xia.silei/DanDingNoneBot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
102 Commits 2 Branches 0 Tags
main
Commit Graph

8 Commits

Author SHA1 Message Date
Mr.Xia
8d26c46323 feat(bot): use runtime api for bot data 2026-06-20 18:20:40 +08:00
Mr.Xia
44052bc6e8 docs: add REVIEW_REPORT.md for all 11 plugins (round 2 review) 2026-05-10 00:39:37 +08:00
Mr.Xia
c62ac37611 review: fix critical/medium bugs in 4 plugins (round 2) 
group_horse_racing:
- settle_race: rewrite with 7 bug fixes (race condition, draw double-credit, empty participants, etc.)
- models.py: reorder fields for correct defaults, add indexes
- message_service: add logger import

danding_points:
- api.py: add finally blocks to 3 methods (add_points, get_history, get_leaderboard)
- database.py: add finally block to get_user_balance

chatai:
- __init__.py: deprecated API→asyncio.to_thread, deduplicate logging, taskkill filter for safety
- screenshot.py: XSS protection with bleach on HTML content
- requirements.txt: add bleach dependency

danding_qqpush:
- api.py L13: fix self-referencing _renderer NameError crash
- api.py: lazy singleton pattern via _get_renderer() instead of per-request ImageRenderer
- __init__.py: mask Token in log output (security)

All 34 tests pass.
 2026-05-10 00:30:22 +08:00
Mr.Xia
14397ab645 fix(danding_points): improve conn management in api.py 
- Read methods (get_balance/get_transactions/get_ranking): add try/except/finally
- Write methods (add/spend/set_points): add rollback() before early return conn.close()
- Prevents connection leaks on exceptions and early returns
 2026-05-09 23:34:07 +08:00
Mr.Xia
c01338f496 refactor(plugins): comprehensive code review - ~35 fixes across 14 plugins 
Phase 1 - Plugin code review (14/14 plugins):
- Security: 3x token leak in print→logger.debug, Bearer prefix handling
- Bug: bare except→specific exceptions, HorseState type safety, sync→async
- Critical: response_model undefined, route dead code, sync blocking event loop
- Quality: 11x print()→logger, variable name shadowing, consistent logging

Phase 2 - Deep analysis:
- Fix: payout int truncation→max(1, round(amount*odds))
- Fix: room_store get_lock race condition→dict.setdefault()
- Verify: data_manager f-string SQL is safe (uses ? placeholders)

Infrastructure: review reports generated for all plugins.
 2026-05-09 23:22:28 +08:00
Mr.Xia
fb3cc67b68 修改env读取手段 2026-04-04 00:05:56 +08:00
Mr.Xia
6eed4bf3a2 修复:升级 Pydantic v2 兼容性,修复插件加载错误 
- 更新 danding_points 配置使用 pydantic_settings.BaseSettings 和 SettingsConfigDict
- 更新 onmyoji_gacha 配置使用 pydantic_settings.BaseSettings
- 修复 danding_qqpush 配置加载使用 model_validate 替代 parse_obj
- 添加 group_horse_racing 插件的详细 README 文档

这些修复解决了 Pydantic v2 迁移中的导入错误和 API 变更问题。

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-03 22:27:45 +08:00
Mr.Xia
0fd011fa1e 功能:实现 Danding_Points 积分系统插件 
- 新增积分系统插件,支持积分查询、签到、转账等核心功能
- 包含对应的测试脚本

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-03 00:24:00 +08:00