Commits · c71b1d63e505c5f392dfe53d3272e666c4533d1d · 陈曦 / sub2api

05 Apr, 2026 1 commit
- Update oauth.go · 2c856b67
  偷得浮生 authored Apr 05, 2026
  
  2c856b67
16 Mar, 2026 1 commit
- chore(antigravity): bump default User-Agent version to 1.20.5 · 71f72e16
  erio authored Mar 16, 2026
  
  71f72e16
09 Mar, 2026 1 commit
- chore: bump Antigravity user agent version to 1.20.4 · 7ccb4c8e
  erio authored Mar 08, 2026
  
  7ccb4c8e
03 Mar, 2026 1 commit

fix: 恢复 PR #682 中被误替换为占位符的 OAuth client_secret · 0fe09f1d

shaw authored Mar 03, 2026

PR #682 (release → main 全量同步) 将 Antigravity 和 Gemini CLI 的
OAuth client_secret 硬编码值替换为了 "GOCSPX-your-client-secret" 占位符，
导致未配置环境变量的部署环境中 token 刷新失败。

恢复内容：
- antigravity/oauth.go: 恢复真实 client_secret
- antigravity/oauth_test.go: 恢复测试断言中的真实值
- geminicli/constants.go: 恢复真实 client_secret

0fe09f1d

28 Feb, 2026 1 commit
- feat(sync): full code sync from release · bb664d9b
  yangjianbo authored Feb 28, 2026
  
  bb664d9b
27 Feb, 2026 1 commit

fix: update antigravity user-agent version to 1.19.6 · afec747d

erio authored Feb 27, 2026

Update the default user-agent version from 1.18.4 to 1.19.6
to match the latest official antigravity client.

afec747d

24 Feb, 2026 4 commits

refactor: remove unused ClientSecret constant · d616f8c8

erio authored Feb 24, 2026

The ClientSecret constant was left as an empty string after
getClientSecret() was refactored to use defaultClientSecret.
Remove the dead constant and update the test accordingly.

d616f8c8

feat: add default value for Antigravity OAuth client secret · 36d2e699

erio authored Feb 24, 2026

Add a built-in default for ANTIGRAVITY_OAUTH_CLIENT_SECRET so the
service works out of the box without requiring environment variable
configuration. The env var can still override the default.

36d2e699

chore: update default Antigravity UserAgent version to 1.18.4 · 483c8f24

erio authored Feb 24, 2026

Update the default ANTIGRAVITY_USER_AGENT_VERSION from 1.84.2 to
1.18.4 to match the current Antigravity-Manager desktop client.

483c8f24

fix: 修复 antigravity UserAgent 重构遗留的编译错误和测试不匹配 · e435a46d

shaw authored Feb 24, 2026

- oauth.go: GetUserAgent() 缺少闭合大括号导致语法错误
- client_test.go/oauth_test.go: UserAgent 变量已重构为 GetUserAgent()，更新测试引用
- model_rate_limit_test.go: gemini-3-pro-preview 映射目标已更新为 gemini-3.1-pro-high，同步测试

e435a46d

23 Feb, 2026 1 commit
- feat: 让 User-Agent 版本可通过环境变量 ANTIGRAVITY_USER_AGENT_VERSION 配置，默认 1.84.2 · 1fc6ef3d
  cagedbird043 authored Feb 23, 2026
  
  1fc6ef3d
09 Feb, 2026 1 commit

fix: 修复代码审核发现的安全和质量问题 · d7011163

yangjianbo authored Feb 09, 2026



安全修复（P0）：
- 移除硬编码的 OAuth client_secret（Antigravity、Gemini CLI），
  改为通过环境变量注入（ANTIGRAVITY_OAUTH_CLIENT_SECRET、
  GEMINI_CLI_OAUTH_CLIENT_SECRET）
- 新增 logredact.RedactText() 对非结构化文本做敏感信息脱敏，
  覆盖 GOCSPX-*/AIza* 令牌和常见 key=value 模式
- 日志中不再打印 org_uuid、account_uuid、email_address 等敏感值

安全修复（P1）：
- URL 验证增强：新增 ValidateHTTPURL 统一入口，支持 allowlist 和
  私网地址阻断（localhost/内网 IP）
- 代理回退安全：代理初始化失败时默认阻止直连回退，防止 IP 泄露，
  可通过 security.proxy_fallback.allow_direct_on_error 显式开启
- Gemini OAuth 配置校验：client_id 与 client_secret 必须同时
  设置或同时留空

其他改进：
- 新增 tools/secret_scan.py 密钥扫描工具和 Makefile secret-scan 目标
- 更新所有 docker-compose 和部署配置，传递 OAuth secret 环境变量
- google_one OAuth 类型使用固定 redirectURI，与 code_assist 对齐
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

d7011163

03 Feb, 2026 1 commit
- chore: gofmt · f1aafbc0
  song authored Feb 03, 2026
  
  f1aafbc0
02 Feb, 2026 1 commit
- merge upstream main · 0170d19f
  song authored Feb 02, 2026
  
  0170d19f
30 Jan, 2026 1 commit
- chore: upgrade Antigravity User-Agent to 1.15.8 · ba16ace6
  liuxiongfeng authored Jan 30, 2026
  
  ba16ace6
28 Jan, 2026 1 commit
- antigravity: 转发优先 daily · 5b787334
  song authored Jan 28, 2026
  
  5b787334
16 Jan, 2026 3 commits

feat(antigravity): 动态 URL 排序，最近成功的优先使用 · 69c4b17a

song authored Jan 17, 2026

- URLAvailability 新增 lastSuccess 字段追踪最近成功的 URL
- GetAvailableURLs 返回列表时优先放置 lastSuccess
- 所有 Antigravity API 调用成功后调用 MarkSuccess 更新优先级

69c4b17a

feat(antigravity): 同步 Antigravity-Manager 的请求逻辑 · cc0fca35

song authored Jan 17, 2026

- System Prompt: 改为简短版，添加 OpenCode 过滤、MCP XML 协议注入、SYSTEM_PROMPT_END 标记
- HTTP Headers: 只保留 Content-Type/Authorization/User-Agent，移除 Accept 和 Host
- User-Agent: 改为 antigravity/1.11.9 windows/amd64
- requestType: 动态判断 (agent/web_search/image_gen)
- BaseURLs: 添加 daily sandbox 备用 URL
- Fallback: 扩展触发条件 (429/408/404/5xx)

cc0fca35

fix: Antigravity project_id 获取优化 · a61042bc

song authored Jan 16, 2026

- API URL 改为只使用 prod 端点
- 刷新 token 时每次调用 LoadCodeAssist 更新 project_id
- 移除随机生成 project_id 的兜底逻辑

a61042bc

09 Jan, 2026 1 commit
- feat(antigravity): 添加 URL fallback 机制 (sandbox → daily → prod) · 2d83941a
  shaw authored Jan 09, 2026
  
  2d83941a
08 Jan, 2026 1 commit
- fix(antigravity): 修复请求频繁429的问题 · 6e8188ed
  shaw authored Jan 08, 2026
  
  6e8188ed
30 Dec, 2025 1 commit

feat(Antigravity): 为无 project_id 的账户生成随机 project_id · fa48cf27

song authored Dec 30, 2025

部分账户类型（如 g1-pro-tier）API 不返回 cloudaicompanionProject，
但实际接受任意格式的 project_id，故添加随机生成逻辑作为兜底。

fa48cf27

28 Dec, 2025 1 commit
- feat: 添加 Antigravity (Cloud AI Companion) OAuth 授权支持 · 6648e650
  song authored Dec 28, 2025
  
  6648e650