新增对moemail的支持#17
Conversation
Agent-Logs-Url: https://github.com/black-zero358/codex-oauth-automation-extension/sessions/f57ef802-cbec-4591-ad5f-8b329fe82c84 Co-authored-by: black-zero358 <53086059+black-zero358@users.noreply.github.com>
Agent-Logs-Url: https://github.com/black-zero358/codex-oauth-automation-extension/sessions/f57ef802-cbec-4591-ad5f-8b329fe82c84 Co-authored-by: black-zero358 <53086059+black-zero358@users.noreply.github.com>
Agent-Logs-Url: https://github.com/black-zero358/codex-oauth-automation-extension/sessions/f57ef802-cbec-4591-ad5f-8b329fe82c84 Co-authored-by: black-zero358 <53086059+black-zero358@users.noreply.github.com>
Agent-Logs-Url: https://github.com/black-zero358/codex-oauth-automation-extension/sessions/f57ef802-cbec-4591-ad5f-8b329fe82c84 Co-authored-by: black-zero358 <53086059+black-zero358@users.noreply.github.com>
Agent-Logs-Url: https://github.com/black-zero358/codex-oauth-automation-extension/sessions/f57ef802-cbec-4591-ad5f-8b329fe82c84 Co-authored-by: black-zero358 <53086059+black-zero358@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Agent-Logs-Url: https://github.com/black-zero358/codex-oauth-automation-extension/sessions/f257d58b-db79-40bb-b552-5a6b2efc1a35 Co-authored-by: black-zero358 <53086059+black-zero358@users.noreply.github.com>
Agent-Logs-Url: https://github.com/black-zero358/codex-oauth-automation-extension/sessions/f94d754b-a309-4682-bd1e-23dabfafad85 Co-authored-by: black-zero358 <53086059+black-zero358@users.noreply.github.com>
Add MoEmail provider support for temporary mailbox creation and OTP retrieval
PR 已自动转向开发分支这个 PR 原本指向 后续自动审查和自动合并都只会针对 GitHub 重新计算差异后,工作流会再次运行。 |
There was a problem hiding this comment.
Pull request overview
该 PR 在现有“自动注册/验证”扩展流程中,新增了对 MoEmail API 的邮箱生成与验证码轮询支持,并把侧边栏“自动获取邮箱”能力从仅 DuckDuckGo 扩展为可按 Mail 配置选择;同时引入一套基于 GitHub Actions 的 AI 自动审查与自动合并流程。
Changes:
- 侧边栏新增 MoEmail 配置项(API Base / API Key / 域名 / 有效期),并根据 Mail Provider 动态显示。
- 后台新增 MoEmail API 调用、临时邮箱生成、验证码轮询与 provider 路由逻辑;“自动获取邮箱”消息类型改为更通用的 FETCH_AUTO_EMAIL。
- 新增 AI PR 自动审查与(满足条件时)自动合并到 dev 的工作流与 Node 脚本。
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| sidepanel/sidepanel.js | 增加 MoEmail 设置收集/恢复与 UI 显示切换;将 fetchDuckEmail 抽象为 fetchAutoEmail 并改用新消息类型。 |
| sidepanel/sidepanel.html | 增加 MoEmail API 相关输入行与有效期选择。 |
| background.js | 新增 MoEmail API 规范化/请求/邮箱生成/验证码轮询;支持 FETCH_AUTO_EMAIL;Mail 配置支持 moemail。 |
| README.md | 文档补充 MoEmail 配置与“获取邮箱”按钮在不同 Mail 下的行为说明。 |
| .github/workflows/ai-pr-review.yml | 新增 pull_request_target 触发的 AI 审查与自动合并工作流。 |
| .github/scripts/ai-pr-review.mjs | 新增 AI 审查/评论/自动合并实现脚本(调用 OpenAI Responses API)。 |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| jobs: | ||
| review-and-merge: | ||
| if: ${{ !github.event.pull_request.draft }} | ||
| runs-on: ubuntu-latest | ||
| timeout-minutes: 10 | ||
| permissions: | ||
| contents: write | ||
| issues: write | ||
| pull-requests: write |
There was a problem hiding this comment.
该工作流使用 pull_request_target 且授予 contents/issues/pull-requests 写权限,并会带着仓库 Secrets 运行自动审查+自动合并逻辑;目前没有显式限制仅对同仓库分支 PR 运行(例如 fork PR)。建议在 job 级别增加对 head repo 的校验(如 github.event.pull_request.head.repo.full_name == github.repository 或 !github.event.pull_request.head.repo.fork),并视需要收紧默认权限,避免外部贡献者触发高权限流程/产生费用或意外合并。
| const GITHUB_API_VERSION = '2022-11-28'; | ||
| const DEFAULT_OPENAI_API_BASE_URL = 'https://ai-api.20021108.xyz/v1'; | ||
| const MARKER = '<!-- ai-pr-review -->'; | ||
| const DEFAULT_MODEL = 'gpt-5.4'; | ||
| const DEFAULT_REASONING_EFFORT = 'xhigh'; | ||
| const DEFAULT_MERGE_METHOD = 'merge'; | ||
| const DEFAULT_TARGET_BRANCH = 'dev'; |
There was a problem hiding this comment.
DEFAULT_OPENAI_API_BASE_URL 指向非官方域名(ai-api.20021108.xyz)。如果仓库未配置 OPENAI_API_BASE_URL,脚本会把 PR diff/元数据发送到该默认地址,存在源码外发风险。建议改为显式要求必须配置 OPENAI_API_BASE_URL(未配置则直接报错),或将默认值切换为预期的官方/自建可信端点。
| async function main() { | ||
| const repo = requiredEnv('REPO'); | ||
| const repoOwner = (process.env.REPO_OWNER || repo.split('/')[0] || '').trim(); | ||
| const prNumber = parseInteger(requiredEnv('PR_NUMBER'), 'PR_NUMBER'); | ||
| const targetBranch = normalizeTargetBranch(process.env.AI_REVIEW_TARGET_BRANCH || DEFAULT_TARGET_BRANCH); | ||
| const pr = await githubRequestJson(`/repos/${repo}/pulls/${prNumber}`); | ||
| const currentBaseRef = String(pr.base?.ref || process.env.PR_BASE_REF || '').trim(); | ||
|
|
||
| await ensureBranchExists(repo, targetBranch); | ||
|
|
||
| if (currentBaseRef !== targetBranch) { | ||
| if (currentBaseRef === 'master') { | ||
| await retargetPullRequest(repo, prNumber, targetBranch); | ||
| await upsertManagedComment( | ||
| repo, | ||
| prNumber, | ||
| renderRetargetedComment({ | ||
| fromBranch: currentBaseRef, | ||
| targetBranch | ||
| }) | ||
| ); | ||
| await appendSummary(`PR #${prNumber} 的目标分支已自动从 ${currentBaseRef} 改为 ${targetBranch},等待重新审查。`); | ||
| return; | ||
| } |
There was a problem hiding this comment.
当前自动合并逻辑仅依赖 author_association 白名单,但没有明确拒绝来自 fork 的 PR。对于 pull_request_target 事件,这会让外部贡献者(例如曾经贡献过的 CONTRIBUTOR)也可能触发带写权限的自动合并流程。建议在获取 PR 信息后增加对 pr.head.repo.full_name / pr.head.repo.fork 的硬性校验,不满足则直接 ReviewBlockedError。
| const serverError = data?.error || data?.message || data?.msg || rawText || `HTTP ${response.status}`; | ||
| throw new Error(`MoEmail API 错误:${serverError}`); | ||
| } | ||
|
|
There was a problem hiding this comment.
requestMoemail() 在 response.ok 时如果返回体不是合法 JSON(parseMoemailJsonSafely 得到 null),当前会直接返回 null,后续逻辑会以“未返回有效邮箱地址/域名”等更偏业务的错误收敛,导致定位困难。建议在 data 为 null 时直接抛出更明确的错误(例如“MoEmail API 返回了非 JSON 响应”并附带截断后的 rawText/HTTP 信息),避免误导与隐藏协议问题。
| if (data === null) { | |
| const contentType = response.headers.get('content-type') || 'unknown'; | |
| const normalizedRawText = typeof rawText === 'string' ? rawText.trim() : ''; | |
| const truncatedRawText = normalizedRawText | |
| ? (normalizedRawText.length > 300 ? `${normalizedRawText.slice(0, 300)}...` : normalizedRawText) | |
| : '<empty>'; | |
| throw new Error( | |
| `MoEmail API 返回了非 JSON 响应:HTTP ${response.status}${response.statusText ? ` ${response.statusText}` : ''},Content-Type: ${contentType},响应体: ${truncatedRawText}` | |
| ); | |
| } |
| function parseMoemailJsonSafely(rawText) { | ||
| if (!rawText) return null; | ||
| try { | ||
| return JSON.parse(rawText); | ||
| } catch { | ||
| return null; | ||
| } | ||
| } | ||
|
|
||
| function normalizeMoemailApiBase(rawValue) { |
There was a problem hiding this comment.
background.js 已有基于函数抽取+桩环境的单测,但本次新增的 MoEmail 解析/URL 规范化/轮询逻辑(如 normalizeMoemailApiBase/buildMoemailApiUrl/parseMessageTimestamp/pollMoemailForVerificationCode)缺少对应测试覆盖。建议至少补齐纯函数与关键分支(分页 cursor、时间戳解析、验证码提取、非 JSON 响应)测试,降低后续 MoEmail API 形态变化带来的回归风险。
Uh oh!
There was an error while loading. Please reload this page.