kappa
4b00c73d96
refactor: major architecture improvements and security hardening
...
## Security Fixes
- Fix XSS vulnerability in report.ts with escapeHtml()
- Add cache data integrity validation
- Add region_preference input validation (max 10 items, 50 chars each)
- Replace `any` types with `unknown` + type guards
## Architecture Refactoring
- Split utils.ts (801 lines) into 6 modules: http, validation, bandwidth, cache, ai, exchange-rate
- Extract AI logic to src/services/ai-service.ts (recommend.ts 49% reduction)
- Add Repository pattern: src/repositories/AnvilServerRepository.ts
- Reduce code duplication in DB queries
## New Features
- AI fallback: rule-based recommendations when OpenAI unavailable
- Vitest testing: 55 tests (utils.test.ts, bandwidth.test.ts)
- Duplicate server prevention in AI recommendations
## Files Added
- src/utils/{index,http,validation,bandwidth,cache,ai,exchange-rate}.ts
- src/services/ai-service.ts
- src/repositories/AnvilServerRepository.ts
- src/__tests__/{utils,bandwidth}.test.ts
- vitest.config.ts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-26 03:29:12 +09:00
kappa
411cde4801
feat: add region diversity, HTML report, and transfer pricing
...
Region Diversity:
- No region specified → same spec from 3 different regions
- Cache key now includes region_preference
- Fixed server_id to use ap.id (pricing) instead of ai.id (instance)
HTML Report:
- New /api/recommend/report endpoint for printable reports
- Supports multi-language (en, ko, ja, zh)
- Displays bandwidth_info with proper KRW formatting
Transfer Pricing:
- bandwidth_info includes overage costs from anvil_transfer_pricing
- available_regions shows alternative regions with prices
Code Quality:
- Extracted region-utils.ts for flexible region matching
- Cleaned up AI prompt (removed obsolete provider references)
- Renamed project to cloud-orchestrator
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-26 02:49:24 +09:00
kappa
7dfd3659ec
fix: address code review issues (security, performance, quality)
...
Security:
- Add JSON.parse error handling (return 400 instead of 500)
- Add rate limiting fallback when KV unavailable (in-memory Map)
- Add AI prompt injection protection (sanitizeForAIPrompt)
Performance:
- Optimize VPS benchmark matching (O(1) Map lookup vs O(n*m) loop)
- Reduce AI candidates from 50 to 15 (saves ~60% API cost)
- Centralize magic numbers in LIMITS config
Code Quality:
- Remove dead code (unused queryVPSBenchmarks function)
- Extract duplicated region SQL to DEFAULT_REGION_FILTER_SQL
- Replace hardcoded provider IDs with name-based filtering
- Move magic numbers to config.ts LIMITS object
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-25 18:08:06 +09:00
kappa
b682abc45d
refactor: modularize codebase and add DB workload multiplier
...
- Split monolithic index.ts (2370 lines) into modular structure:
- src/handlers/ for route handlers
- src/utils.ts for shared utilities
- src/config.ts for configuration
- src/types.ts for TypeScript definitions
- Add DB workload multiplier for smarter database resource calculation:
- Heavy (analytics, logs): 0.3x multiplier
- Medium-heavy (e-commerce, transactional): 0.5x
- Medium (API, SaaS): 0.7x
- Light (blog, portfolio): 1.0x
- Fix tech_specs with realistic vcpu_per_users values (150+ technologies)
- Fix "blog" matching "log" regex bug
- Update documentation to reflect new architecture
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-25 17:46:16 +09:00
