:35:38 +08:00
QTom	777be05348	feat: add RPMCache interface and Redis implementation with Lua scripts	2026-02-28 20:34:22 +08:00
QTom	0bb3e4a98c	feat: add RPM getter methods and schedulability check to Account model	2026-02-28 20:34:22 +08:00
QTom	9a91815b94	feat(admin): 完整实现管理员修改用户 API Key 分组的功能 ## 核心功能 - 添加 AdminUpdateAPIKeyGroupID 服务方法，支持绑定/解绑/保持不变三态语义 - 实现 UserRepository.AddGroupToAllowedGroups 接口，自动同步专属分组权限 - 添加 HTTP PUT /api-keys/:id handler 端点，支持管理员直接修改 API Key 分组 ## 事务一致性 - 使用 ent Tx 保证专属分组绑定时「添加权限」和「更新 Key」的原子性 - Repository 方法支持 clientFromContext，兼容事务内调用 - 事务失败时自动回滚，避免权限孤立 ## 业务逻辑 - 订阅类型分组阻断，需通过订阅管理流程 - 非活跃分组拒绝绑定 - 负 ID 和非法 ID 验证 - 自动授权响应，告知管理员成功授权的分组 ## 代码质量 - 16 个单元测试覆盖所有业务路径和边界用例 - 7 个 handler 集成测试覆盖 HTTP 层 - GroupRepo stub 返回克隆副本，防止测试间数据泄漏 - API 类型安全修复（PaginatedResponse<ApiKey>） - 前端 ref 回调类型对齐 Vue 规范 ## 国际化支持 - 中英文提示信息完整 - 自动授权成功/失败提示	2026-02-28 20:18:14 +08:00
QTom	000e621eb6	feat(admin): 添加管理员直接修改用户 API Key 分组的功能 - 新增 PUT /api/v1/admin/api-keys/:id 端点，允许管理员修改任意用户 API Key 的分组绑定 - 跳过用户级权限校验但保留分组有效性验证，修改后触发认证缓存失效 - Service 层支持三态语义：nil=不修改，0=解绑，>0=绑定，<0=拒绝 - 指针值拷贝保证安全隔离，负数 groupID 返回 400 INVALID_GROUP_ID - 前端 UserApiKeysModal 新增可点击的分组选择下拉框，支持多 Key 并发更新 - 下拉支持视口翻转和滚动关闭，按钮有 disabled 和加载状态 - 覆盖：后端 20 个单元测试 (Service 11 + Handler 9) + 前端 16 个 E2E 测试 - golangci-lint 0 issues, make test-unit 全部通过	2026-02-28 20:18:14 +08:00
alfadb	093d7ba858	fix(ops): use normalized error type for all classification functions - Compute normalizedType once and pass to classifyOpsPhase, classifyOpsSeverity, classifyOpsIsBusinessLimited, classifyOpsIsRetryable instead of raw parsed.ErrorType - Add test case verifying known type takes precedence over conflicting code Addresses Copilot review feedback on PR #680.	2026-02-28 19:28:08 +08:00
alfadb	ce006a7a91	fix(ops): validate error_type against known whitelist before classification Upstream proxies (account 4, 112) return `"<nil>"` as the error.type in their JSON responses — a Go fmt.Sprintf("%v", nil) artifact. Since `normalizeOpsErrorType` only checked for empty string, the literal "<nil>" passed through and poisoned the entire classification chain: error_phase was misclassified as "internal" (instead of "request"), severity was inflated to P2, and the stored error_type was meaningless. Add `isKnownOpsErrorType` whitelist so any unrecognised type falls through to the code-based or default "api_error" classification. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-28 19:28:08 +08:00
Wesley Liddick	9d795061af	Merge pull request #682 from mt21625457/pr/all-code-sync-20260228 feat(openai-ws): support websocket mode v2, optimize relay performance, enhance sora	2026-02-28 19:11:40 +08:00
yangjianbo	1d1fc019dc	fix(lint): resolve data management staticcheck warnings	2026-02-28 15:05:54 +08:00
yangjianbo	bb664d9bbf	feat(sync): full code sync from release	2026-02-28 15:01:20 +08:00
Wesley Liddick	bfc7b339f7	Merge pull request #675 from wucm667/fix/gosec-timeout-exclude-ent-dir fix(ci): 修复 gosec 扫描因 ent 生成代码导致超时的问题	2026-02-28 10:59:19 +08:00
wucm667	f30f8905ec	fix(ci): 修复 gosec 扫描因 ent 生成代码导致超时的问题【问题描述】 backend-security CI job 持续运行约 6 小时后被 GitHub Actions 强制取消，表现为 'Run gosec' 步骤挂起，最终以 cancelled 状态结束。【根本原因】 gosec 对 ./... 执行 AST 静态分析时，包含了 ent/ 目录下的自动生成文件（如 mutation.go 共 24800 行），导致分析时间超出 GitHub Actions 默认的 6 小时上限。【修复方案】 1. gosec 命令增加 -exclude-dir=ent 跳过自动生成代码目录 2. backend-security job 增加 timeout-minutes: 15，避免未来类似问题再次长时间卡死后才被发现 ent/ 目录内容全部由 Ent ORM 框架自动生成，开发者不直接编写，不需要纳入人工安全审计范围，排除后不影响扫描有效性。	2026-02-28 10:20:57 +08:00
Wesley Liddick	3bae525026	Merge pull request #650 from wucm667/feat/sync-page-title-on-locale-change feat(i18n): 切换语言时同步更新页面标题	2026-02-27 19:48:36 +08:00
shaw	df00805a2a	feat(frontend): 为管理端用量页面添加列显示设置	2026-02-27 19:41:26 +08:00
Wesley Liddick	a88ee96518	Merge pull request #665 from touwaeriol/fix/2k-image-default-pricing fix: add 2K image default pricing at 1.5x base price	2026-02-27 19:20:44 +08:00
Wesley Liddick	3cc2f9bd57	Merge pull request #664 from wucm667/fix/account-priority-hint fix(frontend): add priority hint in edit account modal	2026-02-27 19:19:36 +08:00
erio	d1b684b782	fix: add 2K image default pricing at 1.5x base price Previously 2K images used the same base price as 1K ($0.134). Now 2K uses 1.5x multiplier ($0.201), consistent with 4K using 2x ($0.268). - Backend: add 2K size branch in getDefaultImagePrice - Frontend: update 2K placeholder from 0.134 to 0.201 - Tests: update assertions for new 2K default price	2026-02-27 17:37:30 +08:00
wucm667	6460d4ad3a	fix(frontend): add priority hint in edit account modal	2026-02-27 16:00:11 +08:00
Wesley Liddick	19ea392d5d	Merge pull request #663 from touwaeriol/fix/update-antigravity-useragent-version fix: update antigravity user-agent version to 1.19.6	2026-02-27 15:28:45 +08:00
Wesley Liddick	fb4d016176	Merge pull request #659 from touwaeriol/feature/gemini-3.1-flash-image feat: 新增 gemini-3.1-flash-image 支持，替代 gemini-3-pro-image	2026-02-27 15:28:33 +08:00
erio	afec747d9e	fix: update antigravity user-agent version to 1.19.6 Update the default user-agent version from 1.18.4 to 1.19.6 to match the latest official antigravity client.	2026-02-27 12:31:51 +08:00
erio	7388fcce41	fix: gofmt alignment in constants.go	2026-02-27 09:52:50 +08:00
erio	a6f9f9f968	feat: replace gemini-3-pro-image with gemini-3.1-flash-image - Add migration 060 to update model_mapping for all antigravity accounts - Remove gemini-3-pro-image and gemini-3-pro-image-preview mappings - Add gemini-3.1-flash-image and gemini-3.1-flash-image-preview mappings - Update frontend usage window to show GImage for new model - Update isImageGenerationModel to support new model	2026-02-27 09:52:50 +08:00
Wesley Liddick	29759721e0	Merge pull request #651 from cagedbird043/pr/bulk-edit-platform-filter fix(frontend): 批量编辑添加跨平台模型映射警告与智能过滤	2026-02-27 09:03:00 +08:00
Wesley Liddick	1941b20521	Merge pull request #657 from alfadb/fix/count-tokens-404-passthrough fix(gateway): count_tokens 不支持时返回 404 而非伪造的 200	2026-02-27 08:42:46 +08:00
alfadb	e6969acb50	fix: address review - fix log wording and add response body assertion in test	2026-02-26 23:49:30 +08:00
alfadb	9489531431	fix(gateway): return 404 instead of fake 200 for unsupported count_tokens endpoint PR #635 returned HTTP 200 with {"input_tokens": 0} when upstream doesn't support count_tokens (404). This caused Claude Code CLI to trust the zero value, believing context uses 0 tokens, so auto-compression never triggers. Fix: return 404 with proper error body so CLI falls back to its local tokenizer for accurate estimation. Return nil (not error) to avoid polluting ops error metrics with expected 404s. Affected paths: - Passthrough APIKey accounts: upstream 404 now passed through as 404 - Antigravity accounts: same fix (was also returning fake 200)	2026-02-26 23:34:53 +08:00
cagedbird043	32b7c0ca9b	feat(frontend): 补齐 GPT-5.3 系列模型到白名单、批量编辑列表与预设映射 - useModelWhitelist.ts 添加 gpt-5.3-codex、gpt-5.3-codex-spark - BulkEditAccountModal.vue 添加 5.3 模型选项与预设按钮（含 5.2→5.3 升级映射）	2026-02-26 16:04:15 +08:00

1 2 3 4 5 ...

1790 Commits