ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
448 Commits 2 Branches 0 Tags 20 MiB
3e540a5302
Commit Graph

11 Commits

Author SHA1 Message Date
ZhenYi
c7cee8c344 misc: polish git hooks, billing services, fctool, and API/WebSocket 
- git: clean up hook pool worker, commit sync, HTTP rate limiting
- billing: tighten workspace/project/agent billing logic
- fctool: add project boards and issues management tools
- api/ws: minor room WebSocket protocol adjustments
- frontend: add RoomSettingsPanel component
 2026-04-30 19:16:57 +08:00
ZhenYi
ef529d772b fix(service): resolve backend compilation errors 
- access_key.rs: use rand::rng() and random_range() for rand 0.10 API
- access_key.rs: fix update() returns DbErr, add .map_err(AppError::from)
- sync.rs: upsert_provider expects &str not String
- sync.rs: add QueryOrder import for order_by_asc
- issue.rs: change %e to ?e for Debug trait instead of Display
- workspace/info.rs: add missing closing brace in struct literal
 2026-04-27 16:39:52 +08:00
ZhenYi
bdb5393835 fix: resolve 30+ bugs from security audit 
Critical:
- CORS: replace allow_any_origin + credentials with env-configured origins
- XSS: escape HTML before dangerouslySetInnerHTML in search results
- Path traversal: sanitize storage keys to reject ".." components
- Auth missing: add Session requirement to git init/open/is-repo endpoints
- Transaction: wrap issue cascade delete in DB transaction

High:
- Mutex poisoning: replace unwrap() with poison-recovering guards
- Drop tokio::spawn: use runtime handle or fallback thread for lock release
- Redis KEYS: replace with non-blocking SCAN for typing events
- SSH panic: handle missing stdin/stdout/stderr gracefully
- LFS auth: remove x-user-uid header injection vector, generate per-request tokens

Medium:
- Memory leak: remove Box::leak in provider normalization
- Race conditions: query closed count directly instead of subtraction
- Silent failures: add tracing::warn for AI tasks, room events, activity logs
- Frontend nav: sync activeRoomId when initialRoomId prop changes
- Duplicate nav: remove redundant setActiveRoom in delete handler
- Callback conflict: skip undefined values in updateCallbacks merge
- Stale closure: use wsClient state instead of wsClientRef.current in useMemo

Low:
- Captcha: validate captcha not empty before login submission
- Broadcast capacity: reduce from 100K to 1000
- Error handling: add try/catch for removeMember and updateMemberRole
- Loading state: show placeholder instead of null in RepositoryContextProvider
- WebSocket: add heartbeat ping and jitter to reconnect backoff
 2026-04-27 10:57:23 +08:00
ZhenYi
07e74c230c feat: thinking_content column + first-project budget logic
Some checks are pending
CI / Rust Lint & Check (push) Waiting to run
Details
CI / Rust Tests (push) Waiting to run
Details
CI / Frontend Lint & Type Check (push) Waiting to run
Details
CI / Frontend Build (push) Blocked by required conditions
Details 
- Add thinking_content column to room_message table
- Migration for thinking_content column
- ws-protocol update with streaming chunk types
- Billing: first project gets $10, first workspace gets $30
- Subsequent projects/workspaces get $0 budget
 2026-04-26 13:11:06 +08:00
ZhenYi
773da34fab refactor(service): migrate auth, git service, agent from slog to tracing 
- Remove all use slog::* imports and slog::Logger fields/parameters
- Replace slog::info!/warn!/error! with tracing::info!/warn!/error!
- AppService: remove pub logs: slog::Logger field, update callers of
  AppEmail::init(), MessageProducer::new(), RoomService::new(),
  start_email_worker(), start_room_workers()
- auth/: captcha, email, login, logout, password, register, rsa, totp
- git/: archive, blame, blob, branch, commit, contributors, diff,
  refs, star, tag, tree, watch
- agent/: billing (ai_usage_recorded), code_review, pr_summary, sync
- project/activity.rs, workspace/alert.rs
 2026-04-21 22:28:33 +08:00
ZhenYi
81e6ee3d48 feat(observability): Phase 1-5 slog structured logging across platform 
Phase 1: add libs/observability crate (build_logger, instance_id);
  remove duplicate logger init from 4 crates
Phase 2: Actix-web RequestLogger with trace_id; MetricsMiddleware + HttpMetrics
Phase 3: Git SSH handle.rs slog struct; HTTP handler Logger kv
Phase 4: AI client eprintln -> slog warn; billing ai_usage_recorded log
Phase 5: SessionManager slog; workspace alert slog 2.x syntax
 2026-04-21 13:44:12 +08:00
ZhenYi
8316fe926f feat(service): add push and storage service modules, update project/user/workspace services 2026-04-20 15:45:40 +08:00
ZhenYi
fb91f5a6c5 feat(admin): add admin panel with billing alerts and model sync 
- Add libs/api/admin with admin API endpoints:
  sync models, workspace credit, billing alert check
- Add workspace_alert_config model and alert service
- Add Session::no_op() for background tasks without user context
- Add admin/ Next.js admin panel (AI models, billing, workspaces, audit)
- Start billing alert background task every 30 minutes
 2026-04-19 20:48:59 +08:00
ZhenYi
39d30678b5 fix(email): resolve SMTP connection failures (port 465 SMTPS, URL double scheme, retry backoff) 2026-04-19 01:04:11 +08:00
ZhenYi
9b9c12ffc8 feat(backend): add workspace invitation list and slug-based accept APIs 
- Add workspace_my_pending_invitations() for listing pending invites
- Add workspace_accept_invitation_by_slug() to accept by slug without token
- Register new routes: GET /workspaces/me/invitations, POST /workspaces/invitations/accept-by-slug
 2026-04-18 19:05:07 +08:00
ZhenYi
93cfff9738 init 2026-04-15 09:08:09 +08:00