[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"similar-onecli--onecli":3,"tool-onecli--onecli":64},[4,17,27,35,48,56],{"id":5,"name":6,"github_repo":7,"description_zh":8,"stars":9,"difficulty_score":10,"last_commit_at":11,"category_tags":12,"status":16},3808,"stable-diffusion-webui","AUTOMATIC1111\u002Fstable-diffusion-webui","stable-diffusion-webui 是一个基于 Gradio 构建的网页版操作界面，旨在让用户能够轻松地在本地运行和使用强大的 Stable Diffusion 图像生成模型。它解决了原始模型依赖命令行、操作门槛高且功能分散的痛点，将复杂的 AI 绘图流程整合进一个直观易用的图形化平台。\n\n无论是希望快速上手的普通创作者、需要精细控制画面细节的设计师，还是想要深入探索模型潜力的开发者与研究人员，都能从中获益。其核心亮点在于极高的功能丰富度：不仅支持文生图、图生图、局部重绘（Inpainting）和外绘（Outpainting）等基础模式，还独创了注意力机制调整、提示词矩阵、负向提示词以及“高清修复”等高级功能。此外，它内置了 GFPGAN 和 CodeFormer 等人脸修复工具，支持多种神经网络放大算法，并允许用户通过插件系统无限扩展能力。即使是显存有限的设备，stable-diffusion-webui 也提供了相应的优化选项，让高质量的 AI 艺术创作变得触手可及。",162132,3,"2026-04-05T11:01:52",[13,14,15],"开发框架","图像","Agent","ready",{"id":18,"name":19,"github_repo":20,"description_zh":21,"stars":22,"difficulty_score":23,"last_commit_at":24,"category_tags":25,"status":16},1381,"everything-claude-code","affaan-m\u002Feverything-claude-code","everything-claude-code 是一套专为 AI 编程助手（如 Claude Code、Codex、Cursor 等）打造的高性能优化系统。它不仅仅是一组配置文件，而是一个经过长期实战打磨的完整框架，旨在解决 AI 代理在实际开发中面临的效率低下、记忆丢失、安全隐患及缺乏持续学习能力等核心痛点。\n\n通过引入技能模块化、直觉增强、记忆持久化机制以及内置的安全扫描功能，everything-claude-code 能显著提升 AI 在复杂任务中的表现，帮助开发者构建更稳定、更智能的生产级 AI 代理。其独特的“研究优先”开发理念和针对 Token 消耗的优化策略，使得模型响应更快、成本更低，同时有效防御潜在的攻击向量。\n\n这套工具特别适合软件开发者、AI 研究人员以及希望深度定制 AI 工作流的技术团队使用。无论您是在构建大型代码库，还是需要 AI 协助进行安全审计与自动化测试，everything-claude-code 都能提供强大的底层支持。作为一个曾荣获 Anthropic 黑客大奖的开源项目，它融合了多语言支持与丰富的实战钩子（hooks），让 AI 真正成长为懂上",138956,2,"2026-04-05T11:33:21",[13,15,26],"语言模型",{"id":28,"name":29,"github_repo":30,"description_zh":31,"stars":32,"difficulty_score":23,"last_commit_at":33,"category_tags":34,"status":16},2271,"ComfyUI","Comfy-Org\u002FComfyUI","ComfyUI 是一款功能强大且高度模块化的视觉 AI 引擎，专为设计和执行复杂的 Stable Diffusion 图像生成流程而打造。它摒弃了传统的代码编写模式，采用直观的节点式流程图界面，让用户通过连接不同的功能模块即可构建个性化的生成管线。\n\n这一设计巧妙解决了高级 AI 绘图工作流配置复杂、灵活性不足的痛点。用户无需具备编程背景，也能自由组合模型、调整参数并实时预览效果，轻松实现从基础文生图到多步骤高清修复等各类复杂任务。ComfyUI 拥有极佳的兼容性，不仅支持 Windows、macOS 和 Linux 全平台，还广泛适配 NVIDIA、AMD、Intel 及苹果 Silicon 等多种硬件架构，并率先支持 SDXL、Flux、SD3 等前沿模型。\n\n无论是希望深入探索算法潜力的研究人员和开发者，还是追求极致创作自由度的设计师与资深 AI 绘画爱好者，ComfyUI 都能提供强大的支持。其独特的模块化架构允许社区不断扩展新功能，使其成为当前最灵活、生态最丰富的开源扩散模型工具之一，帮助用户将创意高效转化为现实。",107662,"2026-04-03T11:11:01",[13,14,15],{"id":36,"name":37,"github_repo":38,"description_zh":39,"stars":40,"difficulty_score":23,"last_commit_at":41,"category_tags":42,"status":16},2268,"ML-For-Beginners","microsoft\u002FML-For-Beginners","ML-For-Beginners 是由微软推出的一套系统化机器学习入门课程，旨在帮助零基础用户轻松掌握经典机器学习知识。这套课程将学习路径规划为 12 周，包含 26 节精炼课程和 52 道配套测验，内容涵盖从基础概念到实际应用的完整流程，有效解决了初学者面对庞大知识体系时无从下手、缺乏结构化指导的痛点。\n\n无论是希望转型的开发者、需要补充算法背景的研究人员，还是对人工智能充满好奇的普通爱好者，都能从中受益。课程不仅提供了清晰的理论讲解，还强调动手实践，让用户在循序渐进中建立扎实的技能基础。其独特的亮点在于强大的多语言支持，通过自动化机制提供了包括简体中文在内的 50 多种语言版本，极大地降低了全球不同背景用户的学习门槛。此外，项目采用开源协作模式，社区活跃且内容持续更新，确保学习者能获取前沿且准确的技术资讯。如果你正寻找一条清晰、友好且专业的机器学习入门之路，ML-For-Beginners 将是理想的起点。",84991,"2026-04-05T10:45:23",[14,43,44,45,15,46,26,13,47],"数据工具","视频","插件","其他","音频",{"id":49,"name":50,"github_repo":51,"description_zh":52,"stars":53,"difficulty_score":10,"last_commit_at":54,"category_tags":55,"status":16},3128,"ragflow","infiniflow\u002Fragflow","RAGFlow 是一款领先的开源检索增强生成（RAG）引擎，旨在为大语言模型构建更精准、可靠的上下文层。它巧妙地将前沿的 RAG 技术与智能体（Agent）能力相结合，不仅支持从各类文档中高效提取知识，还能让模型基于这些知识进行逻辑推理和任务执行。\n\n在大模型应用中，幻觉问题和知识滞后是常见痛点。RAGFlow 通过深度解析复杂文档结构（如表格、图表及混合排版），显著提升了信息检索的准确度，从而有效减少模型“胡编乱造”的现象，确保回答既有据可依又具备时效性。其内置的智能体机制更进一步，使系统不仅能回答问题，还能自主规划步骤解决复杂问题。\n\n这款工具特别适合开发者、企业技术团队以及 AI 研究人员使用。无论是希望快速搭建私有知识库问答系统，还是致力于探索大模型在垂直领域落地的创新者，都能从中受益。RAGFlow 提供了可视化的工作流编排界面和灵活的 API 接口，既降低了非算法背景用户的上手门槛，也满足了专业开发者对系统深度定制的需求。作为基于 Apache 2.0 协议开源的项目，它正成为连接通用大模型与行业专有知识之间的重要桥梁。",77062,"2026-04-04T04:44:48",[15,14,13,26,46],{"id":57,"name":58,"github_repo":59,"description_zh":60,"stars":61,"difficulty_score":10,"last_commit_at":62,"category_tags":63,"status":16},2181,"OpenHands","OpenHands\u002FOpenHands","OpenHands 是一个专注于 AI 驱动开发的开源平台，旨在让智能体（Agent）像人类开发者一样理解、编写和调试代码。它解决了传统编程中重复性劳动多、环境配置复杂以及人机协作效率低等痛点，通过自动化流程显著提升开发速度。\n\n无论是希望提升编码效率的软件工程师、探索智能体技术的研究人员，还是需要快速原型验证的技术团队，都能从中受益。OpenHands 提供了灵活多样的使用方式：既可以通过命令行（CLI）或本地图形界面在个人电脑上轻松上手，体验类似 Devin 的流畅交互；也能利用其强大的 Python SDK 自定义智能体逻辑，甚至在云端大规模部署上千个智能体并行工作。\n\n其核心技术亮点在于模块化的软件智能体 SDK，这不仅构成了平台的引擎，还支持高度可组合的开发模式。此外，OpenHands 在 SWE-bench 基准测试中取得了 77.6% 的优异成绩，证明了其解决真实世界软件工程问题的能力。平台还具备完善的企业级功能，支持与 Slack、Jira 等工具集成，并提供细粒度的权限管理，适合从个人开发者到大型企业的各类用户场景。",70612,"2026-04-05T11:12:22",[26,15,13,45],{"id":65,"github_repo":66,"name":67,"description_en":68,"description_zh":69,"ai_summary_zh":69,"readme_en":70,"readme_zh":71,"quickstart_zh":72,"use_case_zh":73,"hero_image_url":74,"owner_login":67,"owner_name":75,"owner_avatar_url":76,"owner_bio":77,"owner_company":78,"owner_location":78,"owner_email":79,"owner_twitter":78,"owner_website":80,"owner_url":81,"languages":82,"stars":106,"forks":107,"last_commit_at":108,"license":109,"difficulty_score":10,"env_os":110,"env_gpu":111,"env_ram":111,"env_deps":112,"category_tags":114,"github_topics":115,"view_count":10,"oss_zip_url":78,"oss_zip_packed_at":78,"status":16,"created_at":128,"updated_at":129,"faqs":130,"releases":160},1036,"onecli\u002Fonecli","onecli","Open-source credential vault, give your AI agents access to services without exposing keys.","OneCLI 是一个开源的凭证管理工具，帮助AI代理安全地访问外部服务。它通过中间网关隐藏真实密钥，让代理只需使用占位符密钥即可正常调用API，真正密钥由网关在请求时动态注入。解决了传统方式中将密钥硬编码到每个代理导致的安全风险和管理复杂问题，实现集中化密钥管理、权限控制和使用监控。\n\n适合需要部署多个AI代理的开发者、研究人员及团队协作场景。其Rust构建的高性能网关支持HTTPS中间人拦截，AES-256-GCM加密存储确保密钥安全，通过主机路径匹配实现精准路由，同时支持多代理权限隔离和与密码管理器的集成。对于追求安全性和便捷性的用户，OneCLI提供了从本地快速搭建到团队协作的完整解决方案。","\u003Cpicture>\n  \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets\u002Fonecli-logo-dark.gif\">\n  \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fonecli_onecli_readme_b98d44292b1c.gif\">\n  \u003Cimg alt=\"OneCLI\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fonecli_onecli_readme_b98d44292b1c.gif\" width=\"100%\">\n\u003C\u002Fpicture>\n\n\u003Cp align=\"center\">\n  \u003Cb>The secret vault for AI agents.\u003C\u002Fb>\u003Cbr\u002F>\n  Store once. Inject anywhere. Agents never see the keys.\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fonecli.sh\">Website\u003C\u002Fa> &middot;\n  \u003Ca href=\"https:\u002F\u002Fonecli.sh\u002Fdocs\">Docs\u003C\u002Fa> &middot;\n  \u003Ca href=\"https:\u002F\u002Fdiscord.gg\u002FPSztzsQB3g\">Discord\u003C\u002Fa>\n\u003C\u002Fp>\n\n---\n\n\u003Cpicture>\n  \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets\u002Fonecli-flow-dark.gif\">\n  \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fonecli_onecli_readme_f8089a640fce.gif\">\n  \u003Cimg alt=\"How OneCLI works\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fonecli_onecli_readme_f8089a640fce.gif\" width=\"100%\">\n\u003C\u002Fpicture>\n\n## What is OneCLI?\n\nOneCLI is an open-source gateway that sits between your AI agents and the services they call. Instead of baking API keys into every agent, you store credentials once in OneCLI and the gateway injects them transparently. Agents never see the secrets.\n\n**Why we built it:** AI agents need to call dozens of APIs, but giving each agent raw credentials is a security risk. OneCLI solves this with a single gateway that handles auth, so you get one place to manage access, rotate keys, and see what every agent is doing.\n\n**How it works:** You store your real API credentials in OneCLI and give your agents placeholder keys (e.g. `FAKE_KEY`). When an agent makes an HTTP call through the gateway, the OneCLI gateway matches the request to the right credentials, swaps the `FAKE_KEY` for the `REAL_KEY`, decrypts them, and injects them into the outbound request. The agent never touches the real secrets. It just makes normal HTTP calls and the gateway handles the swap.\n\n## Architecture\n\n\u003Cpicture>\n  \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets\u002Fonecli-architecture-dark.svg\">\n  \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"assets\u002Fonecli-architecture-light.svg\">\n  \u003Cimg alt=\"OneCLI Architecture\" src=\"assets\u002Fonecli-architecture-dark.svg\" width=\"100%\">\n\u003C\u002Fpicture>\n\n- **[Rust Gateway](apps\u002Fgateway)**: fast HTTP gateway that intercepts outbound requests and injects credentials. Agents authenticate with access tokens via `Proxy-Authorization` headers.\n- **[Web Dashboard](apps\u002Fweb)**: Next.js app for managing agents, secrets, and permissions. Provides the API the gateway uses to resolve which credentials to inject for each request.\n- **Secret Store**: AES-256-GCM encrypted credential storage. Secrets are decrypted only at request time, matched by host and path patterns, and injected by the gateway as headers.\n\n## Quick Start\n\nThe fastest way to run OneCLI locally:\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli.git\ncd onecli\ndocker compose -f docker\u002Fdocker-compose.yml up\n```\n\nOpen **http:\u002F\u002Flocalhost:10254**, create an agent, add your secrets, and point your agent's HTTP gateway to `localhost:10255`.\n\n## Features\n\n- **Transparent credential injection**: agents make normal HTTP calls, the gateway handles auth\n- **Encrypted secret storage**: AES-256-GCM encryption at rest, decrypted only at request time\n- **Host & path matching**: route secrets to the right API endpoints with pattern matching\n- **Multi-agent support**: each agent gets its own access token with scoped permissions\n- **Easy setup**: `docker compose -f docker\u002Fdocker-compose.yml up` starts everything (app + PostgreSQL)\n- **Two auth modes**: single-user (no login) for local use, or Google OAuth for teams\n- **Rust gateway**: fast, memory-safe HTTP gateway with MITM interception for HTTPS\n- **[Vault integration](docs\u002Fvault-integration.md)**: connect Bitwarden (or other password managers) for on-demand credential injection without storing secrets on the server\n\n## Project Structure\n\n```\napps\u002F\n  web\u002F            # Next.js app (dashboard + API, port 10254)\n  gateway\u002F        # Rust gateway (credential injection, port 10255)\npackages\u002F\n  db\u002F             # Prisma ORM + migrations\n  ui\u002F             # Shared UI components (shadcn\u002Fui)\ndocker\u002F\n  Dockerfile      # App image (gateway + web)\n  docker-compose.yml\n```\n\n## Local Development\n\n### Prerequisites\n\n- **[mise](https:\u002F\u002Fmise.jdx.dev)** (installs Node.js, pnpm, and other tools)\n- **Rust** (for the gateway)\n- **Docker** (for PostgreSQL)\n\n### Setup\n\n```bash\nmise install\npnpm install\ncp .env.example .env\npnpm db:generate\npnpm db:up          # Start PostgreSQL\npnpm db:migrate     # Apply migrations\npnpm dev\n```\n\nDashboard at **http:\u002F\u002Flocalhost:10254**, gateway at **http:\u002F\u002Flocalhost:10255**.\n\n### Commands\n\n| Command            | Description                     |\n| ------------------ | ------------------------------- |\n| `pnpm dev`         | Start web + gateway in dev mode |\n| `pnpm build`       | Production build                |\n| `pnpm check`       | Lint + types + format           |\n| `pnpm db:up`       | Start PostgreSQL (Docker)       |\n| `pnpm db:down`     | Stop PostgreSQL                 |\n| `pnpm db:generate` | Generate Prisma client          |\n| `pnpm db:migrate`  | Run database migrations         |\n| `pnpm db:studio`   | Open Prisma Studio              |\n\n## Configuration\n\nAll environment variables are optional for local development:\n\n| Variable                | Description                       | Default            |\n| ----------------------- | --------------------------------- | ------------------ |\n| `DATABASE_URL`          | PostgreSQL connection string      | See `.env.example` |\n| `NEXTAUTH_SECRET`       | Enables Google OAuth (multi-user) | Single-user mode   |\n| `GOOGLE_CLIENT_ID`      | Google OAuth client ID            | —                  |\n| `GOOGLE_CLIENT_SECRET`  | Google OAuth client secret        | —                  |\n| `SECRET_ENCRYPTION_KEY` | AES-256-GCM encryption key        | Auto-generated     |\n\n## Contributing\n\nWe welcome contributions! Please read our [Contributing Guide](CONTRIBUTING.md) and [Code of Conduct](CODE_OF_CONDUCT.md) before getting started.\n\n## License\n\n[Apache-2.0](LICENSE)\n","\u003Cpicture>\n  \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets\u002Fonecli-logo-dark.gif\">\n  \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fonecli_onecli_readme_b98d44292b1c.gif\">\n  \u003Cimg alt=\"OneCLI\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fonecli_onecli_readme_b98d44292b1c.gif\" width=\"100%\">\n\u003C\u002Fpicture>\n\n\u003Cp align=\"center\">\n  \u003Cb>AI代理的秘密保险库。\u003C\u002Fb>\u003Cbr\u002F>\n  存储一次。注入任何地方。代理永远看不到密钥。\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fonecli.sh\">官网\u003C\u002Fa> &middot;\n  \u003Ca href=\"https:\u002F\u002Fonecli.sh\u002Fdocs\">文档\u003C\u002Fa> &middot;\n  \u003Ca href=\"https:\u002F\u002Fdiscord.gg\u002FPSztzsQB3g\">Discord\u003C\u002Fa>\n\u003C\u002Fp>\n\n---\n\n\u003Cpicture>\n  \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets\u002Fonecli-flow-dark.gif\">\n  \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fonecli_onecli_readme_f8089a640fce.gif\">\n  \u003Cimg alt=\"OneCLI 工作原理\" src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fonecli_onecli_readme_f8089a640fce.gif\" width=\"100%\">\n\u003C\u002Fpicture>\n\n## 什么是 OneCLI？\n\nOneCLI 是一个开源网关，位于 AI 代理和它们调用的服务之间。而不是将 API 密钥硬编码到每个代理中，你可以在 OneCLI 中存储凭证，网关会透明地注入它们。代理永远不会看到密钥。\n\n**为什么我们构建它：** AI 代理需要调用数十个 API，但给每个代理原始凭证存在安全风险。OneCLI 通过单一网关处理认证，让你有一个地方管理访问权限、轮换密钥并查看每个代理的活动。\n\n**工作原理：** 你将在 OneCLI 中存储真实的 API 凭证，并给代理提供占位符密钥（例如 `FAKE_KEY`）。当代理通过网关发起 HTTP 请求时，OneCLI 网关会匹配请求到正确的凭证，将 `FAKE_KEY` 替换为 `REAL_KEY`，解密后注入到出站请求中。代理永远不会接触真实密钥。它只需正常发起 HTTP 请求，网关处理替换。\n\n## 架构\n\n\u003Cpicture>\n  \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets\u002Fonecli-architecture-dark.svg\">\n  \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"assets\u002Fonecli-architecture-light.svg\">\n  \u003Cimg alt=\"OneCLI 架构\" src=\"assets\u002Fonecli-architecture-dark.svg\" width=\"100%\">\n\u003C\u002Fpicture>\n\n- **[Rust 网关](apps\u002Fgateway)**：快速的 HTTP 网关，拦截出站请求并注入凭证。代理通过 `Proxy-Authorization` 头使用访问令牌进行身份验证。\n- **[Web 控制台](apps\u002Fweb)**：基于 Next.js 的应用，用于管理代理、凭证和权限。为网关提供 API，用于解析每个请求应注入的凭证。\n- **凭证存储**：使用 AES-256-GCM 加密的凭证存储。凭证仅在请求时解密，通过主机和路径模式匹配，并由网关作为头信息注入。\n\n## 快速入门\n\n在本地运行 OneCLI 的最快方式：\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli.git\ncd onecli\ndocker compose -f docker\u002Fdocker-compose.yml up\n```\n\n打开 **http:\u002F\u002Flocalhost:10254**，创建一个代理，添加你的凭证，并将代理的 HTTP 网关指向 `localhost:10255`。\n\n## 功能\n\n- **透明凭证注入**：代理发起正常 HTTP 请求，网关处理认证\n- **加密凭证存储**：静态时使用 AES-256-GCM 加密，仅在请求时解密\n- **主机与路径匹配**：通过模式匹配将凭证路由到正确的 API 端点\n- **多代理支持**：每个代理获得自己的访问令牌并具有受限制的权限\n- **简易设置**：`docker compose -f docker\u002Fdocker-compose.yml up` 启动所有服务（应用 + PostgreSQL）\n- **两种认证模式**：单用户模式（无需登录）用于本地使用，或 Google OAuth 用于团队\n- **Rust 网关**：快速、内存安全的 HTTP 网关，支持 HTTPS 中间人拦截\n- **[Vault 集成](docs\u002Fvault-integration.md)**：连接 Bitwarden（或其他密码管理器）实现按需凭证注入，无需在服务器存储凭证\n\n## 项目结构\n\n```\napps\u002F\n  web\u002F            # Next.js 应用（仪表盘 + API，端口 10254）\n  gateway\u002F        # Rust 网关（凭证注入，端口 10255）\npackages\u002F\n  db\u002F             # Prisma ORM + 迁移\n  ui\u002F             # 共享 UI 组件（shadcn\u002Fui）\ndocker\u002F\n  Dockerfile      # 应用镜像（网关 + 仪表盘）\n  docker-compose.yml\n```\n\n## 本地开发\n\n### 先决条件\n\n- **[mise](https:\u002F\u002Fmise.jdx.dev)**（安装 Node.js、pnpm 和其他工具）\n- **Rust**（用于网关）\n- **Docker**（用于 PostgreSQL）\n\n### 设置\n\n```bash\nmise install\npnpm install\ncp .env.example .env\npnpm db:generate\npnpm db:up          # 启动 PostgreSQL\npnpm db:migrate     # 应用迁移\npnpm dev\n```\n\n仪表盘位于 **http:\u002F\u002Flocalhost:10254**，网关位于 **http:\u002F\u002Flocalhost:10255**。\n\n### 命令\n\n| 命令            | 描述                     |\n| ------------------ | ----------------------- |\n| `pnpm dev`         | 以开发模式启动 web + 网关 |\n| `pnpm build`       | 生产环境构建             |\n| `pnpm check`       | 代码检查 + 类型 + 格式化   |\n| `pnpm db:up`       | 启动 PostgreSQL（Docker） |\n| `pnpm db:down`     | 停止 PostgreSQL           |\n| `pnpm db:generate` | 生成 Prisma 客户端        |\n| `pnpm db:migrate`  | 运行数据库迁移           |\n| `pnpm db:studio`   | 打开 Prisma Studio        |\n\n## 配置\n\n所有环境变量在本地开发中都是可选的：\n\n| 变量                | 描述                       | 默认值            |\n| ------------------- | -------------------------- | ------------------ |\n| `DATABASE_URL`      | PostgreSQL 连接字符串      | 查看 `.env.example` |\n| `NEXTAUTH_SECRET`   | 启用 Google OAuth（多用户） | 单用户模式         |\n| `GOOGLE_CLIENT_ID`  | Google OAuth 客户端 ID     | —                  |\n| `GOOGLE_CLIENT_SECRET` | Google OAuth 客户端密钥   | —                  |\n| `SECRET_ENCRYPTION_KEY` | AES-256-GCM 加密密钥     | 自动生成           |\n\n## 贡献\n\n我们欢迎贡献！在开始之前，请阅读我们的 [贡献指南](CONTRIBUTING.md) 和 [行为准则](CODE_OF_CONDUCT.md)。\n\n## 许可证\n\n[Apache-2.0](LICENSE)","# OneCLI 快速上手指南\n\n## 环境准备\n- **系统要求**：Linux\u002FmacOS（支持Docker）\n- **前置依赖**：\n  - [mise](https:\u002F\u002Fmise.jdx.dev)（安装Node.js\u002Fpnpm等工具）\n  - Rust（用于编译gateway）\n  - Docker（含Docker Compose）\n\n## 安装步骤\n1. 克隆仓库\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli.git\ncd onecli\n```\n\n2. 启动服务\n```bash\ndocker compose -f docker\u002Fdocker-compose.yml up\n```\n\n## 基本使用\n1. 访问管理界面：http:\u002F\u002Flocalhost:10254\n2. 创建代理：点击\"Create Agent\"按钮\n3. 添加密钥：在\"Secrets\"页面添加API凭证（如`FAKE_KEY`）\n4. 配置代理：在代理设置中填写gateway地址 `http:\u002F\u002Flocalhost:10255`\n5. 测试调用：通过代理发起HTTP请求，系统自动注入真实密钥","开发团队在构建一个需要调用多个API的服务时，需要为多个AI代理分配不同服务的API密钥。  \n\n### 没有 onecli 时  \n- 每个代理的代码中硬编码不同服务的API密钥，导致密钥泄露风险高  \n- 密钥管理分散在多个代码库中，更新和轮换需手动维护  \n- 调试时无法快速定位密钥位置，错误排查效率低  \n- 代理直接访问敏感服务，存在越权调用的潜在安全漏洞  \n- 多个代理共享同一密钥时，权限失控风险增加  \n\n### 使用 onecli 后  \n- 所有密钥集中存储在onecli的加密密钥库中，访问权限严格控制  \n- 代理仅使用占位符密钥（如FAKE_KEY）调用服务，onecli自动注入真实密钥  \n- 密钥加密存储于AES-256-GCM加密的数据库中，仅在请求时解密  \n- 调试时可通过onecli的Web界面实时查看请求的密钥注入过程  \n- 每个代理分配独立的访问令牌，通过路径匹配实现细粒度权限控制  \n\n核心价值：通过集中化、加密化的密钥管理，让AI代理安全调用服务的同时，实现密钥生命周期的全链路管控。","https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fonecli_onecli_b98d4429.gif","OneCLI","https:\u002F\u002Foss.gittoolsai.com\u002Favatars\u002Fonecli_73a9b280.png","Connect GitHub to OneCLI so AI agents can manage repos, issues, and PRs on your behalf.",null,"jonathan@chartdb.io","https:\u002F\u002Fonecli.sh","https:\u002F\u002Fgithub.com\u002Fonecli",[83,87,91,95,98,102],{"name":84,"color":85,"percentage":86},"TypeScript","#3178c6",64.8,{"name":88,"color":89,"percentage":90},"Rust","#dea584",32.6,{"name":92,"color":93,"percentage":94},"Dockerfile","#384d54",0.8,{"name":96,"color":97,"percentage":94},"CSS","#663399",{"name":99,"color":100,"percentage":101},"JavaScript","#f1e05a",0.6,{"name":103,"color":104,"percentage":105},"Shell","#89e051",0.3,1650,79,"2026-04-05T11:16:18","Apache-2.0","Linux, macOS, Windows","未说明",{"notes":111,"python":111,"dependencies":113},[],[45,15],[116,117,118,119,120,121,122,123,124,125,126,127],"ai-agents","rust","secret-management","cli","nanoclaw","nodejs","openclaw","postgres","security","security-tools","vault","mcp","2026-03-27T02:49:30.150509","2026-04-06T05:19:33.001442",[131,136,140,145,150,155],{"id":132,"question_zh":133,"answer_zh":134,"source_url":135},4627,"如何通过代理更新凭证？","已支持通过代理更新凭证，详情请参考官方文档：https:\u002F\u002Fwww.onecli.sh\u002Fdocs\u002Fcli\u002Fonecli-cli","https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F51",{"id":137,"question_zh":138,"answer_zh":139,"source_url":135},4628,"如何管理代理和密钥？","OneCLI 正在开发支持代理添加代理的流程，未来将支持通过 CLI 管理代理和密钥，并确保新代理仅获取必要的凭证。具体实现请关注后续更新。",{"id":141,"question_zh":142,"answer_zh":143,"source_url":144},4629,"如何支持 OAuth 2.0 服务认证？","OneCLI 正在开发支持 GitHub\u002FGoogle 等服务的 OAuth 2.0 认证功能，未来将支持通过代理管理 OAuth 令牌，并限制代理的权限范围。","https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F55",{"id":146,"question_zh":147,"answer_zh":148,"source_url":149},4630,"新添加的凭证为何无法立即生效？","当前存在凭证缓存延迟问题，已启动修复流程。新凭证添加后，系统将立即无效缓存以确保生效，具体修复方案请查看 PR（待发布）。","https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F116",{"id":151,"question_zh":152,"answer_zh":153,"source_url":154},4631,"HEAD 响应缺少 Content-Length 头如何解决？","已确认该问题，正在修复中。修复后 HEAD 响应将包含 Content-Length 头以满足 huggingface_hub 的需求，具体修复方案请关注后续更新。","https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F101",{"id":156,"question_zh":157,"answer_zh":158,"source_url":159},4632,"如何让代理访问特定密钥？","代理可访问特定密钥的功能已纳入开发计划，未来将支持按代理配置密钥访问权限，具体实现请关注后续更新。","https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F50",[161,166,171,176,181,186,191,196,201,206,211,216,221,226,231,236,241,246,251,256],{"id":162,"version":163,"summary_zh":164,"released_at":165},104103,"v1.12.0","## [1.12.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.11.0...v1.12.0) (2026-04-03)\n\n\n### Features\n\n* add HTTP proxy support alongside HTTPS ([#150](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F150)) ([ec24fba](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fec24fbade5527671480c0b0c4541c90736f278fa))\n\n\n### Bug Fixes\n\n* add missing error handling in OAuth token exchange and credential decryption ([#148](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F148)) ([d9e70c6](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fd9e70c69bba6b42d086e27b00f2de28da91235d5))\n* **gateway:** add GATEWAY_SKIP_VERIFY_HOSTS for selective TLS skip ([#145](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F145)) ([962d948](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F962d948b54cc061d50a956f18b5c810c2c221f24))","2026-04-03T18:42:20",{"id":167,"version":168,"summary_zh":169,"released_at":170},104104,"v1.11.0","## [1.11.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.10.0...v1.11.0) (2026-04-02)\n\n\n### Features\n\n* add 11 Google Workspace apps and inline BYOC config dialog ([#140](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F140)) ([82c717a](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F82c717ad7f9d13511e43c2d9cde3f85382929eb8))\n\n\n### Bug Fixes\n\n* update README quick start to lead with install script ([#143](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F143)) ([6deed12](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F6deed120bf827a20c3df0022cae5a80d955b0c43))","2026-04-02T14:14:41",{"id":172,"version":173,"summary_zh":174,"released_at":175},104105,"v1.10.0","## [1.10.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.9.0...v1.10.0) (2026-03-31)\n\n\n### Features\n\n* add Google Drive app integration with path-prefix routing ([#136](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F136)) ([4745147](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F4745147f7fd7ceb86035ac712675a22ba9ed742b))\n* unified credential access dialog and always-visible connect button ([#138](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F138)) ([0b20830](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F0b2083068ea6910786ac91f4d91afb5b10665ce4))","2026-03-31T16:01:32",{"id":177,"version":178,"summary_zh":179,"released_at":180},104106,"v1.9.0","## [1.9.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.8.0...v1.9.0) (2026-03-31)\n\n\n### Features\n\n* add Gmail app with OAuth token refresh and BYOC support ([#130](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F130)) ([41c2a83](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F41c2a833a09b14fb2073f93e9fb8fdc2ca83bf2b))\n* add Google Calendar app integration and rename google to gmail ([#135](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F135)) ([64e080c](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F64e080c46c16796d354ed667c62f49cf5e420431))\n* add Resend integration and API key connection type ([#133](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F133)) ([86010ef](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F86010ef5ca262f982b4011b209d037fd59971275))","2026-03-31T13:17:50",{"id":182,"version":183,"summary_zh":184,"released_at":185},104107,"v1.8.0","## [1.8.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.7.2...v1.8.0) (2026-03-29)\n\n\n### Features\n\n* add google_oauth secret type with form-body injection ([#123](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F123)) ([b99798b](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fb99798b2f3ef1c7299135dead715a5b2d10dbb64))\n* app connections with OAuth flow and gateway credential injection ([#127](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F127)) ([aa8ec62](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Faa8ec62ac4c11e1805ba77c7c60620769cf1d995))\n\n\n### Bug Fixes\n\n* handle app-configure postMessage and suppress body hydration warning ([#128](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F128)) ([6c22837](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F6c228371b6f5f42fc1b3f3875a8ebfd2a345378c))","2026-03-30T09:04:31",{"id":187,"version":188,"summary_zh":189,"released_at":190},104108,"v1.7.2","## [1.7.2](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.7.1...v1.7.2) (2026-03-26)\n\n\n### Bug Fixes\n\n* add API key auth to gateway and server-side cache invalidation ([#118](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F118)) ([70fdfa8](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F70fdfa84c1650ed52f869b996fc73b2b9e808acb))","2026-03-26T20:17:52",{"id":192,"version":193,"summary_zh":194,"released_at":195},104109,"v1.7.1","## [1.7.1](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.7.0...v1.7.1) (2026-03-26)\n\n\n### Bug Fixes\n\n* enable automatic container restart on failure or system reboot ([#112](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F112)) ([c933ad9](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fc933ad91efa1b65e92df7a1d34fefbcc7b01d4eb))\n* invalidate gateway cache on secret and rule mutations ([#117](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F117)) ([9966c98](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F9966c981beb2035a7587b48bb9ebb36e72ccdf61)), closes [#116](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F116)\n* postgres18 data mount ([#111](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F111)) ([dee1206](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fdee120660e2616f2b45fe28c79af8be71d3644ac))","2026-03-26T19:09:57",{"id":197,"version":198,"summary_zh":199,"released_at":200},104110,"v1.7.0","## [1.7.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.6.0...v1.7.0) (2026-03-25)\n\n\n### Features\n\n* add audit logging for sensitive operations ([#103](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F103)) ([4429e1f](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F4429e1fcedfc90b849ddcc8121ce249a31b8f368))\n\n\n### Bug Fixes\n\n* don't follow redirects server-side in MITM proxy ([#108](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F108)) ([bdab279](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fbdab279d71843af61318b22d64941b97e9f3dde2))\n* rewrite denormalize migration to handle non-empty tables ([#106](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F106)) ([a6e75b7](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fa6e75b7816a58eb8d06e42ab24ab4135a46c2811))","2026-03-25T18:34:33",{"id":202,"version":203,"summary_zh":204,"released_at":205},104111,"v1.6.0","## [1.6.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.5.5...v1.6.0) (2026-03-25)\n\n\n### Features\n\n* add account layer for multi-tenant workspace scoping ([#98](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F98)) ([4057a3f](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F4057a3f899baa544004fbeba7ff485e1ed421877))\n\n\n### Bug Fixes\n\n* missing Authority Key Identifier in MITM leaf certificates ([#100](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F100)) ([3d26e8d](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F3d26e8db76314bbeb6206a42f1a879d23dc32db2))\n* preserve Content-Length header in MITM responses ([#102](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F102)) ([21ee091](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F21ee09165f36e62d8e5d152bf822c7852cf77a46))","2026-03-25T09:31:09",{"id":207,"version":208,"summary_zh":209,"released_at":210},104112,"v1.5.5","## [1.5.5](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.5.4...v1.5.5) (2026-03-24)\n\n\n### Bug Fixes\n\n* prisma migration ([#94](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F94)) ([ea56564](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fea5656416eb2a47b68fa6c158f6d083c43c4ce92))","2026-03-24T11:54:01",{"id":212,"version":213,"summary_zh":214,"released_at":215},104113,"v1.5.4","## [1.5.4](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.5.3...v1.5.4) (2026-03-23)\n\n\n### Bug Fixes\n\n* auto-create default agent on first container-config call ([#92](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F92)) ([e690665](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fe690665d2c54912d2db92a3fa90eb3af2edfdd69))","2026-03-23T19:43:14",{"id":217,"version":218,"summary_zh":219,"released_at":220},104114,"v1.5.3","## [1.5.3](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.5.2...v1.5.3) (2026-03-23)\n\n\n### Bug Fixes\n\n* update gateway SQL queries to use pluralized table names ([#90](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F90)) ([191ac57](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F191ac57400bd0f8c417420ef6208684dfa8fe380))","2026-03-23T14:36:27",{"id":222,"version":223,"summary_zh":224,"released_at":225},104115,"v1.5.2","## [1.5.2](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.5.1...v1.5.2) (2026-03-23)\n\n\n### Bug Fixes\n\n* auth login flow, schema migrations, and UI updates ([#88](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F88)) ([a05fedd](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fa05feddc8b40e66eb00344e0896d787e42d89130))","2026-03-23T13:34:20",{"id":227,"version":228,"summary_zh":229,"released_at":230},104116,"v1.5.1","## [1.5.1](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.5.0...v1.5.1) (2026-03-23)\n\n\n### Bug Fixes\n\n* redesign rule dialog with two-step flow and brand colors ([#85](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F85)) ([296d878](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F296d878b11d1f055e1e2971d9ef256c856390a5a))\n* restructure settings with sub-navigation and reorder main nav ([#87](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F87)) ([a1e6f3a](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fa1e6f3af0b01b756a9fd097deeeeab08f486a21b))","2026-03-23T11:11:17",{"id":232,"version":233,"summary_zh":234,"released_at":235},104117,"v1.5.0","## [1.5.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.4.2...v1.5.0) (2026-03-22)\n\n\n### Features\n\n* add rate limit policy rules ([#84](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F84)) ([f2109c2](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Ff2109c21ec4b6ffa629d81ae9cc16ae74d1e25e4))\n\n\n### Bug Fixes\n\n* add loading states to sign-in, sign-out, and demo dialog ([#82](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F82)) ([2fc30b4](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F2fc30b402700285828b353eaf82209241337016a))","2026-03-22T19:56:53",{"id":237,"version":238,"summary_zh":239,"released_at":240},104118,"v1.4.2","## [1.4.2](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.4.1...v1.4.2) (2026-03-22)\n\n\n### Bug Fixes\n\n* rename indexes and foreign keys to snake_case ([#81](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F81)) ([bc9705c](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Fbc9705c1d362537d124ab99d7d45cc88db4f9f7c))\n* route all server output through pino JSON in production ([#79](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F79)) ([1d91ad1](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F1d91ad110c4009a3c5a85a7a918e727079521ea7))","2026-03-22T13:34:21",{"id":242,"version":243,"summary_zh":244,"released_at":245},104119,"v1.4.1","## [1.4.1](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.4.0...v1.4.1) (2026-03-20)\n\n\n### Bug Fixes\n\n* install OpenSSL dev headers in Docker build for ap-* crates ([#74](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F74)) ([ebaf1e1](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Febaf1e17a2750f19dc12f04326ae08f5d580a6c6))","2026-03-20T19:34:40",{"id":247,"version":248,"summary_zh":249,"released_at":250},104120,"v1.4.0","## [1.4.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.3.0...v1.4.0) (2026-03-20)\n\n\n### Features\n\n* Bitwarden vault support ([#60](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F60)) ([8bdc9e2](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F8bdc9e2095383d6f32c22bb5c55b55220ce86d9f))\n\n\n### Bug Fixes\n\n* add \u002Fapi\u002Fauth\u002Fsession endpoint for reliable user provisioning ([#71](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F71)) ([0b8591e](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F0b8591ed519576fa9d720951f0ece609213b1a72))","2026-03-20T19:24:30",{"id":252,"version":253,"summary_zh":254,"released_at":255},104121,"v1.3.0","## [1.3.0](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.2.1...v1.3.0) (2026-03-19)\n\n\n### Features\n\n* add policy rules for gateway access control ([#66](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F66)) ([2bfe568](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F2bfe568886bd5334ec1811845024482cca552fbe))\n\n\n### Bug Fixes\n\n* use 127.0.0.1 in health check and reduce image size ([#68](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F68)) ([aa0ca78](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002Faa0ca78748badd59351dbdbc443f7fe0d8c38e02))","2026-03-19T16:41:26",{"id":257,"version":258,"summary_zh":259,"released_at":260},104122,"v1.2.1","## [1.2.1](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcompare\u002Fv1.2.0...v1.2.1) (2026-03-19)\n\n\n### Bug Fixes\n\n* add start_period and increase retries for postgres health check ([#63](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F63)) ([789d285](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F789d285e032dfe1b0dc69666613feee4133a6722))\n* increase health check start_period for migrations ([#65](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fissues\u002F65)) ([077fe84](https:\u002F\u002Fgithub.com\u002Fonecli\u002Fonecli\u002Fcommit\u002F077fe84c84be14ab601a5d219103de3eb90bb05d))","2026-03-19T15:39:49"]