Commit Graph

523 Commits

Author SHA1 Message Date
ZhouYongyou
f1cbdf7f65 chore(web): add peer dependency markers to package-lock.json
npm v7+ automatically marks packages as peer dependencies when they are
declared in peerDependencies of installed packages. This commit adds
these markers to ensure consistent dependency resolution across all
development environments and CI/CD pipelines.

Affected packages (10):
- @babel/core (dev peer)
- @types/react (devOptional peer)
- browserslist
- jiti (dev peer)
- postcss
- react
- react-dom
- picomatch (2 instances, dev peer)
- vite (dev peer)

Benefits:
- Prevents duplicate installations of peer dependencies
- Ensures consistent package versions across the project
- Improves npm install performance
- Reduces package-lock.json conflicts
2025-11-03 20:47:25 +08:00
tinkle-community
2f9aadc792 Merge pull request #326 from NoFxAiOS/main 2025-11-03 20:34:16 +08:00
SkywalkerJi
73af45bbe0 Merge branch 'dev' into main 2025-11-03 21:33:46 +09:00
icy
f23ad9ba4c Fix TypeScript error in CommunitySection component
- Add missing CardProps interface definition
- Update TestimonialCard component to use correct prop types
- Fix authorName prop usage instead of author
- Resolve build error: Cannot find name 'CardProps'

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-03 20:25:07 +08:00
icy
e97062d1c1 Enhance leaderboard and security for trader management
Features:
- Limit leaderboard to top 50 traders sorted by PnL percentage
- Add top 10 traders endpoint for performance comparison
- Create batch equity history endpoint to optimize frontend performance
- Add public trader config endpoint without sensitive data

Security:
- Add user ownership validation for start/stop trader operations
- Prevent users from controlling other users' traders
- Maintain consistent error messages for security

Performance:
- Reduce API calls from 10 to 1 for performance comparison page
- Add data limits and error handling for batch operations
- Sort traders by performance across all endpoints

API Changes:
- GET /api/traders - now returns top 50 sorted traders
- GET /api/top-traders - new endpoint for top 10 traders
- GET /api/equity-history-batch - batch endpoint for multiple trader histories
- GET /api/traders/:id/public-config - public config without secrets
- POST /api/traders/:id/start - now validates user ownership
- POST /api/traders/:id/stop - now validates user ownership

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-03 20:14:39 +08:00
ZhouYongyou
492041cc20 fix: resolve go vet warnings for non-constant format strings
Replace log.Printf with log.Print for static strings to resolve
go vet warnings about non-constant format strings.

This is a security best practice as using Printf with dynamic strings
can lead to format string vulnerabilities.

Fixed 6 instances in trader/auto_trader.go:
- Line 260: Decision cycle separator (=)
- Line 262: Decision cycle separator (=)
- Line 349: System prompt separator (=)
- Line 353: System prompt separator (=)
- Line 357: CoT trace separator (-)
- Line 361: CoT trace separator (-)
2025-11-03 19:54:47 +08:00
tinkle-community
149a4cb4e5 Merge pull request #321 from SkywalkerJi/main 2025-11-03 19:53:00 +08:00
SkywalkerJi
5e053ee4c3 Upgrade this repository's open-source license to AGPL. 2025-11-03 19:50:50 +08:00
icy
0738706469 Fix go.sum after merge conflict resolution
- Run go mod tidy to regenerate correct go.sum entries
- Ensure all dependencies are properly resolved

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-03 19:34:28 +08:00
icy
f77b5b0aba Resolve merge conflicts in go.sum
- Keep newer version of go-sqlite3 (v1.14.32)
- Complete merge from dev branch

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-03 19:33:50 +08:00
icy
6b754d2708 Merge branch 'dev' of https://github.com/tinkle-community/nofx into dev 2025-11-03 19:32:03 +08:00
icy
64a1b71527 Move equity-history API to public routes for competition display
- Move /api/equity-history from protected to public routes group
- Remove token authentication requirement for equity history data
- Update API documentation to reflect public access
- Enable direct access to trader equity curves for competition comparison

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-03 19:29:09 +08:00
Luna Martinez
91fbe5bb4b Merge pull request #292 from hzb1115/dev
aaafix(workflow): fix github workflow
2025-11-02 22:59:34 -05:00
zbhan
3a62c817b1 fix comment 2025-11-02 22:55:27 -05:00
zbhan
972e5fb21a Fix validation logic 2025-11-02 22:49:43 -05:00
zbhan
8caffefe54 Fix validation 2025-11-02 22:24:31 -05:00
zbhan
fe25327ada Fix backend check 2025-11-02 22:15:45 -05:00
zbhan
7d1b1b9245 Fix validation error 2025-11-02 22:11:24 -05:00
zbhan
397df5e386 fix(workflow): fix github workflow 2025-11-02 21:49:59 -05:00
Luna Martinez
7171ea3912 Change permissions from read to write for contents 2025-11-02 21:15:31 -05:00
Luna Martinez
26a170935a Merge pull request #226 from xqliu/docs/enhance-bug-report-template
docs: Enhance bug report template and add troubleshooting guide
2025-11-02 21:08:32 -05:00
tinkle-community
036149a168 Merge pull request #285 from tangmengqiu/fix/ci-flow 2025-11-03 10:03:56 +08:00
tangmengqiu
3218c8dfcf fix(ci): Add comprehensive permissions to pr-checks workflow
Add workflow-level default permissions and explicit per-job permissions
following the principle of least privilege:

Workflow-level (default):
- contents: read - Read repository contents
- pull-requests: write - Manage PR labels and comments
- issues: write - Manage issues (PRs are issues in GitHub API)

Job-level overrides:
- validate-pr: Inherits workflow defaults (needs issue/PR write access)
- backend-tests: Downgrade to read-only (no write operations needed)
- frontend-tests: Downgrade to read-only (no write operations needed)
- auto-label: Add missing issues:write (labeler operates on PR issues)
- security-check: Add security-events:write (upload SARIF results)
- secrets-check: Downgrade to read-only (scanning only)
- all-checks: Downgrade to read-only (status checking only)

This fixes:
1. Potential 403 errors when auto-label tries to add labels to PR issues
2. Missing permission for uploading security scan results
3. Overly permissive access for read-only jobs

Related: #282

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-02 18:23:28 -05:00
tinkle-community
d9f65faf4e Merge pull request #266 from 0xEmberZz/quote-tweet-link 2025-11-03 07:01:41 +08:00
tinkle-community
431248b199 Merge pull request #268 from yutou123/dev 2025-11-03 06:59:28 +08:00
tinkle-community
7944e1bf4b Merge pull request #282 from tangmengqiu/fix/dockerfile 2025-11-03 06:50:30 +08:00
tangmengqiu
3a12c4a2ec fix typo 2025-11-02 17:26:47 -05:00
tangmengqiu
8c7ab98d5f fix(docker): Fix go-sqlite3 compilation on Alpine Linux
Add CGO_CFLAGS="-D_LARGEFILE64_SOURCE" to resolve musl libc compatibility
issues. This enables the Large File Support feature macros which map
pread64/pwrite64/off64_t symbols (used by SQLite) to musl's native
pread/pwrite/off_t implementations.

This fix eliminates the "undeclared identifier" errors during CGO
compilation without requiring additional sqlite-dev dependencies.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-02 17:15:01 -05:00
tinkle-community
0eba15deda docs: Replace sensitive configuration examples with placeholders
Update documentation to use placeholder values instead of real credentials
in example configurations for enhanced security.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-03 03:47:41 +08:00
tinkle-community
a76945a048 Merge pull request #275 from zhouyongyou/docs/adaptive-prompt-template
docs(prompts): 更新 AI prompt 支持動態 TP/SL 功能 (Update AI prompt to support dynamic TP/SL features)
2025-11-03 02:05:48 +08:00
ZhouYongyou
b0720ea80c docs(prompts): Update AI prompt to support dynamic TP/SL features (v5.5.1)
- Add 3 new action types: update_stop_loss, update_take_profit, partial_close
- Introduce "Zero Principle" (疑惑优先) for risk control
- Expand decision flow to 8 steps with critical safeguards:
  * Step 2: Consecutive loss pause (2x→45min, 3x→24h, 4x→72h)
  * Step 5: BTC status check (multi-timeframe MACD confirmation)
  * Step 6: Long/short confirmation checklist (≥5/8 indicators)
  * Step 7: Fake breakout detection (RSI multi-timeframe + candle patterns)
  * Step 8: Objective confidence scoring (base 60 + conditions)
- Add signal priority ranking (trend resonance > volume > BTC > RSI...)
- Add dynamic TP/SL strategies with examples
- Increase confidence threshold: 0.6 → 0.85 for opening positions
- Add cooldown rules and slippage buffer (0.05%)
- Optimize prompt length: 4445 words → 1500 words (-66%)

Key improvements in v5.5.1:
 BTC status check - Most critical protection for altcoin trading
 Long/short checklist - 5/8 indicators required, prevent false signals
 Objective confidence scoring - Base 60 + condition adjustments
 Fake breakout logic - RSI multi-timeframe + candle filters
 Consecutive loss pause - 2x/3x/4x trigger different cooldowns
 OI confirmation - >+5% for real breakout validation
 Signal priority ranking - Trend resonance > volume > BTC...
 Slippage handling - 0.05% buffer + profit check

Design philosophy: Let AI autonomously judge trend vs chop, trust strong reasoning models.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-03 01:59:54 +08:00
芋头
c00fa5adc4 文件命名空格问题 2025-11-03 00:16:28 +08:00
Ember
84f002c3a4 Merge branch 'dev' into quote-tweet-link 2025-11-02 23:56:46 +08:00
芋头
73b6a3e9d7 补充提示词 2025-11-02 23:56:32 +08:00
Ember
44ac82ad3a chore(landing): add lightweight AnimatedSection wrapper for main-based branch 2025-11-02 23:52:15 +08:00
Ember
a75bda7dd2 chore(landing): add lightweight AnimatedSection wrapper for main-based branch 2025-11-02 23:49:23 +08:00
Ember
da2559290b feat(landing): integrate real community tweets in CommunitySection with author avatars and links 2025-11-02 23:48:25 +08:00
Icyoung
8cb40ece20 Merge pull request #262 from Icyoung/beta
Beta Dev Merge Beta
2025-11-02 22:33:33 +08:00
Icyoung
a4ed5b3370 Merge branch 'NoFxAiOS:beta' into beta 2025-11-02 22:32:57 +08:00
icy
b7bab8a695 Fixed Kline4h 2025-11-02 22:31:44 +08:00
icy
78b3ce69da Merge branch 'dev' into beta
# Conflicts:
#	config/database.go
#	main.go
2025-11-02 22:11:07 +08:00
icy
bf408b8fc2 Merge branch 'dev' of https://github.com/tinkle-community/nofx into dev 2025-11-02 21:54:48 +08:00
Roninchen
5eae25b83e Merge pull request #176 from yuanshi2016/dev
Kline获取方式为Websocket缓存
2025-11-02 21:54:16 +08:00
icy
279b447c2f Merge branch 'dev' of https://github.com/tinkle-community/nofx into dev 2025-11-02 21:54:02 +08:00
tinkle-community
a4e375ec92 Merge pull request #257 from SkywalkerJi/dev
Google Tag Manager
2025-11-02 21:47:38 +08:00
SkywalkerJi
d2ce83c239 Google Tag Manager 2025-11-02 21:44:53 +08:00
tinkle-community
2752b9ff14 Merge pull request #246 from xqliu/fix/model-config-validation-245 2025-11-02 18:32:45 +08:00
Liu Xiang Qian
7e07285706 fix: Update model validation in handleSaveModelConfig to support both configured and supported models
- Change validation to check allModels first, then supportedModels
- This allows saving new model configurations without "model does not exist" error
- Fixes issue where users couldn't save AI model config after selecting from dropdown

Fixes #245

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: tinkle-community <tinklefund@gmail.com>
2025-11-02 18:08:25 +08:00
yuanshi2016
5e0706bee3 修改Kline获取方式为Websocket缓存。 2025-11-02 17:59:19 +08:00
tinkle-community
c5d92536b1 Merge pull request #242 from Icyoung/beta
Fixed beta codes file mapping
2025-11-02 17:22:58 +08:00