copilot-swe-agent[bot]
0de4170ee7
chore: 添加 CORS 头过滤注释说明(代码审查反馈)
...
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-10 14:39:20 +00:00
copilot-swe-agent[bot]
df64cb221d
fix: 修复 Persona Studio 对话无回复 · API代理层新增反向代理 + PM2配置补全 + 模块自检修复
...
问题根因:Nginx 将所有 /api/* 路由到 api-proxy (port 3721),但
api-proxy 未处理 /api/ps/chat/*, /api/ps/auth/* 等 Persona Studio
后端路由,导致请求返回 404,用户发送消息后无回复。
修复内容:
1. api-proxy.js 新增反向代理,将 /api/ps/chat/*, /api/ps/auth/*,
/api/ps/build/*, /api/ps/notify/* 转发到 PS 后端 (port 3002)
2. ecosystem.config.js 补全 api-proxy + persona-studio PM2 配置
3. m15-cloud-drive/ 补全 README.md(模块自检修复)
4. README.md 开发者公告栏更新修复状态
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-10 14:38:17 +00:00
copilot-swe-agent[bot]
2482567ac2
Address code review: fix SSRF protection, cache key safety, error handling
...
- Add protocol validation (http/https only) to prevent SSRF via file:/ftp: URLs
- Hash both apiBase+apiKey together in cache key to prevent collision attacks
- Simplify frontend error detection (use TypeError instanceof instead of fragile string check)
- Make smoke test error code assertion more precise with regex
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-10 12:31:56 +00:00
copilot-swe-agent[bot]
e36bc19cfb
Fix: Add user API key endpoints to api-proxy.js, unify Persona Studio backend with docs proxy
...
Root cause: Persona Studio frontend sent requests to /api/ps/apikey/detect-models
but api-proxy.js (port 3721, the only backend Nginx routes to) didn't handle those paths.
The separate persona-studio backend (port 3002) was never deployed via ecosystem.config.js or Nginx.
Fix: Add detect-models and chat handlers directly to api-proxy.js so they work through
the same Nginx → API Proxy chain that the docs main site already uses successfully.
Also update frontend to point to port 3721 for local dev, and improve error messages.
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-10 12:25:36 +00:00
copilot-swe-agent[bot]
ebefa1f1da
fix: address code review feedback — schema, comment, key collision, streaming fallback
...
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-10 10:02:39 +00:00
copilot-swe-agent[bot]
8951eb86f1
feat: core brain upgrade v3.0 — shell-core separation architecture
...
- Created src/brain/ module (prompt-assembler, mode-detector, model-router, context-trimmer, memory-manager)
- Added HLI BRAIN domain endpoints (prompt, route, context, memory, status)
- Upgraded api-proxy.js with auto-fallback across providers
- Unified brain version to v3.0 across all files
- Frontend now calls backend brain APIs with local fallback
- Added truth-source federation documentation
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-10 09:57:26 +00:00
copilot-swe-agent[bot]
466f344ef8
fix: address code review — CORS, input validation, timeout alignment, logging
...
- CORS: default whitelist restricted to project domains (not wildcard)
- Input validation: clamp temperature [0,2] and max_tokens [1,8192]
- Timeout: increase to 60s, align Nginx config (90s read / 60s send)
- Logging: remove client IP and message count from logs
- Frontend: move proxy option lower in dropdown, fix duplicate system prompt
- Shorten proxy mode placeholder text
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-07 07:34:59 +00:00
copilot-swe-agent[bot]
723f6b16bc
feat: add backend API proxy layer for China network access
...
- backend-integration/api-proxy.js: Node.js proxy with SSE streaming passthrough
- Supports DeepSeek/Moonshot/Zhipu (China-direct) + Yunwu/OpenAI/Gemini
- API keys managed server-side via environment variables
- Rate limiting (10 req/min per IP)
- CORS support for cross-origin access
- Health check and model listing endpoints
- backend-integration/nginx-api-proxy.conf: Nginx config reference
- docs/index.html: Added "后端代理" provider option (no API key required)
- package.json: Added proxy:start script
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
2026-03-07 07:31:58 +00:00