Commit Graph

575 Commits

Author SHA1 Message Date
icy
95ae6510e2 Merge branch 'dev' into beta 2025-11-03 21:10:15 +08:00
icy
c8bdc150e1 Merge branches 'dev' and 'dev' of https://github.com/tinkle-community/nofx into dev 2025-11-03 21:10:09 +08:00
ZhouYongyou
fd5c28c628 chore(web): add peer dependency markers to package-lock.json
npm v7+ automatically marks packages as peer dependencies when they are
declared in peerDependencies of installed packages. This commit adds
these markers to ensure consistent dependency resolution across all
development environments and CI/CD pipelines.

Affected packages (10):
- @babel/core (dev peer)
- @types/react (devOptional peer)
- browserslist
- jiti (dev peer)
- postcss
- react
- react-dom
- picomatch (2 instances, dev peer)
- vite (dev peer)

Benefits:
- Prevents duplicate installations of peer dependencies
- Ensures consistent package versions across the project
- Improves npm install performance
- Reduces package-lock.json conflicts
2025-11-03 20:47:25 +08:00
tinkle-community
7d1c35be2b Merge pull request #326 from NoFxAiOS/main 2025-11-03 20:34:16 +08:00
SkywalkerJi
61fc2bee16 Merge branch 'dev' into main 2025-11-03 21:33:46 +09:00
icy
290a1ac892 Fix TypeScript error in CommunitySection component
- Add missing CardProps interface definition
- Update TestimonialCard component to use correct prop types
- Fix authorName prop usage instead of author
- Resolve build error: Cannot find name 'CardProps'

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-03 20:25:07 +08:00
icy
1acfbd6ca1 Enhance leaderboard and security for trader management
Features:
- Limit leaderboard to top 50 traders sorted by PnL percentage
- Add top 10 traders endpoint for performance comparison
- Create batch equity history endpoint to optimize frontend performance
- Add public trader config endpoint without sensitive data

Security:
- Add user ownership validation for start/stop trader operations
- Prevent users from controlling other users' traders
- Maintain consistent error messages for security

Performance:
- Reduce API calls from 10 to 1 for performance comparison page
- Add data limits and error handling for batch operations
- Sort traders by performance across all endpoints

API Changes:
- GET /api/traders - now returns top 50 sorted traders
- GET /api/top-traders - new endpoint for top 10 traders
- GET /api/equity-history-batch - batch endpoint for multiple trader histories
- GET /api/traders/:id/public-config - public config without secrets
- POST /api/traders/:id/start - now validates user ownership
- POST /api/traders/:id/stop - now validates user ownership

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-03 20:14:39 +08:00
ZhouYongyou
b56b278be1 fix: resolve go vet warnings for non-constant format strings
Replace log.Printf with log.Print for static strings to resolve
go vet warnings about non-constant format strings.

This is a security best practice as using Printf with dynamic strings
can lead to format string vulnerabilities.

Fixed 6 instances in trader/auto_trader.go:
- Line 260: Decision cycle separator (=)
- Line 262: Decision cycle separator (=)
- Line 349: System prompt separator (=)
- Line 353: System prompt separator (=)
- Line 357: CoT trace separator (-)
- Line 361: CoT trace separator (-)
2025-11-03 19:54:47 +08:00
tinkle-community
56e12b5030 Merge pull request #321 from SkywalkerJi/main 2025-11-03 19:53:00 +08:00
SkywalkerJi
33d3a5c3a7 Upgrade this repository's open-source license to AGPL. 2025-11-03 19:50:50 +08:00
icy
2173fcfa4d Fix go.sum after merge conflict resolution
- Run go mod tidy to regenerate correct go.sum entries
- Ensure all dependencies are properly resolved

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-03 19:34:28 +08:00
icy
71e584008f Resolve merge conflicts in go.sum
- Keep newer version of go-sqlite3 (v1.14.32)
- Complete merge from dev branch

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-03 19:33:50 +08:00
icy
a86e0a4633 Merge branch 'dev' of https://github.com/tinkle-community/nofx into dev 2025-11-03 19:32:03 +08:00
icy
f8c35487f5 Move equity-history API to public routes for competition display
- Move /api/equity-history from protected to public routes group
- Remove token authentication requirement for equity history data
- Update API documentation to reflect public access
- Enable direct access to trader equity curves for competition comparison

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-03 19:29:09 +08:00
Luna Martinez
88325572e6 Merge pull request #292 from hzb1115/dev
aaafix(workflow): fix github workflow
2025-11-02 22:59:34 -05:00
zbhan
e7e5c7b710 fix comment 2025-11-02 22:55:27 -05:00
zbhan
7a43f25858 Fix validation logic 2025-11-02 22:49:43 -05:00
zbhan
88240019ec Fix validation 2025-11-02 22:24:31 -05:00
zbhan
75115ac747 Fix backend check 2025-11-02 22:15:45 -05:00
zbhan
0500cf7486 Fix validation error 2025-11-02 22:11:24 -05:00
zbhan
7cbef0fd65 fix(workflow): fix github workflow 2025-11-02 21:49:59 -05:00
Luna Martinez
9f2993b67f Change permissions from read to write for contents 2025-11-02 21:15:31 -05:00
Luna Martinez
cbc153f855 Merge pull request #226 from xqliu/docs/enhance-bug-report-template
docs: Enhance bug report template and add troubleshooting guide
2025-11-02 21:08:32 -05:00
tinkle-community
2a61c8aba5 Merge pull request #285 from tangmengqiu/fix/ci-flow 2025-11-03 10:03:56 +08:00
tangmengqiu
9486a0df40 fix(ci): Add comprehensive permissions to pr-checks workflow
Add workflow-level default permissions and explicit per-job permissions
following the principle of least privilege:

Workflow-level (default):
- contents: read - Read repository contents
- pull-requests: write - Manage PR labels and comments
- issues: write - Manage issues (PRs are issues in GitHub API)

Job-level overrides:
- validate-pr: Inherits workflow defaults (needs issue/PR write access)
- backend-tests: Downgrade to read-only (no write operations needed)
- frontend-tests: Downgrade to read-only (no write operations needed)
- auto-label: Add missing issues:write (labeler operates on PR issues)
- security-check: Add security-events:write (upload SARIF results)
- secrets-check: Downgrade to read-only (scanning only)
- all-checks: Downgrade to read-only (status checking only)

This fixes:
1. Potential 403 errors when auto-label tries to add labels to PR issues
2. Missing permission for uploading security scan results
3. Overly permissive access for read-only jobs

Related: #282

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-02 18:23:28 -05:00
tinkle-community
afa86b5d80 Merge pull request #266 from 0xEmberZz/quote-tweet-link 2025-11-03 07:01:41 +08:00
tinkle-community
ed4a7a2d20 Merge pull request #268 from yutou123/dev 2025-11-03 06:59:28 +08:00
tinkle-community
45f139a873 Merge pull request #282 from tangmengqiu/fix/dockerfile 2025-11-03 06:50:30 +08:00
tangmengqiu
a7d7ea17cc fix typo 2025-11-02 17:26:47 -05:00
tangmengqiu
85d48f316b fix(docker): Fix go-sqlite3 compilation on Alpine Linux
Add CGO_CFLAGS="-D_LARGEFILE64_SOURCE" to resolve musl libc compatibility
issues. This enables the Large File Support feature macros which map
pread64/pwrite64/off64_t symbols (used by SQLite) to musl's native
pread/pwrite/off_t implementations.

This fix eliminates the "undeclared identifier" errors during CGO
compilation without requiring additional sqlite-dev dependencies.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-02 17:15:01 -05:00
tinkle
8ad737e3a3 docs: Replace sensitive configuration examples with placeholders
Update documentation to use placeholder values instead of real credentials
in example configurations for enhanced security.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-03 03:47:41 +08:00
tinkle-community
13e1da6cf6 Merge pull request #275 from zhouyongyou/docs/adaptive-prompt-template
docs(prompts): 更新 AI prompt 支持動態 TP/SL 功能 (Update AI prompt to support dynamic TP/SL features)
2025-11-03 02:05:48 +08:00
ZhouYongyou
bad79337fb docs(prompts): Update AI prompt to support dynamic TP/SL features (v5.5.1)
- Add 3 new action types: update_stop_loss, update_take_profit, partial_close
- Introduce "Zero Principle" (疑惑优先) for risk control
- Expand decision flow to 8 steps with critical safeguards:
  * Step 2: Consecutive loss pause (2x→45min, 3x→24h, 4x→72h)
  * Step 5: BTC status check (multi-timeframe MACD confirmation)
  * Step 6: Long/short confirmation checklist (≥5/8 indicators)
  * Step 7: Fake breakout detection (RSI multi-timeframe + candle patterns)
  * Step 8: Objective confidence scoring (base 60 + conditions)
- Add signal priority ranking (trend resonance > volume > BTC > RSI...)
- Add dynamic TP/SL strategies with examples
- Increase confidence threshold: 0.6 → 0.85 for opening positions
- Add cooldown rules and slippage buffer (0.05%)
- Optimize prompt length: 4445 words → 1500 words (-66%)

Key improvements in v5.5.1:
 BTC status check - Most critical protection for altcoin trading
 Long/short checklist - 5/8 indicators required, prevent false signals
 Objective confidence scoring - Base 60 + condition adjustments
 Fake breakout logic - RSI multi-timeframe + candle filters
 Consecutive loss pause - 2x/3x/4x trigger different cooldowns
 OI confirmation - >+5% for real breakout validation
 Signal priority ranking - Trend resonance > volume > BTC...
 Slippage handling - 0.05% buffer + profit check

Design philosophy: Let AI autonomously judge trend vs chop, trust strong reasoning models.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-03 01:59:54 +08:00
芋头
2bb28a1738 文件命名空格问题 2025-11-03 00:16:28 +08:00
Ember
f3cc95d267 Merge branch 'dev' into quote-tweet-link 2025-11-02 23:56:46 +08:00
芋头
0f25e56b13 补充提示词 2025-11-02 23:56:32 +08:00
Ember
a7a0bdff41 chore(landing): add lightweight AnimatedSection wrapper for main-based branch 2025-11-02 23:52:15 +08:00
Ember
97015d31a2 chore(landing): add lightweight AnimatedSection wrapper for main-based branch 2025-11-02 23:49:23 +08:00
Ember
0b86916d8c feat(landing): integrate real community tweets in CommunitySection with author avatars and links 2025-11-02 23:48:25 +08:00
Icyoung
df062b73c5 Merge pull request #262 from Icyoung/beta
Beta Dev Merge Beta
2025-11-02 22:33:33 +08:00
Icyoung
f60f96ba28 Merge branch 'NoFxAiOS:beta' into beta 2025-11-02 22:32:57 +08:00
icy
76980f8ee7 Fixed Kline4h 2025-11-02 22:31:44 +08:00
icy
eae928ddf7 Merge branch 'dev' into beta
# Conflicts:
#	config/database.go
#	main.go
2025-11-02 22:11:07 +08:00
icy
dce18ea701 Merge branch 'dev' of https://github.com/tinkle-community/nofx into dev 2025-11-02 21:54:48 +08:00
Roninchen
b336efde0f Merge pull request #176 from yuanshi2016/dev
Kline获取方式为Websocket缓存
2025-11-02 21:54:16 +08:00
icy
dcf9dfc468 Merge branch 'dev' of https://github.com/tinkle-community/nofx into dev 2025-11-02 21:54:02 +08:00
tinkle-community
37c98c9626 Merge pull request #257 from SkywalkerJi/dev
Google Tag Manager
2025-11-02 21:47:38 +08:00
SkywalkerJi
4850aa568e Google Tag Manager 2025-11-02 21:44:53 +08:00
tinkle-community
e9f6ded053 Merge pull request #246 from xqliu/fix/model-config-validation-245 2025-11-02 18:32:45 +08:00
Liu Xiang Qian
4577adabbd fix: Update model validation in handleSaveModelConfig to support both configured and supported models
- Change validation to check allModels first, then supportedModels
- This allows saving new model configurations without "model does not exist" error
- Fixes issue where users couldn't save AI model config after selecting from dropdown

Fixes #245

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-02 18:08:25 +08:00