d4168720ac
feat(admin-frontend): 补齐用户节点与订单运营工作台
...
新增用户高级筛选、批量操作与更多行级动作,支持邮件、
CSV、封禁恢复、订单分配、邀请查看、流量记录与重置流量
增强节点管理页的分页、父子筛选、跨页勾选、批量修改与
单节点置顶,并补齐后端批量更新 host、group_ids、rate
修复订单佣金状态误判问题,新增真实佣金筛选与行级确认,
同时优化仪表盘排行悬浮详情展示
补充 admin-frontend 独立 Dockerfile、Caddy 配置与 GHCR
发布工作流,支持通过独立镜像部署管理前端
2026-04-24 23:15:48 +08:00
e393b11b61
feat(admin-frontend): 完成节点与礼品卡管理工作台
...
补齐节点管理真实新增、编辑与排序流程,接入权限组与路由组
维护页,并支持 11 种协议的动态配置表单
开放礼品卡管理入口,交付模板、兑换码、使用记录与统计四页签
工作台,接入 gift-card 相关后台接口
将知识库、权限组与路由管理从占位页升级为真实页面,并修复侧边栏
低高度裁切问题
修复仪表盘 24h 流量排行涨跌始终为 0 的问题,改为对比昨天整日统
计并补充单元测试
2026-04-24 21:58:16 +08:00
f7cef30b9c
feat(admin-frontend): 完成订阅与系统管理真实工作台
...
补齐订单、优惠券、主题、插件、公告与支付管理页面,
接入对应后台接口、路由入口与工具层类型定义。
同时修复套餐页开关初始化误写问题,避免浏览即触发写操作。
在订阅协议侧为 Stash 导出增加 AnyTLS 版本守卫,
未知版本或低于 3.3.0 时不再导出该协议,并补充回归测试与知识记录。
2026-04-24 16:52:41 +08:00
16203b14f6
feat(admin-frontend): 新增系统与订阅管理后台页面
...
扩展管理端侧边栏与路由,新增系统配置真实页面、订阅套餐
管理页、节点管理页及多个结构化占位页
补齐前端 API、类型与工具层,并增强仪表盘刷新、趋势切换、
失败作业详情与流量排行 limit 联动能力
同步后端 traffic rank limit 支持与知识库归档、设计约束、
验证配置及视觉验收产物
2026-04-24 15:32:09 +08:00
9ce345eb76
merge: sync upstream/master preserving local changes
2026-04-23 22:27:18 +08:00
ec1efb4482
refactor(middleware): split V2 server middleware to drop node_type
2026-04-23 19:24:34 +08:00
5462b7036a
docs(upgrade): note pre-2026-04-19 compose upgrade command
2026-04-23 12:23:08 +08:00
ac6d8f01ba
fix(caddy): preserve X-Forwarded-For chain so Laravel TrustProxies resolves real client IP
2026-04-23 11:39:58 +08:00
2efef9e8ee
fix(security): prevent payment gateway credentials leakage via OrderResource
2026-04-23 10:26:35 +08:00
60b5c99e74
✨ feat(admin): 补齐工单工作台与流量日志
...
---
✨ feat(admin): add ticket workspace and traffic logs
2026-04-21 23:13:00 +08:00
97cf167090
feat(admin-frontend): 新增用户管理页面和导航
2026-04-21 05:19:07 +08:00
f68ba190a8
feat(admin-frontend): 重做登录回跳与仪表盘样式
...
重构管理端登录、主布局和仪表盘,统一为 Apple 风格
并移除高成本装饰层以提升页面流畅度。
补充仪表盘统计、趋势、排行和系统状态接口封装,
同时完善受保护路由的 redirect 回跳逻辑。
2026-04-21 04:23:23 +08:00
4cfda0fbf1
feat(admin-frontend): 初始化管理端登录功能
2026-04-21 03:28:04 +08:00
df77cbfb47
fix(docker): re-apply www ownership to /www at entrypoint
2026-04-20 01:39:24 +08:00
26210ed8d4
chore(docker): all-in-one redis no longer listens on TCP
2026-04-20 01:14:52 +08:00
9e2a66f1d5
fix: backfill utls for legacy vless reality nodes
2026-04-20 00:08:00 +08:00
1fbf5d160a
Update installation instructions for aapanel-docker
2026-04-19 23:33:32 +08:00
cb8c1743dc
fix(deploy): make install/update redis-independent and clean stale octane state
...
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com >
2026-04-19 23:23:27 +08:00
dc8fbd1839
docs: update readme
2026-04-19 21:57:56 +08:00
e01620689b
refactor: all-in-one docker deployment with auto-tuned resources and per-mode compose templates
2026-04-19 21:18:15 +08:00
c36054b970
fix: restore stripped protocol_settings fields for tuic/mieru/vmess
2026-04-19 00:45:47 +08:00
c0b6ee1763
refactor: core plugins to plugins-core
2026-04-18 23:31:59 +08:00
fe62542b7c
fix: unify Trojan server_name/allow_insecure to tls_settings across all protocols
2026-04-18 21:00:21 +08:00
bdd7820a69
feat(admin): batch node-machine binding & frontend update
2026-04-18 19:38:31 +08:00
1603359120
fix: commit composer.lock for reproducible Docker builds
2026-04-18 16:56:41 +08:00
360684245e
fix: ticket reply_status semantics, N+1 query, and admin reply auto-reopen
2026-04-18 16:40:21 +08:00
da8b5018ea
fix: Shadowrocket Trojan whitelist bug and xhttp support
2026-04-18 16:07:22 +08:00
9ba946621e
feat: email template management with DB override, modern mail redesign
2026-04-18 15:41:23 +08:00
e689699f44
fix: batchUpdate use model instance to trigger observer
2026-04-18 04:26:25 +08:00
521d4e3ac5
fix: dedup device IPs, reset stale online_count on disconnect and scheduled cleanup ( #886 )
2026-04-18 02:57:55 +08:00
1708b6564b
feat: add xhttp subscriptions, network monitoring, chart legend toggle and ticket sender labels
2026-04-18 02:02:06 +08:00
994819e8a0
fix(clashmeta): handle associative arrays in block yaml export
2026-04-18 01:50:45 +08:00
4a5091825c
t2
2026-04-18 01:30:24 +08:00
1282e802b5
t
2026-04-18 01:23:46 +08:00
9ca92430ee
fix(clashmeta): render block-style yaml for subscription export
2026-04-18 01:11:11 +08:00
964d055021
chore(ci): optimize docker publish workflow
2026-04-18 00:45:00 +08:00
cd5e00bbfb
Merge remote-tracking branch 'upstream/master'
...
# Conflicts:
# public/assets/admin
2026-04-18 00:35:04 +08:00
ecf0a268d3
fix(clashmeta): keep nested proxy objects in block style
2026-04-18 00:31:25 +08:00
d9833fab47
fix(plugin): improve plugin install and uninstall migration handling
2026-04-17 23:11:03 +08:00
f84afc7903
fix: support both GET and POST for handshake endpoint (backward compatibility)
2026-04-17 20:59:48 +08:00
fea7d97aa3
Update installer URL to use 'dev' branch
2026-04-17 12:54:22 +08:00
a74cc2f19d
feat: show install command on machine creation
2026-04-17 06:47:05 +08:00
e297b5fe9f
feat: machine mode, ECH subscriptions, batch ops & security hardening
2026-04-17 03:02:53 +08:00
edbd8de356
QuantumultX下发Anytls节点 ( #880 )
...
QuantumultX最新版本支持Anytls了,做适配
2026-04-16 19:31:24 +08:00
cbb46aca69
chore(helloagents): archive merge workflow proposals and tasks
2026-04-16 17:29:40 +08:00
abd64ed20c
Merge remote-tracking branch 'upstream/master'
...
# Conflicts:
# app/Services/UserOnlineService.php
# public/assets/admin
2026-04-16 16:59:21 +08:00
13756956a6
fix: reset traffic stats when copying server nodes
2026-04-11 20:24:43 +08:00
121511523f
Fix: CVE-2026-39912 - Magic link token leak in loginWithMailLink ( #873 )
...
The loginWithMailLink endpoint returns the magic login link in the
HTTP response body, allowing unauthenticated account takeover.
The fix returns true instead of the link. The email delivery is
the authentication factor.
Bug inherited from V2Board commit bdb10bed (2022-06-27).
2026-04-10 02:44:20 +08:00
1fe6531924
fix(update): avoid duplicate safe.directory entries for repo and admin submodule
2026-04-09 20:31:19 +08:00
38ea7d0067
docs: add donation section
2026-04-09 00:21:28 +08:00
yinjianm