hicccc77/WeFlow
1
0
Fork 0
mirror of https://github.com/hicccc77/WeFlow.git synced 2026-04-08 07:25:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,398 Commits 5 Branches 65 Tags
73ee524d1f93fac4f109eba76f51ccf9b0730e8e
Commit Graph

1398 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
xuncha
73ee524d1f Merge branch 'dev' into dev 2026-04-07 22:49:10 +08:00
xuncha
4af8334f50 修复图片解密 2026-04-07 22:45:15 +08:00
cc
43fed79204 Merge pull request #653 from Jasonzhu1207/feature/ai-insight 
Feature:增加AI见解功能
 2026-04-07 22:21:42 +08:00
cc
b356814ebb 规范化资源文件;修复消息气泡宽度异常的问题;优化资源管理页面性能 2026-04-07 20:53:45 +08:00
cc
0acad9927a 重新修复 #654 所提到的问题 2026-04-07 20:14:23 +08:00
cc
5bc46fadfc Merge pull request #665 from hicccc77/main 
Dev
 2026-04-07 19:49:39 +08:00
cc
3090306394 Merge branch 'dev' into main nightly-preview 2026-04-07 19:49:31 +08:00
cc
ec95a16c7a Merge pull request #626 from hicccc77/dependabot/npm_and_yarn/dev/vite-plugin-electron-0.29.1 
chore(deps-dev): bump vite-plugin-electron from 0.28.8 to 0.29.1
 2026-04-07 19:46:44 +08:00
cc
45d3f735a9 Merge pull request #627 from hicccc77/dependabot/npm_and_yarn/dev/sherpa-onnx-node-1.12.35 
chore(deps): bump sherpa-onnx-node from 1.12.34 to 1.12.35
 2026-04-07 19:46:35 +08:00
cc
0734b64cc8 Merge pull request #628 from hicccc77/dependabot/npm_and_yarn/dev/sass-1.99.0 
chore(deps-dev): bump sass from 1.98.0 to 1.99.0
 2026-04-07 19:46:22 +08:00
cc
70ad21cb46 Merge pull request #657 from hicccc77/dependabot/npm_and_yarn/npm_and_yarn-c4bc6a0a9e 
chore(deps-dev): bump vite from 7.3.1 to 7.3.2 in the npm_and_yarn group across 1 directory
 2026-04-07 19:45:51 +08:00
xuncha
9181490d0f Merge pull request #662 from chrocy/fix-export-excel-columns 
feat: 新增 Excel 导出完整列开关
 2026-04-07 19:33:14 +08:00
xuncha
01fc5cd1a0 导出在选择完整列的时候私聊不会有群昵称 2026-04-07 19:29:35 +08:00
xuncha
b12ffff310 Merge branch 'dev' into fix-export-excel-columns 2026-04-07 19:16:41 +08:00
xuncha
835359edf8 Merge branch 'main' into fix-export-excel-columns 2026-04-07 19:16:14 +08:00
xuncha
88817cf95e Merge pull request #664 from xunchahaha/dev 
修复导出页意外的横向滑动条 朋友圈导出新增多选
 2026-04-07 19:15:04 +08:00
xuncha
88d41f6857 修复导出页意外的横向滑动条 2026-04-07 19:09:16 +08:00
xuncha
ec9c1bbbba 朋友圈导出页新增多选功能 2026-04-07 19:09:01 +08:00
chrocy
f9313392f1 feat: 优化 Excel 导出设置,解决 #529,将「导出完整列」选项合并到「发送者名称显示」中 2026-04-07 16:44:59 +08:00
xuncha
2db8af3668 Merge pull request #650 from huanghe/fix/http-api-security 
fix(security): harden HTTP API service against multiple vulnerabilities
 2026-04-07 15:39:01 +08:00
xuncha
c56ba6e0a1 Merge branch 'dev' into fix/http-api-security 2026-04-07 15:35:46 +08:00
dependabot[bot]
f1dcc84991 chore(deps-dev): bump vite in the npm_and_yarn group across 1 directory 
Bumps the npm_and_yarn group with 1 update in the / directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `vite` from 7.3.1 to 7.3.2
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.2/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 7.3.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-06 22:30:51 +00:00
H3CoF6
e8aaae5616 Merge pull request #656 from H3CoF6/main 
delete wayland notice
 2026-04-07 03:44:19 +08:00
H3CoF6
45deb99e3d delete wayland notice 2026-04-07 03:37:11 +08:00
dependabot[bot]
28f6f966b9 chore(deps): bump sherpa-onnx-node from 1.12.34 to 1.12.35 
Bumps [sherpa-onnx-node](https://github.com/csukuangfj/sherpa-onnx) from 1.12.34 to 1.12.35.
- [Release notes](https://github.com/csukuangfj/sherpa-onnx/releases)
- [Changelog](https://github.com/csukuangfj/sherpa-onnx/blob/dart-v1.12.35/CHANGELOG.md)
- [Commits](https://github.com/csukuangfj/sherpa-onnx/compare/dart-v1.12.34...dart-v1.12.35)

---
updated-dependencies:
- dependency-name: sherpa-onnx-node
  dependency-version: 1.12.35
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-06 19:12:13 +00:00
dependabot[bot]
7bd569feca chore(deps-dev): bump vite-plugin-electron from 0.28.8 to 0.29.1 
Bumps [vite-plugin-electron](https://github.com/electron-vite/vite-plugin-electron) from 0.28.8 to 0.29.1.
- [Release notes](https://github.com/electron-vite/vite-plugin-electron/releases)
- [Changelog](https://github.com/electron-vite/vite-plugin-electron/blob/main/CHANGELOG.md)
- [Commits](https://github.com/electron-vite/vite-plugin-electron/compare/v0.28.8...v0.29.1)

---
updated-dependencies:
- dependency-name: vite-plugin-electron
  dependency-version: 0.29.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-06 19:12:10 +00:00
dependabot[bot]
056f2c1833 chore(deps-dev): bump sass from 1.98.0 to 1.99.0 
Bumps [sass](https://github.com/sass/dart-sass) from 1.98.0 to 1.99.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.98.0...1.99.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-version: 1.99.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-06 19:12:10 +00:00
H3CoF6
b821d370f9 Merge pull request #655 from FATFATHAO/feat/linux-notification 
[#654] fix: 更改linux中的消息通知走D-bus总线
 2026-04-07 03:10:50 +08:00
fatfathao
60248b28f8 fix: 更改linux中的消息通知走D-bus总线 2026-04-07 01:30:26 +08:00
cc
d128bedffa 新增资源管理并修复了朋友圈的资源缓存路径 2026-04-06 23:32:59 +08:00
Jason
489b545965 Add files via upload 2026-04-06 21:01:24 +08:00
Jason
36533d07f8 Add files via upload 2026-04-06 21:01:00 +08:00
Jason
625e4f8e6a Merge pull request #13 from Jasonzhu1207/v0/jasonzhu081207-4751-f2dd3a17 
Enable AI insights and Telegram push notifications
 2026-04-06 20:39:32 +08:00
v0
c4774e1ce1 refactor: optimize insightService to skip getSessions() in whitelist mode 
Eliminate unnecessary getSessions() calls and use lightweight queries for performance.

Co-authored-by: Jason <159670257+Jasonzhu1207@users.noreply.github.com>
 2026-04-06 12:33:11 +00:00
Jason
e1682f99d2 Merge pull request #12 from Jasonzhu1207/v0/jasonzhu081207-4751-9343a5f0 
Enable AI insights and Telegram push notifications
 2026-04-06 20:12:58 +08:00
v0
a23461bfce fix: optimize insightService for performance 
Address DB connection issues, cache TTL, and timer handling to improve efficiency.

Co-authored-by: Jason <159670257+Jasonzhu1207@users.noreply.github.com>
 2026-04-06 12:06:02 +00:00
Jason
73fc36e63a Merge pull request #11 from Jasonzhu1207/v0/jasonzhu081207-4751-b8ccf9ee 
Enable AI insights and Telegram push notifications
 2026-04-06 19:31:12 +08:00
v0
4beddb7a62 fix: resolve main thread block and high CPU issues 
Switch 'fs.appendFileSync' to 'fs.appendFile' and optimize 'getSessionsCached' to reduce DB access.

Co-authored-by: Jason <159670257+Jasonzhu1207@users.noreply.github.com>
 2026-04-06 11:28:33 +00:00
Jason
b130165831 Merge pull request #10 from Jasonzhu1207/v0/jasonzhu081207-4751-c8eef8af 
Enable AI insights and Telegram push notifications
 2026-04-06 18:59:09 +08:00
v0
9adffc3cd7 fix: resolve multiple issues and performance enhancement 
Fix performance issue, Telegram prefix, and two encoding bugs; update custom prompt UI.

Co-authored-by: Jason <159670257+Jasonzhu1207@users.noreply.github.com>
 2026-04-06 10:55:30 +00:00
Jason
a52619c4d5 Merge pull request #9 from Jasonzhu1207/v0/jasonzhu081207-4751-0177d73e 
Enable AI insights and Telegram push notifications
 2026-04-06 18:13:03 +08:00
v0
cf40d3ad63 feat: optimize prompt caching and add Telegram push 
Add system prompt caching, custom prompt, and Telegram push settings.

Co-authored-by: Jason <159670257+Jasonzhu1207@users.noreply.github.com>
 2026-04-06 09:56:11 +00:00
Ocean
f7f6252d0b Merge branch 'main' into fix/http-api-security 2026-04-06 14:11:17 +08:00
Jason
14a2475fb1 Add files via upload 2026-04-06 14:09:55 +08:00
Jason
76a55998c2 Add files via upload 2026-04-06 14:09:22 +08:00
Jason
1ec8d54e96 Merge branch 'hicccc77:main' into main 2026-04-06 14:07:31 +08:00
huanghe
62395b275d fix(security): harden HTTP API service against multiple vulnerabilities 
1. Path traversal in /api/v1/media/ — use path.resolve() and verify
   resolved path stays within media base directory
2. DoS via unlimited POST body — add 10MB size limit to parseBody()
3. Default no-auth — reject all requests when httpApiToken is not
   configured instead of silently allowing everything
4. Overly permissive CORS — restrict Access-Control-Allow-Origin from
   wildcard (*) to localhost/127.0.0.1 only
5. Timing attack on token comparison — use crypto.timingSafeEqual()
   instead of === for token verification
6. Unsafe default bind address — revert httpApiHost default from
   0.0.0.0 back to 127.0.0.1 to prevent network exposure

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-06 14:06:31 +08:00
cc
57fad47f27 Merge pull request #649 from hicccc77/dev 
Dev
 2026-04-06 13:45:04 +08:00
cc
20c5381211 更新 2026-04-06 13:23:16 +08:00
Jason
b8cd9a8c38 Merge branch 'hicccc77:main' into main 2026-04-06 13:13:15 +08:00