v0.24.2 — beta-stabilization patch
What's in v0.24.2
A focused patch that closes the remaining beta-readiness audit findings
on top of v0.24.1. All changes are backward-compatible.
Fixed
handlePluginGenerateis no longer a stub. The "AI Generate" tab
in the Plugins page used to return a hardcoded template regardless of
the prompt, which was misleading. New behavior:- 400 if the request is missing
prompt - 503 with a clear "set
plugin_generator_modelsetting" hint if
not configured (no fake template returned) - 503 if no master key is configured
- Otherwise: self-call
/v1/chat/completionson localhost with the
master key, pass the prompt + a system prompt that anchors the
output to a single JavaScript plugin module, parse the response,
strip accidental markdown fences, return the code
- 400 if the request is missing
handleCostsreads real data. Previously returned hardcoded
zeros. Now aggregatesrequest_logsby model for "today" and "this
month" and computes cost per row viacost.NewCalculator()with the
built-in pricing table. Returns the full shape (totals, by-model
breakdown sorted by cost desc, request counts, input/output token
counts).- Frontend/backend method mismatch on
/api/load-balancer. The
routing page sentPUTbut the server registeredPOST. Aligned the
frontend toPOST(1-line change).
Changed
- AGENTS.md §11 quick reference. Removed the stale
admin/admin123
login example (the password is randomly generated on first start and
forced to rotate). Replaced with a recovery-flow comment block.
Tests
- 10 new unit tests in
internal/server/handlers_beta_p0_test.go:TestHandlePluginGenerate_*(5 cases) — bad JSON, empty prompt, no
model, test mode (port=0), no master keyTestHandleCosts_*(2 cases) — empty-DB shape, real aggregation
from seededrequest_logsrowsTestStripCodeFences,TestSanitizeName,TestRound2— helpers
- Suite: 826/826 passing in 44 packages,
go vetclean.
Audit correction note
The beta-readiness audit (v0.24.1) reported "16+ frontend calls hit
non-existent routes" as a Critical issue. This was a false
positive: the audit only grepped server.go and handlers_parity.go,
missing handlers_rest.go where all 16 routes were already wired in
commit 777a553. The routes work correctly with a valid token. The
audit also missed why the routes LOOKED missing during unauthenticated
probing: the auth middleware runs before the mux matches, so missing-
route and unauthenticated both return 401, which masked the difference.
The audit's "load-balancer 401" was a real finding and is fixed in
9551304. Full correction note in AGENTS.md §12.
Installation
Download lintasan-linux-amd64 below, place on $PATH, and run:
```bash
chmod +x lintasan-linux-amd64
sudo mv lintasan-linux-amd64 /usr/local/bin/lintasan
lintasan start
```
Dashboard on :20180, API on /api/* and /v1/*.
Full Changelog
See CHANGELOG.md
and AGENTS.md §12.