hicccc77/WeFlow
1
0
Fork 0
mirror of https://github.com/hicccc77/WeFlow.git synced 2026-04-07 15:08:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,334 Commits 2 Branches 64 Tags
88d41f6857e6921fc5b4e0c2339774ac573f1f46
Commit Graph

1334 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
xuncha
88d41f6857 修复导出页意外的横向滑动条 2026-04-07 19:09:16 +08:00
xuncha
ec9c1bbbba 朋友圈导出页新增多选功能 2026-04-07 19:09:01 +08:00
xuncha
2db8af3668 Merge pull request #650 from huanghe/fix/http-api-security 
fix(security): harden HTTP API service against multiple vulnerabilities
 2026-04-07 15:39:01 +08:00
xuncha
c56ba6e0a1 Merge branch 'dev' into fix/http-api-security 2026-04-07 15:35:46 +08:00
H3CoF6
e8aaae5616 Merge pull request #656 from H3CoF6/main 
delete wayland notice
 2026-04-07 03:44:19 +08:00
H3CoF6
45deb99e3d delete wayland notice 2026-04-07 03:37:11 +08:00
H3CoF6
b821d370f9 Merge pull request #655 from FATFATHAO/feat/linux-notification 
[#654] fix: 更改linux中的消息通知走D-bus总线
 2026-04-07 03:10:50 +08:00
fatfathao
60248b28f8 fix: 更改linux中的消息通知走D-bus总线 2026-04-07 01:30:26 +08:00
cc
d128bedffa 新增资源管理并修复了朋友圈的资源缓存路径 nightly-dev 2026-04-06 23:32:59 +08:00
Ocean
f7f6252d0b Merge branch 'main' into fix/http-api-security 2026-04-06 14:11:17 +08:00
huanghe
62395b275d fix(security): harden HTTP API service against multiple vulnerabilities 
1. Path traversal in /api/v1/media/ — use path.resolve() and verify
   resolved path stays within media base directory
2. DoS via unlimited POST body — add 10MB size limit to parseBody()
3. Default no-auth — reject all requests when httpApiToken is not
   configured instead of silently allowing everything
4. Overly permissive CORS — restrict Access-Control-Allow-Origin from
   wildcard (*) to localhost/127.0.0.1 only
5. Timing attack on token comparison — use crypto.timingSafeEqual()
   instead of === for token verification
6. Unsafe default bind address — revert httpApiHost default from
   0.0.0.0 back to 127.0.0.1 to prevent network exposure

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-06 14:06:31 +08:00
cc
57fad47f27 Merge pull request #649 from hicccc77/dev 
Dev
 2026-04-06 13:45:04 +08:00
cc
20c5381211 更新 2026-04-06 13:23:16 +08:00
cc
4335abe31b 更新 2026-04-06 13:08:32 +08:00
cc
e5f7b54a7b Merge pull request #648 from hicccc77/main 
Merge pull request #647 from hicccc77/dev
 2026-04-06 13:06:33 +08:00
cc
ea1ef03b98 Merge pull request #647 from hicccc77/dev 
Dev
 2026-04-06 13:06:10 +08:00
cc
8d374d4f49 Merge branch 'main' into dev 2026-04-06 13:06:02 +08:00
cc
f910e17e53 Merge pull request #644 from fortii2/fix/export-worker-config 
#580 修复与部分引用功能相关联的无法读取解密配置的问题
 2026-04-06 13:04:13 +08:00
cc
35a76aa04f Merge pull request #643 from fortii2/issue-580-partial-quote 
#580 引用消息支持部分引用显示和导出
 2026-04-06 12:58:57 +08:00
cc
5fce21d799 Merge pull request #641 from FATFATHAO/fix-package 
fix: node25使用pnpm拉取文件时,ajv导致拉取失败的问题
 2026-04-06 12:52:38 +08:00
cc
a32696ee13 Merge branch 'dev' into fix-package 2026-04-06 12:52:18 +08:00
cc
b573baec80 Merge pull request #646 from hicccc77/dev 
Dev
 2026-04-06 12:49:47 +08:00
cc
0d4feceffc Merge branch 'dev' of https://github.com/hicccc77/WeFlow into dev 2026-04-06 12:48:59 +08:00
cc
92abe73f0a 更新 2026-04-06 12:48:53 +08:00
cc
74a08732fe Merge pull request #645 from hicccc77/dev 
修复了一些问题
 2026-04-06 12:16:38 +08:00
cc
7033a77d71 Merge branch 'main' into dev 2026-04-06 12:16:28 +08:00
cc
3b26e0c014 修复了一些问题 2026-04-06 12:15:50 +08:00
ethan
b8bf29277a 修复与部分引用功能相关联的无法读取解密配置的问题 2026-04-05 17:48:12 -04:00
ethan
867f85e8f2 实现 #580 引用消息支持部分引用显示 2026-04-05 17:39:22 -04:00
fatfathao
337fe21d18 fix: node25使用pnpm拉取文件时,ajv导致拉取失败的问题 2026-04-06 01:40:06 +08:00
cc
209b91bfef Merge pull request #638 from hicccc77/dev 
Dev
 2026-04-05 19:21:28 +08:00
cc
1049f55118 Merge branch 'dev' of https://github.com/hicccc77/WeFlow into dev 2026-04-05 14:53:14 +08:00
cc
ba7785a359 修复发布日期问题 2026-04-05 14:53:11 +08:00
cc
e6c821d3ee Merge pull request #637 from hicccc77/dev 
交互细节修复与代码修复
 2026-04-05 11:24:35 +08:00
cc
17a7741697 Merge branch 'main' into dev 2026-04-05 11:24:26 +08:00
cc
f00525d21a 交互细节修复与代码修复 2026-04-05 10:57:49 +08:00
cc
f5c79c1fab Merge pull request #636 from hicccc77/dev 
Dev
 2026-04-04 23:27:27 +08:00
cc
4fc0a92651 更新资源文件 2026-04-04 23:25:21 +08:00
cc
585ec39f8e Merge branch 'dev' of https://github.com/hicccc77/WeFlow into dev 2026-04-04 23:14:57 +08:00
cc
a0189fdd0a 修复 #597;实现 #556;修复 #623与 #543;修复卡片图片问题 2026-04-04 23:14:54 +08:00
cc
ede31732b3 Merge pull request #634 from BeiChen-CN/main 
feat:支持导出聊天记录中的文件
 2026-04-04 20:16:05 +08:00
姜北尘
a60381522d fix 2026-04-04 20:04:01 +08:00
姜北尘
64010ad86b feat:添加导出文件 2026-04-04 19:45:05 +08:00
cc
e628154b78 Merge pull request #632 from hicccc77/dev 
Dev
 2026-04-04 14:04:47 +08:00
cc
e5baf5e994 Merge branch 'main' into dev 2026-04-04 14:04:35 +08:00
cc
05fdbab496 更新信息 2026-04-04 13:26:06 +08:00
cc
512b1f6455 Merge branch 'dev' of https://github.com/hicccc77/WeFlow into dev 2026-04-04 10:57:46 +08:00
cc
5615d83f04 修复更新渠道问题 2026-04-04 10:57:43 +08:00
cc
ee38918516 Merge pull request #630 from hicccc77/dev 
Dev
 2026-04-04 09:54:46 +08:00
H3CoF6
d1b8d86a20 Merge pull request #625 from H3CoF6/dev 
修复biz的一些问题
 2026-04-04 02:58:54 +08:00