85954e516a
## Fixed ### High-4: CI 与质量门禁不一致 - Add quality-gates job that runs verify_quality_gates.sh - Fix Docker job: correct binary paths and remove || true - Replace fake version/help checks with real health endpoint probe ### High-5: 敏感信息持久化到 localStorage - Add SENSITIVE_FIELDS list to admin-common.js (adminToken, token, password, key, apiKey, etc.) - writeStoredConfig now filters sensitive fields by default - Add allowSensitive option for explicit opt-in (default false) - Add createSensitiveStorageToggle() UI helper with warning banner - Update admin/index.html placeholder text to remove misleading 不落盘 claim ### Medium-4: JSON 解码错误静默 - Fix scanUserKeys: return error when allowed_models JSON decode fails - Fix scanOneUserKey: return error when allowed_models JSON decode fails - Prevents silent data corruption that would show empty model list ## Quality Gates ✅ go build ./... - PASS ✅ go test ./internal/... - PASS (all packages) ✅ bash ./scripts/test/verify_quality_gates.sh - PASS ## Notes - High-6 (凭证可预测) requires architecture change to store random credentials in DB - Medium-3 (部署脚本默认值) considered lower priority for current scope
5.6 KiB
5.6 KiB