The deploy job now validates DEPLOY_HOST, DEPLOY_USER, DEPLOY_KEY, and
DEPLOY_PATH secrets before attempting SSH operations. This replaces the
cryptic ssh-keyscan failure with a clear error message explaining which
secrets need to be configured.
Also made ssh-keyscan more robust by quoting the hostname and adding
fallback handling.
Ref: YM-CD-DEBUG-20260310-001
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
- Frontend index.html: Replace backend proxy model detection with direct browser fetch to user's API /models endpoint, add KNOWN_ENDPOINTS auto-probing, AbortController timeout
- Frontend chat.js: Replace backend proxy chat with direct browser fetch to user's API /chat/completions with streaming support
- Backend apikey.js: Add URL format validation (INVALID_API_BASE) and specific error codes (DNS_ERROR, NETWORK_ERROR, TIMEOUT)
- Backend server.js: Add /api/health endpoint for smoke test compatibility
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
- Add protocol validation (http/https only) to prevent SSRF via file:/ftp: URLs
- Hash both apiBase+apiKey together in cache key to prevent collision attacks
- Simplify frontend error detection (use TypeError instanceof instead of fragile string check)
- Make smoke test error code assertion more precise with regex
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
- Add 🧠 Persona Studio navigation tab in docs/index.html sidebar
- Update smoke tests to target api-proxy.js (port 3721) instead of persona-studio backend (3002)
- Update error code assertion to match improved error specificity
- Add test for INVALID_API_BASE validation
- Replace auth/login tests with /api/health check (auth is on separate service)
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Root cause: Persona Studio frontend sent requests to /api/ps/apikey/detect-models
but api-proxy.js (port 3721, the only backend Nginx routes to) didn't handle those paths.
The separate persona-studio backend (port 3002) was never deployed via ecosystem.config.js or Nginx.
Fix: Add detect-models and chat handlers directly to api-proxy.js so they work through
the same Nginx → API Proxy chain that the docs main site already uses successfully.
Also update frontend to point to port 3721 for local dev, and improve error messages.
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
- Use const/let instead of var for block-scoped variables in frontend
- Add header injection validation for API Key (reject newline chars)
- Include original error message in fetchModels error callback
- Use more reliable hostname for unreachable API base test
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
- Add backend route POST /api/ps/apikey/detect-models for model auto-detection with 1-hour caching
- Add backend route POST /api/ps/apikey/chat for proxying chat through user's own API credentials
- Update login page with API Key login section (API Base URL + API Key + model detection + model list)
- Update chat.js to support API Key mode with dynamic model usage (selected_model)
- Update styles for API Key login UI (detect status, model list, etc.)
- Add smoke tests for new endpoints and dev_id login backward compatibility
- Security: API Key stored only in sessionStorage, never persisted on backend
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>