Skip to content

fix: remove legacy proxy surfaces #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
awsl233777 merged 5 commits into from
Apr 2, 2026
Merged

fix: remove legacy proxy surfaces #61

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
df0a28f
fix: remove legacy proxy surfaces
ymkiux Apr 1, 2026
3d1a2c8
fix: apply CodeRabbit auto-fixes
coderabbitai[bot] Apr 1, 2026
a599163
fix: resolve proxy removal review follow-ups
SurviveM Apr 1, 2026
e677c44
test: remove proxy auth e2e script
SurviveM Apr 1, 2026
01af830
ci: gate coderabbit comments on commit count
SurviveM Apr 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 32 additions & 3 deletions .github/workflows/coderabbit-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,43 @@ jobs:
uses: actions/github-script@v8
with:
script: |
const { owner, repo } = context.repo;
const pr = context.payload.pull_request;
const markerRegex = /<!-- codexmate-coderabbit-review-commit-count: (\d+) -->/;
const comments = await github.paginate(github.rest.issues.listComments, {
owner,
repo,
issue_number: pr.number,
per_page: 100,
});

let previousCommitCount = null;
for (const comment of comments.slice().reverse()) {
const match = comment.body?.match(markerRegex);
if (!match) {
continue;
}

previousCommitCount = Number(match[1]);
break;
Comment on lines +39 to +46
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Filter marker parsing to workflow-authored comments only.

The skip gate currently trusts any PR comment containing the marker, so a non-workflow comment can spoof previousCommitCount and suppress the re-review trigger.

Proposed hardening patch 
             let previousCommitCount = null;
             for (const comment of comments.slice().reverse()) {
+              if (comment.user?.login !== "github-actions[bot]") {
+                continue;
+              }
               const match = comment.body?.match(markerRegex);
               if (!match) {
                 continue;
               }
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/coderabbit-review.yml around lines 39 - 46, The loop
parsing markerRegex currently trusts any comment; restrict it to only
workflow-authored comments by checking the comment author before accepting the
marker. In the for loop over comments (where markerRegex and previousCommitCount
are used), add a guard that ensures comment.user?.login ===
'github-actions[bot]' (or another specific workflow bot login your workflows
use) and/or comment.user?.type === 'Bot' before running match; only then parse
match and set previousCommitCount. This ensures only comments created by the
workflow actor are considered.

}

if (previousCommitCount === pr.commits) {
core.info(
`Skipping CodeRabbit re-review comment because commit count is unchanged at ${pr.commits}.`
);
return;
}

const body = [
"@coderabbitai re-review !Stop making breaking changes, do a proper review!",
"@coderabbitai re-review",
"Stop making breaking changes, do a proper review!",
`<!-- codexmate-coderabbit-review-commit-count: ${pr.commits} -->`,
].join("\n");

await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
owner,
repo,
issue_number: pr.number,
body,
});
8 changes: 0 additions & 8 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,6 @@ Codex Mate 提供一套本地优先的 CLI + Web UI,用于统一管理:

**工程能力**
- MCP stdio 能力(tools/resources/prompts)
- 内建代理配置与状态控制(`proxy`)
- 认证档案管理(`auth`)
- Zip 压缩/解压(优先系统工具,失败回退 JS 库)

## 架构总览
Expand All @@ -74,14 +72,12 @@ flowchart TB
CLI["CLI"]
WEB["Web UI"]
MCP["MCP Client"]
OAI["Codex / OpenAI Client"]
end

subgraph Runtime["Codex Mate Runtime"]
ENTRY["cli.js Entry"]
API["Local HTTP API"]
MCPS["MCP stdio Server"]
PROXY["Built-in Proxy"]
SERVICES["Config / Sessions / Skills Market / Workflow"]
CORE["File IO / Network / Diff / Session Utils"]
end
Expand All @@ -97,12 +93,10 @@ flowchart TB
CLI --> ENTRY
WEB -->|GET / + POST /api| API
MCP -->|stdio JSON-RPC| MCPS
OAI -->|HTTP /v1| PROXY

ENTRY --> SERVICES
API --> SERVICES
MCPS --> SERVICES
PROXY --> CORE

SERVICES --> CORE

Expand Down Expand Up @@ -156,8 +150,6 @@ npm start run --no-browser
| `codexmate add <name> <URL> [API_KEY]` | 添加提供商 |
| `codexmate delete <name>` | 删除提供商 |
| `codexmate claude <BaseURL> <API_KEY> [model]` | 写入 Claude Code 配置 |
| `codexmate auth <list\|import\|switch\|delete\|status>` | 认证档案管理 |
| `codexmate proxy <status\|set\|apply\|enable\|start\|stop>` | 内建代理管理 |
| `codexmate workflow <list\|get\|validate\|run\|runs>` | MCP 工作流管理 |
| `codexmate codex [args...] [--follow-up <文本> 可重复]` | Codex CLI 透传入口(默认补 `--yolo`,可追加 queued follow-up) |
| `codexmate qwen [args...]` | Qwen CLI 透传入口 |
Expand Down
Loading
Loading