feat: 附件缓存治理、隐私安全防线与B站管线重构#58
Merged
Merged
Conversation
Co-authored-by: GPT-5 Codex <noreply@openai.com>
Co-authored-by: GPT-5 Codex <noreply@openai.com>
Co-authored-by: GPT-5 Codex <noreply@openai.com>
Co-authored-by: GPT-5 Codex <noreply@openai.com>
Co-authored-by: GPT-5 Codex <noreply@openai.com>
Co-authored-by: GPT-5 Codex <noreply@openai.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5a02de3150
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
… forward fallback
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
本版本围绕三大主线展开:一是附件系统的缓存容量治理与 URL 引用回退机制,防止本地缓存无限制膨胀;二是系统提示词新增 P0 级隐私与危险动作边界规则,从源头约束 AI 对敏感信息和安全请求的处理行为;三是 B 站自动管线全面重构——移除外部下载依赖、内联实现 API 客户端与 WBI 签名、新增弹幕获取并以合并转发形式发送提取结果。同步新增
/feedback反馈命令、恢复发布说明中的分类提交详情,并修正提示词优先级体系。[attachments]下新增attachment_cache_max_mb、attachment_cache_max_records、attachment_url_reference_max_records、attachment_url_max_length四种配置,分别控制本地缓存总大小、缓存记录数、URL 引用记录数和 URL 长度上限;超出容量时自动淘汰最旧记录;remote_download_max_size_mb现支持热重载。send_message/send_private_message工具调用时自动登记关联附件 UID,AI 客户端发送消息前校验本地路径有效性,文件缺失时自动回退到 URL 引用。<privacy_and_safety_controls>规则块,分层约束:隐私方面禁止泄露好友/群/成员列表、完整 QQ 号等敏感信息,对外默认脱敏,第三方信息查询需授权;危险动作方面拒绝涉黄、涉政、违法、骚扰、人肉、社工等请求,不做解释也不给绕过方案;时序方面明确隐私/敏感话题不改变回复时机,必须先满足回复触发逻辑。附加 3 条 P0 硬性约束覆盖隐私泄露、危险动作和触发时序。/feedback(/fb)反馈命令。支持add/view/del三个子命令,add和view为 public 权限,del为 superadmin;声明式子命令推断按 ID 格式匹配优先view,其余 fallback 到add,无参数默认view;私聊可用,显示在 help 列表。oh-my-bilibili外部 Python 包的依赖,内联实现同步 API 客户端(api_client.py)、下载核心(download_core.py)、WBI 签名模块(wbi.py)与错误模型,所有请求在asyncio.to_thread线程内执行,降低依赖复杂度与跨版本兼容风险。danmaku.py),基于 protobuf wire 格式解析分段弹幕数据;自动提取结果改为以合并转发节点形式发送,单条包含视频信息卡片与弹幕预览片段;MessageSender扩展合并转发本地附件递归登记,确保转发中的图片/文件能正确注册为会话附件 UID。scripts/release_notes.py新增build_detailed_change_sections与render_detailed_changes,从 git log 按 feat / fix / other 自动分类提取两个版本间的提交,与 CHANGELOG 条目合并输出完整 Release notes。