erio bf6fe5e962 fix: custom menu security hardening and code quality improvements ...

- Add admin menu permission check in CustomPageView (visibility + role)
- Sanitize SVG content with DOMPurify before v-html rendering (XSS prevention)
- Decouple router.go from dto package using anonymous struct
- Consolidate duplicate parseCustomMenuItems into dto.ParseCustomMenuItems
- Enhance menu item validation (count, length, ID uniqueness limits)
- Add audit logging for purchase_subscription and custom_menu_items changes
- Update API contract test to include custom_menu_items field

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-03 06:23:56 +08:00

..

cmd

feat(settings): add default subscriptions for new users

2026-03-02 03:59:31 +08:00

ent

feat(sync): full code sync from release

2026-02-28 15:01:20 +08:00

internal

fix: custom menu security hardening and code quality improvements

2026-03-03 06:23:56 +08:00

migrations

chore: 恢复数据库迁移文件060和修正版本号

2026-02-28 22:02:01 +08:00

resources/model-pricing

chore: 调整模型定价文件仓库

2026-02-25 13:50:21 +08:00

.dockerignore

feat(ops): 增强上游错误追踪和新增定时报告服务

2026-01-11 23:00:31 +08:00

.golangci.yml

fix(ci): 将 gosec 集成到 golangci-lint 解决安全扫描超时

2026-02-28 23:12:38 +08:00

Dockerfile

build(工具链): 升级 Go 到 1.25.7

2026-02-06 07:41:23 +08:00

go.mod

feat(settings): add default subscriptions for new users

2026-03-02 03:59:31 +08:00

go.sum

feat(admin): 添加管理员直接修改用户 API Key 分组的功能

2026-02-28 20:18:14 +08:00

Makefile

feat(sync): full code sync from release

2026-02-28 15:01:20 +08:00