Skip to content

feat: add token limit strategy#69

Merged
gusye1234 merged 4 commits intodevfrom
feat/toke_limit
Dec 11, 2025
Merged

feat: add token limit strategy#69
gusye1234 merged 4 commits intodevfrom
feat/toke_limit

Conversation

@gusye1234
Copy link
Copy Markdown
Contributor

@gusye1234 gusye1234 commented Dec 9, 2025
edited
Loading

Related to Issue (#63)

Tasks

Please ensure your pull request meets the following requirements:

  • Add token limit strategy
  • Add test for this strategy
  • Update SDK schema for new strategy
  • Update get_messages param doc to remind the usage of limit

Checklist

  • Open your pull request against the dev branch.
  • All tests pass in available continuous integration systems (e.g., GitHub Actions).
  • Tests are added or modified as needed to cover code changes.

@gusye1234 gusye1234 marked this pull request as ready for review December 11, 2025 03:27
@gusye1234 gusye1234 merged commit 60d72e2 into dev Dec 11, 2025
4 checks passed
@GenerQAQ GenerQAQ deleted the feat/toke_limit branch December 20, 2025 11:02
GenerQAQ added a commit that referenced this pull request Feb 22, 2026
@GenerQAQ @cursoragent
fix(deps): override ajv to 6.14.0 in dashboard
8fb404d 
Adds pnpm override to resolve Dependabot alert #69 (medium
severity) - ajv ReDoS when using $data option.

Co-authored-by: Cursor <cursoragent@cursor.com>
@GenerQAQ GenerQAQ mentioned this pull request Feb 22, 2026
Merged
10 tasks
GenerQAQ added a commit that referenced this pull request Feb 22, 2026
@GenerQAQ @cursoragent
fix(deps): resolve Dependabot security alerts for ajv and edwards25519 (
c14ebdd 
#316)

* fix(deps): bump filippo.io/edwards25519 to v1.1.1

Fixes Dependabot alert #58 (low severity) - MultiScalarMult
produces invalid results or undefined behavior if receiver is
not the identity.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv to 6.14.0 in dashboard

Adds pnpm override to resolve Dependabot alert #69 (medium
severity) - ajv ReDoS when using $data option.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv and minimatch in landingpage

Adds pnpm overrides to resolve Dependabot alerts:
- ajv@6.14.0 for alert #65 (medium - ReDoS)
- ajv@8.18.0 for alert #64 (medium - ReDoS)
- minimatch@10.2.1 for alert #63 (high - ReDoS via @opennextjs/cloudflare)

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Cursor <cursoragent@cursor.com>
GenerQAQ added a commit that referenced this pull request Feb 25, 2026
@dependabot @GenerQAQ @cursoragent
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.96.0…
3c7f636 
… to 1.96.1 in /src/server/api/go (#323)

* fix(deps): bump filippo.io/edwards25519 to v1.1.1

Fixes Dependabot alert #58 (low severity) - MultiScalarMult
produces invalid results or undefined behavior if receiver is
not the identity.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv to 6.14.0 in dashboard

Adds pnpm override to resolve Dependabot alert #69 (medium
severity) - ajv ReDoS when using $data option.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv and minimatch in landingpage

Adds pnpm overrides to resolve Dependabot alerts:
- ajv@6.14.0 for alert #65 (medium - ReDoS)
- ajv@8.18.0 for alert #64 (medium - ReDoS)
- minimatch@10.2.1 for alert #63 (high - ReDoS via @opennextjs/cloudflare)

Co-authored-by: Cursor <cursoragent@cursor.com>

* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3

Bumps [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) from 1.96.0 to 1.96.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.96.0...service/s3/v1.96.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.96.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Gener <435669237@qq.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
GenerQAQ added a commit that referenced this pull request Feb 25, 2026
@dependabot @GenerQAQ @cursoragent
chore(deps): bump the production-dependencies group in /src/server/ui…
6b75577 
… with 6 updates (#324)

* fix(deps): bump filippo.io/edwards25519 to v1.1.1

Fixes Dependabot alert #58 (low severity) - MultiScalarMult
produces invalid results or undefined behavior if receiver is
not the identity.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv to 6.14.0 in dashboard

Adds pnpm override to resolve Dependabot alert #69 (medium
severity) - ajv ReDoS when using $data option.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv and minimatch in landingpage

Adds pnpm overrides to resolve Dependabot alerts:
- ajv@6.14.0 for alert #65 (medium - ReDoS)
- ajv@8.18.0 for alert #64 (medium - ReDoS)
- minimatch@10.2.1 for alert #63 (high - ReDoS via @opennextjs/cloudflare)

Co-authored-by: Cursor <cursoragent@cursor.com>

* chore(deps): bump the production-dependencies group

Bumps the production-dependencies group in /src/server/ui with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [@codemirror/view](https://github.com/codemirror/view) | `6.39.14` | `6.39.15` |
| [@uiw/codemirror-theme-okaidia](https://github.com/uiwjs/react-codemirror) | `4.25.4` | `4.25.5` |
| [@uiw/react-codemirror](https://github.com/uiwjs/react-codemirror) | `4.25.4` | `4.25.5` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.574.0` | `0.575.0` |
| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.71.1` | `7.71.2` |
| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.4.1` | `3.5.0` |


Updates `@codemirror/view` from 6.39.14 to 6.39.15
- [Changelog](https://github.com/codemirror/view/blob/main/CHANGELOG.md)
- [Commits](codemirror/view@6.39.14...6.39.15)

Updates `@uiw/codemirror-theme-okaidia` from 4.25.4 to 4.25.5
- [Release notes](https://github.com/uiwjs/react-codemirror/releases)
- [Commits](uiwjs/react-codemirror@v4.25.4...v4.25.5)

Updates `@uiw/react-codemirror` from 4.25.4 to 4.25.5
- [Release notes](https://github.com/uiwjs/react-codemirror/releases)
- [Commits](uiwjs/react-codemirror@v4.25.4...v4.25.5)

Updates `lucide-react` from 0.574.0 to 0.575.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/0.575.0/packages/lucide-react)

Updates `react-hook-form` from 7.71.1 to 7.71.2
- [Release notes](https://github.com/react-hook-form/react-hook-form/releases)
- [Changelog](https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md)
- [Commits](react-hook-form/react-hook-form@v7.71.1...v7.71.2)

Updates `tailwind-merge` from 3.4.1 to 3.5.0
- [Release notes](https://github.com/dcastil/tailwind-merge/releases)
- [Commits](dcastil/tailwind-merge@v3.4.1...v3.5.0)

---
updated-dependencies:
- dependency-name: "@codemirror/view"
  dependency-version: 6.39.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: "@uiw/codemirror-theme-okaidia"
  dependency-version: 4.25.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: "@uiw/react-codemirror"
  dependency-version: 4.25.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: lucide-react
  dependency-version: 0.575.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: react-hook-form
  dependency-version: 7.71.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: tailwind-merge
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Gener <435669237@qq.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
GenerQAQ added a commit that referenced this pull request Feb 25, 2026
@dependabot @GenerQAQ @cursoragent
chore(deps): bump github.com/openai/openai-go/v3 from 3.22.0 to 3.23.…
3461acb 
…0 in /src/server/api/go (#329)

* fix(deps): bump filippo.io/edwards25519 to v1.1.1

Fixes Dependabot alert #58 (low severity) - MultiScalarMult
produces invalid results or undefined behavior if receiver is
not the identity.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv to 6.14.0 in dashboard

Adds pnpm override to resolve Dependabot alert #69 (medium
severity) - ajv ReDoS when using $data option.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv and minimatch in landingpage

Adds pnpm overrides to resolve Dependabot alerts:
- ajv@6.14.0 for alert #65 (medium - ReDoS)
- ajv@8.18.0 for alert #64 (medium - ReDoS)
- minimatch@10.2.1 for alert #63 (high - ReDoS via @opennextjs/cloudflare)

Co-authored-by: Cursor <cursoragent@cursor.com>

* chore(deps): bump github.com/openai/openai-go/v3 in /src/server/api/go

Bumps [github.com/openai/openai-go/v3](https://github.com/openai/openai-go) from 3.22.0 to 3.23.0.
- [Release notes](https://github.com/openai/openai-go/releases)
- [Changelog](https://github.com/openai/openai-go/blob/main/CHANGELOG.md)
- [Commits](openai/openai-go@v3.22.0...v3.23.0)

---
updated-dependencies:
- dependency-name: github.com/openai/openai-go/v3
  dependency-version: 3.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Gener <435669237@qq.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
GenerQAQ added a commit that referenced this pull request Feb 25, 2026
@dependabot @GenerQAQ @cursoragent
chore(deps): bump the production-dependencies group in /landingpage w…
96a0aee 
…ith 14 updates (#330)

* fix(deps): bump filippo.io/edwards25519 to v1.1.1

Fixes Dependabot alert #58 (low severity) - MultiScalarMult
produces invalid results or undefined behavior if receiver is
not the identity.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv to 6.14.0 in dashboard

Adds pnpm override to resolve Dependabot alert #69 (medium
severity) - ajv ReDoS when using $data option.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(deps): override ajv and minimatch in landingpage

Adds pnpm overrides to resolve Dependabot alerts:
- ajv@6.14.0 for alert #65 (medium - ReDoS)
- ajv@8.18.0 for alert #64 (medium - ReDoS)
- minimatch@10.2.1 for alert #63 (high - ReDoS via @opennextjs/cloudflare)

Co-authored-by: Cursor <cursoragent@cursor.com>

* chore(deps): bump the production-dependencies group

Bumps the production-dependencies group in /landingpage with 14 updates:

| Package | From | To |
| --- | --- | --- |
| [@opennextjs/cloudflare](https://github.com/opennextjs/opennextjs-cloudflare/tree/HEAD/packages/cloudflare) | `1.16.5` | `1.17.0` |
| [@payloadcms/db-d1-sqlite](https://github.com/payloadcms/payload/tree/HEAD/packages/db-d1-sqlite) | `3.76.1` | `3.77.0` |
| [@payloadcms/next](https://github.com/payloadcms/payload/tree/HEAD/packages/next) | `3.76.1` | `3.77.0` |
| [@payloadcms/plugin-seo](https://github.com/payloadcms/payload/tree/HEAD/packages/plugin-seo) | `3.76.1` | `3.77.0` |
| [@payloadcms/richtext-lexical](https://github.com/payloadcms/payload/tree/HEAD/packages/richtext-lexical) | `3.76.1` | `3.77.0` |
| [@payloadcms/storage-r2](https://github.com/payloadcms/payload/tree/HEAD/packages/storage-r2) | `3.76.1` | `3.77.0` |
| [@payloadcms/ui](https://github.com/payloadcms/payload/tree/HEAD/packages/ui) | `3.76.1` | `3.77.0` |
| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.1.18` | `4.2.1` |
| [graphql](https://github.com/graphql/graphql-js) | `16.12.0` | `16.13.0` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.574.0` | `0.575.0` |
| [motion](https://github.com/motiondivision/motion) | `12.34.1` | `12.34.3` |
| [payload](https://github.com/payloadcms/payload/tree/HEAD/packages/payload) | `3.76.1` | `3.77.0` |
| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.4.1` | `3.5.0` |
| [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.1.18` | `4.2.1` |


Updates `@opennextjs/cloudflare` from 1.16.5 to 1.17.0
- [Release notes](https://github.com/opennextjs/opennextjs-cloudflare/releases)
- [Changelog](https://github.com/opennextjs/opennextjs-cloudflare/blob/main/packages/cloudflare/CHANGELOG.md)
- [Commits](https://github.com/opennextjs/opennextjs-cloudflare/commits/@opennextjs/cloudflare@1.17.0/packages/cloudflare)

Updates `@payloadcms/db-d1-sqlite` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases)
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/db-d1-sqlite)

Updates `@payloadcms/next` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases)
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/next)

Updates `@payloadcms/plugin-seo` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases)
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/plugin-seo)

Updates `@payloadcms/richtext-lexical` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases)
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/richtext-lexical)

Updates `@payloadcms/storage-r2` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases)
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/storage-r2)

Updates `@payloadcms/ui` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases)
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/ui)

Updates `@tailwindcss/postcss` from 4.1.18 to 4.2.1
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.1/packages/@tailwindcss-postcss)

Updates `graphql` from 16.12.0 to 16.13.0
- [Release notes](https://github.com/graphql/graphql-js/releases)
- [Commits](graphql/graphql-js@v16.12.0...v16.13.0)

Updates `lucide-react` from 0.574.0 to 0.575.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/0.575.0/packages/lucide-react)

Updates `motion` from 12.34.1 to 12.34.3
- [Changelog](https://github.com/motiondivision/motion/blob/main/CHANGELOG.md)
- [Commits](motiondivision/motion@v12.34.1...v12.34.3)

Updates `payload` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases)
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/payload)

Updates `tailwind-merge` from 3.4.1 to 3.5.0
- [Release notes](https://github.com/dcastil/tailwind-merge/releases)
- [Commits](dcastil/tailwind-merge@v3.4.1...v3.5.0)

Updates `tailwindcss` from 4.1.18 to 4.2.1
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.1/packages/tailwindcss)

---
updated-dependencies:
- dependency-name: "@opennextjs/cloudflare"
  dependency-version: 1.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@payloadcms/db-d1-sqlite"
  dependency-version: 3.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@payloadcms/next"
  dependency-version: 3.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@payloadcms/plugin-seo"
  dependency-version: 3.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@payloadcms/richtext-lexical"
  dependency-version: 3.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@payloadcms/storage-r2"
  dependency-version: 3.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@payloadcms/ui"
  dependency-version: 3.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@tailwindcss/postcss"
  dependency-version: 4.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: graphql
  dependency-version: 16.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: lucide-react
  dependency-version: 0.575.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: motion
  dependency-version: 12.34.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: payload
  dependency-version: 3.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: tailwind-merge
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: tailwindcss
  dependency-version: 4.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Gener <435669237@qq.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gener <39689863+GenerQAQ@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gusye1234