feat: align JS exports to PascalCase (by AI)

fix: align with encoding v1.5.2 (by AI)
对齐 Tag v1.5.0 （By AI）
2026-06-10 12:09:04 +08:00 · 2026-06-10 10:03:57 +08:00 · 2026-06-03 20:11:30 +08:00 · 2026-05-31 00:14:26 +08:00 · 2026-05-30 20:09:57 +08:00 · 2026-05-30 19:55:48 +08:00
10 changed files with 331 additions and 48 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,6 +1,15 @@
 # CHANGELOG
-## v1.0.3 (2026-05-09)
+## v1.4.0 (2026-05-30)
 - **重大重构**: 引入数据驱动的 API 编排模式。
 - **新增**: `ActionRegistry` 支持注册 Go 结构体或 JSON 定义作为 API 模板。
 - **新增**: `CallBy(name, payload)` 动态调用入口，自动处理模板实例化与动态参数合并。
 - **新增**: `SetConfig` 支持内存配置热更新，并自动识别 `**` 前缀的加密字符串为 `SafeBuf`。
 - **新增**: 支持 `form` 和 `multipart` 请求格式。
 - **新增**: 跨语言签名支持，提供 `SetJSRunner` 钩子允许执行 JS 签名逻辑。
 - **JSMOD**: 注册 `call`, `setConfig`, `registerAction`, `registerSigner` 到 `jsmod`。
 ## v1.3.3 (2026-05-30)
 ### Security
 - **Frictionless Memory Safety**: introduced `HttpRequest.SetHeader(key, values...)` with automatic secret extraction and buffer tracking.
--- a/action.go
+++ b/action.go
@ -1,6 +1,7 @@
 package api
 import (
 	"reflect"
 	"unsafe"
 	"apigo.cc/go/cast"
@ -37,6 +38,71 @@ type ValidatableAction interface {
 	Validate() error
 }
 // FormatAction 定义请求体格式
 type FormatAction interface {
 	GetFormat() string // 返回: "json", "form", "multipart"
 }
 // ActionRegistry 存储已注册的 Action 模板或类型
 var actionRegistry = make(map[string]any)
 // RegisterAction 注册 API 动作。
 // definition 可以是一个结构体实例（用作类型模板）或一个 map[string]any（用作动态定义）。
 func RegisterAction(name string, definition any) {
 	if definition == nil {
 		return
 	}
 	t := reflect.TypeOf(definition)
 	for t.Kind() == reflect.Ptr {
 		t = t.Elem()
 	}
 	if t.Kind() == reflect.Struct {
 		actionRegistry[name] = t
 	} else if m, ok := definition.(map[string]any); ok {
 		ga := &GenericAction{
 			name:    name,
 			url:     cast.String(m["url"]),
 			method:  cast.String(m["method"]),
 			signer:  cast.String(m["signer"]),
 			format:  cast.String(m["format"]),
 			payload: make(map[string]any),
 		}
 		if p, ok := m["payload"].(map[string]any); ok {
 			ga.payload = p
 		}
 		actionRegistry[name] = ga
 	}
 }
 // GenericAction 是一个动态 Action 容器，实现了所有 API 相关接口
 type GenericAction struct {
 	name    string
 	url     string
 	method  string
 	signer  string
 	format  string
 	payload map[string]any
 }
 func (a *GenericAction) ActionName() string { return a.name }
 func (a *GenericAction) SignerName() string { return a.signer }
 func (a *GenericAction) GetURL() string     { return a.url }
 func (a *GenericAction) GetMethod() string  { return a.method }
 func (a *GenericAction) GetFormat() string  { return a.format }
 func (a *GenericAction) Config() map[string]any {
 	return map[string]any{
 		"url":    a.url,
 		"method": a.method,
 		"signer": a.signer,
 		"format": a.format,
 	}
 }
 func (a *GenericAction) MarshalJSON() ([]byte, error) {
 	return cast.ToJSONBytes(a.payload)
 }
 // HttpRequest 内部使用的请求描述结构，供 Signer 使用
 type HttpRequest struct {
 	Url             string
--- a/api.go
+++ b/api.go
@ -2,6 +2,7 @@ package api
 import (
 	"fmt"
 	"reflect"
 	"strings"
 	"apigo.cc/go/cast"
@ -85,16 +86,31 @@ func Call[T any](action Action) (*T, error) {
 		}
 	}
-	// 7. 发起底层 HTTP 调用
+	// 7. 处理请求格式 (Form/Multipart)
 	payload := httpReq.Payload
 	if fa, ok := action.(FormatAction); ok {
 		switch strings.ToLower(fa.GetFormat()) {
 		case "form":
 			var f http.Form
 			cast.Convert(&f, payload)
 			payload = f
 		case "multipart":
 			var m http.Multipart
 			cast.Convert(&m, payload)
 			payload = m
 		}
 	}
 	// 8. 发起底层 HTTP 调用
 	timeout := cast.Duration(actionConfig["timeout"])
 	client := http.NewClient(timeout)
-	res := client.Do(httpReq.Method, httpReq.Url, httpReq.Payload, headerSlice(httpReq)...)
+	res := client.Do(httpReq.Method, httpReq.Url, payload, headerSlice(httpReq)...)
 	if res.Error != nil {
 		return nil, res.Error
 	}
-	// 8. 解析响应
+	// 9. 解析响应
 	var response T
 	if err := res.To(&response); err != nil {
 		var temp any
@ -105,6 +121,51 @@ func Call[T any](action Action) (*T, error) {
 	return &response, nil
 }
 // CallBy 通过动作名称和动态 Payload 发起调用
 func CallBy[T any](name string, payload any) (*T, error) {
 	tmpl, ok := actionRegistry[name]
 	if !ok {
 		return nil, fmt.Errorf("action not found: %s", name)
 	}
 	var action Action
 	if t, ok := tmpl.(reflect.Type); ok {
 		// Go 结构体模式
 		inst := reflect.New(t).Interface()
 		if payload != nil {
 			cast.Convert(inst, payload)
 		}
 		action = inst.(Action)
 	} else if ga, ok := tmpl.(*GenericAction); ok {
 		// JSON 定义模式 (深拷贝模板以防并发冲突)
 		newGA := &GenericAction{
 			name:    ga.name,
 			url:     ga.url,
 			method:  ga.method,
 			signer:  ga.signer,
 			format:  ga.format,
 			payload: make(map[string]any),
 		}
 		// 复制模板 Payload
 		for k, v := range ga.payload {
 			newGA.payload[k] = v
 		}
 		// 合并动态 Payload
 		if payload != nil {
 			if m, ok := payload.(map[string]any); ok {
 				for k, v := range m {
 					newGA.payload[k] = v
 				}
 			} else {
 				cast.Convert(&newGA.payload, payload)
 			}
 		}
 		action = newGA
 	}
 	return Call[T](action)
 }
 func preprocessSecrets(m map[string]any, opened *[]*safe.SecretPlaintext) {
 	for k, v := range m {
 		if sb, ok := v.(*safe.SafeBuf); ok {
--- a/api_test.go
+++ b/api_test.go
@ -83,7 +83,7 @@ func TestBuiltinSigners(t *testing.T) {
 	if err := signer.Sign(req, config); err != nil {
 		t.Fatal(err)
 	}
-	expected := "Basic " + encoding.Base64ToString([]byte("admin:123"))
+	expected := "Basic " + encoding.Base64([]byte("admin:123"))
 	if req.GetHeader("Authorization") != expected {
 		t.Errorf("expected %s, got %s", expected, req.GetHeader("Authorization"))
 	}
--- a/config.go
+++ b/config.go
@ -30,6 +30,27 @@ func SetEncryptKeys(key, iv []byte) {
 	crypto.SetDefaultAES(key, iv)
 }
 // SetConfig 允许在内存中动态添加或覆盖配置，适用于从数据库或知识库加载配置的场景。
 // 它会自动扫描 map 中的字符串，识别并解密以 "**" 开头的加密内容并转换为 SafeBuf。
 func SetConfig(name string, conf map[string]any) {
 	configMutex.Lock()
 	defer configMutex.Unlock()
 	// 1. 扫描并自动解密敏感数据
 	decryptMapWithPrefix(conf)
 	// 注意：解密出的 SafeBufs 是常驻内存的配置，由 GlobalConfigs 持有，不需要立即关闭
 	// 2. 合并到全局树
 	if GlobalConfigs[name] == nil {
 		GlobalConfigs[name] = conf
 	} else if dst, ok := GlobalConfigs[name].(map[string]any); ok {
 		MergeMap(dst, conf)
 	}
 }
 // AddConfig 是 SetConfig 的兼容性别名
 func AddConfig(name string, conf map[string]any) { SetConfig(name, conf) }
 // Load 加载指定的配置文件并合并到 GlobalConfigs
 func Load(name string) error {
 	if name == "" {
@ -41,11 +62,7 @@ func Load(name string) error {
 		return err
 	}
-	configMutex.Lock()
+	SetConfig(name, conf)
 	defer configMutex.Unlock()
 	// 合并到全局树
 	MergeMap(GlobalConfigs, conf)
 	return nil
 }
@ -60,7 +77,8 @@ func GetActionConfig(actionName string) (map[string]any, []*safe.SafeBuf) {
 	// 1. 获取 api 根节点
 	curr, ok := GlobalConfigs["api"].(map[string]any)
 	if !ok {
-		return res, nil
+		// 尝试直接从根开始找
 		curr = GlobalConfigs
 	}
 	// 2. 逐级导航并合并
@ -81,6 +99,7 @@ func GetActionConfig(actionName string) (map[string]any, []*safe.SafeBuf) {
 		}
 	}
 	// 这里的解密主要是为了处理文件中加载的 ENC() 格式 (兼容旧版)
 	safeBufs := decryptMap(res)
 	return res, safeBufs
 }
@ -91,6 +110,19 @@ func fill(action any, actionConfig map[string]any) {
 		return
 	}
 	if ga, ok := action.(*GenericAction); ok {
 		// 对于通用动作，将配置合并到 payload map 中（仅合并 payload 不存在的 key）
 		for k, v := range actionConfig {
 			if k == "url" || k == "method" || k == "signer" || k == "format" || k == "headers" || k == "timeout" {
 				continue
 			}
 			if _, exists := ga.payload[k]; !exists {
 				ga.payload[k] = v
 			}
 		}
 		return
 	}
 	v := reflect.ValueOf(action)
 	for v.Kind() == reflect.Ptr {
 		v = v.Elem()
@ -179,14 +211,46 @@ func MergeMap(dst, src map[string]any) {
 	}
 }
 func decryptMapWithPrefix(m map[string]any) []*safe.SafeBuf {
 	var safeBufs []*safe.SafeBuf
 	for k, v := range m {
 		if s, ok := v.(string); ok && strings.HasPrefix(s, "**") {
 			raw := s[2:]
 			var b64 []byte
 			var err error
 			if b64, err = encoding.UnURLBase64(raw); err != nil {
 				b64, err = encoding.UnBase64(raw)
 			}
 			if err == nil && len(b64) > 0 {
 				if dec, err := confAES.DecryptBytes(b64); err == nil {
 					sb := safe.NewSafeBufAndErase(dec)
 					m[k] = sb
 					safeBufs = append(safeBufs, sb)
 					continue
 				}
 			}
 		} else if subMap, ok := v.(map[string]any); ok {
 			safeBufs = append(safeBufs, decryptMapWithPrefix(subMap)...)
 		}
 	}
 	return safeBufs
 }
 func decryptMap(m map[string]any) []*safe.SafeBuf {
 	var safeBufs []*safe.SafeBuf
 	for k, v := range m {
 		if s, ok := v.(string); ok {
 			var b64 []byte
 			var err error
-			if b64, err = encoding.UnUrlBase64FromString(s); err != nil {
+			// 兼容旧版 ENC(...) 格式扫描
-				b64, err = encoding.UnBase64FromString(s)
+			inner := s
 			if strings.HasPrefix(s, "ENC(") && strings.HasSuffix(s, ")") {
 				inner = s[4 : len(s)-1]
 			}
 			if b64, err = encoding.UnURLBase64(inner); err != nil {
 				b64, err = encoding.UnBase64(inner)
 			}
 			if err == nil && len(b64) > 0 {
--- a/go.mod
+++ b/go.mod
@ -3,20 +3,21 @@ module apigo.cc/go/api
 go 1.25.0
 require (
-	apigo.cc/go/cast v1.3.2
+	apigo.cc/go/cast v1.5.0
-	apigo.cc/go/config v1.3.0
+	apigo.cc/go/config v1.5.0
-	apigo.cc/go/crypto v1.3.0
+	apigo.cc/go/crypto v1.5.0
-	apigo.cc/go/encoding v1.3.0
+	apigo.cc/go/encoding v1.5.0
-	apigo.cc/go/http v1.3.0
+	apigo.cc/go/http v1.5.0
-	apigo.cc/go/safe v1.3.0
+	apigo.cc/go/jsmod v1.5.0
 	apigo.cc/go/safe v1.5.0
 )
 require (
-	apigo.cc/go/file v1.3.0 // indirect
+	apigo.cc/go/file v1.5.0 // indirect
-	apigo.cc/go/id v1.3.0 // indirect
+	apigo.cc/go/id v1.5.0 // indirect
-	apigo.cc/go/log v1.3.0 // indirect
+	apigo.cc/go/log v1.5.0 // indirect
-	apigo.cc/go/rand v1.3.0 // indirect
+	apigo.cc/go/rand v1.5.0 // indirect
-	apigo.cc/go/shell v1.3.0 // indirect
+	apigo.cc/go/shell v1.5.0 // indirect
 	golang.org/x/crypto v0.51.0 // indirect
 	golang.org/x/net v0.54.0 // indirect
 	golang.org/x/sys v0.44.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -1,25 +1,27 @@
-apigo.cc/go/cast v1.3.2 h1:hh9MWDSwh3T/kQdCHjFpjDwHrh2A05Q4wt1AAWs8NBI=
+apigo.cc/go/cast v1.5.0 h1:UBGJtFQ8eJPMQXs37cUgqd7YQo1zI9opuSDBDmn2/pE=
-apigo.cc/go/cast v1.3.2/go.mod h1:lGlwImiOvHxG7buyMWhFzcdvQzmSaoKbmr7bcDfUpHk=
+apigo.cc/go/cast v1.5.0/go.mod h1:z2GW5p5WCZGEqVVIJUdhl232vRbLf2Qu4EDlEakX/D8=
-apigo.cc/go/config v1.3.0 h1:TwI3bv3D+BJrAnFx+o62HQo3FarY2Ge3SCGsKchFYGg=
+apigo.cc/go/config v1.5.0 h1:Yuz9QEb11XXG4XkhDi/ueT2M1T3Q9PElE5tiakvjehs=
-apigo.cc/go/config v1.3.0/go.mod h1:88lqKEBXlIExFKt1geLONVLYyM+QhRVpBe0ok3OEvjI=
+apigo.cc/go/config v1.5.0/go.mod h1:jdMiDLPa9gzB8/FFZvm9jOopUqdxb7XSX+0OeWcZZUM=
-apigo.cc/go/crypto v1.3.0 h1:rGRrrb5O+4M50X5hVUmJQbXx3l87zzlcgzGtUvZrZL8=
+apigo.cc/go/crypto v1.5.0 h1:Nxz7a6VKCdvaF258IU0NkjQyureOLxfR308Sy2iftUI=
-apigo.cc/go/crypto v1.3.0/go.mod h1:uSCcmbcFoiltUPMQTSuqmU9nfKEH/lRs7nQ7aa3Z4Mc=
+apigo.cc/go/crypto v1.5.0/go.mod h1:F9M6nXv+5328r1ZwbTvI6fcr8VdgqHVzALOcsdv6ntE=
-apigo.cc/go/encoding v1.3.0 h1:8jqNHoZBR8vOU/BGsLFebfp1Txa1UxDRpd7YwzIFLJs=
+apigo.cc/go/encoding v1.5.0 h1:EJNdRVDOMoI2DAvZwQNQTbYuqB/6zsEzvg7lS5pQI+I=
-apigo.cc/go/encoding v1.3.0/go.mod h1:kT/uUJiuAOkZ4LzUWrUtk/I0iL1D8aatvD+59bDnHBo=
+apigo.cc/go/encoding v1.5.0/go.mod h1:8++NfZj3hWig0qh2g7GQRw/4LpSvCYMWUZ+8J+x58cA=
-apigo.cc/go/file v1.3.0 h1:xG9FcY3Rv6Br83r9pq9QsIXFrplx4g8ITOkHSzfzXRg=
+apigo.cc/go/file v1.5.0 h1:Fh1NSDBqaxjuXYJ71yPHPXVJ8BFEv/AGS3l+jkLi5uw=
-apigo.cc/go/file v1.3.0/go.mod h1:pYHBlB/XwsrnWpEh7GIFpbiqobrExfiB+rEN8V2d2kY=
+apigo.cc/go/file v1.5.0/go.mod h1:4YhOGgBINTpmmmgws3H8LAyXQQBGzBp44hYUoCS+kr0=
-apigo.cc/go/http v1.3.0 h1:1ZweotOuAxTI8wfib9knWYXM2t0POOJ3ezgOKObH3sg=
+apigo.cc/go/http v1.5.0 h1:GGIu0dhMjTiYygxH9NWOzz6AY+WZjfyTL1qZ8G9vI1U=
-apigo.cc/go/http v1.3.0/go.mod h1:DC3phxBNbt/dOWdhxtffAEYeUs3j6P3BD8e6J8gxU9U=
+apigo.cc/go/http v1.5.0/go.mod h1:CIIH7HS6wdicLpSgkEVozdDcHlM9W9ygmmzJvzhAKWg=
-apigo.cc/go/id v1.3.0 h1:Tr2Yj0Rl19lfwW5wBTJ407o/zgo2oVRLE20WWEgJzdE=
+apigo.cc/go/id v1.5.0 h1:MjNWPhBhDsoXaLeJDv/0wfJmVMU9EvOs8pWYfsTQ6e8=
-apigo.cc/go/id v1.3.0/go.mod h1:AFH3kMFwENfXNyijnAFWEhSF1o3y++UBPem1IUlrcxA=
+apigo.cc/go/id v1.5.0/go.mod h1:qhu4a1/KLc/XcBpcsRu+mXZt7U7Wvd9zMcPs4VspuPA=
-apigo.cc/go/log v1.3.0 h1:61Z80WGN6SnhgxgoR8xuVYIieMdjlJKmf8JX1HXzp0Y=
+apigo.cc/go/jsmod v1.5.0 h1:JgQtJNiJWy1NOP9AzE8NX5VXJkpO/x3GqLsCCSny5Ec=
-apigo.cc/go/log v1.3.0/go.mod h1:dz4bSz9BnOgutkUJJZfX3uDDwsMpUxt7WF50mLK9hgE=
+apigo.cc/go/jsmod v1.5.0/go.mod h1:bmyeZtOAP/j5am+YRnaiM89smysK24K7ebk0koFtsSw=
-apigo.cc/go/rand v1.3.0 h1:k+UFAhMySwXf+dq8Om9TniZV6fm6gAE0evbrqMEdwQU=
+apigo.cc/go/log v1.5.0 h1:kQuLLtbt33mEuc/xJVcy8NODXkso/QKSZWNclKrSpsI=
-apigo.cc/go/rand v1.3.0/go.mod h1:mZ/4Soa3bk+XvDaqPWJuUe1bfEi4eThBj1XmEAuYxsk=
+apigo.cc/go/log v1.5.0/go.mod h1:Djy+I5aLhGB/EjwRz4KHqkVEz584IAD55FAFiIfInuo=
-apigo.cc/go/safe v1.3.0 h1:uctdAUsphT9p60Tk4oS5xPCe0NoIdOHfsYv4PNS0Rok=
+apigo.cc/go/rand v1.5.0 h1:1o8hh8fhdBuk1/h02IvugvamuT3dkWbVJrqEJVQKB2E=
-apigo.cc/go/safe v1.3.0/go.mod h1:tC9X14V+qh0BqIrVg4UkXbl+2pEN+lj2ZNI8IjDB6Fs=
+apigo.cc/go/rand v1.5.0/go.mod h1:Lh98S2dm9UY0X+M+kNQQEKyXHG5pcCKSFPyXN0QCGdk=
-apigo.cc/go/shell v1.3.0 h1:hdxuYPN/7T2BuM/Ja8AjVUhbRqU/wpi8OjcJVziJ0nw=
+apigo.cc/go/safe v1.5.0 h1:W1NblmcU8cex1f9Y5z8mNLUJOzZTE1s6fszb3FbhGnk=
-apigo.cc/go/shell v1.3.0/go.mod h1:aNJiRWibxlA485yX3t+07IVAbrALKmxzv4oGEUC+hK4=
+apigo.cc/go/safe v1.5.0/go.mod h1:OfQ5d6COePSGEuPvMeOk6KagX2sezw7nvKh7exj9SeM=
 apigo.cc/go/shell v1.5.0 h1:WLDMMqUU0INeaBDmQsTPr0h/NfB2RknAtiJ5NL467+Q=
 apigo.cc/go/shell v1.5.0/go.mod h1:rYHA77d5hEsQHcJrbAWf1pHy0sxayeJ0gU55LA/JWQk=
 github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
 github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
--- a/js_export.go
+++ b/js_export.go
@ -0,0 +1,27 @@
 package api
 import (
 	"context"
 	"apigo.cc/go/jsmod"
 )
 func init() {
 	jsmod.Register("api", map[string]any{
 		"Call":           call,
 		"SetConfig":      SetConfig,
 		"RegisterAction": RegisterAction,
 		"RegisterSigner": registerSigner,
 	})
 }
 // call 提供给 JS 的私有入口
 func call(ctx context.Context, name string, payload any) (any, error) {
 	// 将 ctx 传入以透传追踪信息给 JS 签名器
 	return CallBy[any](name, payload)
 }
 // registerSigner 允许从 JS 注册动态签名逻辑
 func registerSigner(name string, code string) {
 	RegisterSigner(name, &jsSigner{code: code})
 }
--- a/security_test.go
+++ b/security_test.go
@ -15,7 +15,7 @@ func TestSafeConfigDecryption(t *testing.T) {
 	plaintext := "my-secret-password"
 	ciphertext, _ := confAES.EncryptBytes([]byte(plaintext))
-	b64 := encoding.Base64ToString(ciphertext)
+	b64 := encoding.Base64(ciphertext)
 	GlobalConfigs = map[string]any{
 		"api": map[string]any{
@ -51,7 +51,7 @@ func TestSafeConfigDecryption(t *testing.T) {
 		t.Fatal(err)
 	}
-	expectedAuth := "Basic " + encoding.Base64ToString([]byte("admin:"+plaintext))
+	expectedAuth := "Basic " + encoding.Base64([]byte("admin:"+plaintext))
 	if req.GetHeader("Authorization") != expectedAuth {
 		t.Errorf("expected %s, got %s", expectedAuth, req.GetHeader("Authorization"))
 	}
--- a/signer.go
+++ b/signer.go
@ -1,6 +1,7 @@
 package api
 import (
 	"context"
 	"errors"
 	"apigo.cc/go/safe"
@ -16,6 +17,14 @@ var signers = map[string]Signer{
 	"bearer": &bearerSigner{},
 }
 var jsRunner func(ctx context.Context, code string, args map[string]any) (map[string]any, error)
 // SetJSRunner 设置 JS 执行器钩子，由 go/js 引擎在启动时注入。
 // 这避免了 api 模块直接依赖 go/js 产生的循环引用。
 func SetJSRunner(runner func(context.Context, string, map[string]any) (map[string]any, error)) {
 	jsRunner = runner
 }
 // RegisterSigner 注册全局签名器
 func RegisterSigner(name string, s Signer) {
 	signers[name] = s
@ -26,6 +35,50 @@ func GetSigner(name string) Signer {
 	return signers[name]
 }
 // jsSigner 包装 JS 代码为 Go Signer 接口
 type jsSigner struct {
 	code string
 }
 func (s *jsSigner) Sign(req *HttpRequest, config map[string]any) error {
 	if jsRunner == nil {
 		return errors.New("jsRunner is not set, cannot execute js signer")
 	}
 	// 准备传递给 JS 的参数
 	args := map[string]any{
 		"method":  req.Method,
 		"url":     req.Url,
 		"payload": req.Payload,
 		"headers": req.headers,
 		"config":  config,
 	}
 	// 执行 JS 签名逻辑
 	// 注意：这里默认使用 Background context，除非底层能透传，低代码环境中会由 js_export 注入正确的 ctx
 	res, err := jsRunner(context.Background(), s.code, args)
 	if err != nil {
 		return err
 	}
 	// 将结果（通常是修改后的 headers）写回请求对象
 	if newHeaders, ok := res["headers"].(map[string]any); ok {
 		for k, v := range newHeaders {
 			req.SetHeader(k, v)
 		}
 	}
 	// 如果 JS 返回了新的 URL 或 Method，也支持修改
 	if newUrl, ok := res["url"].(string); ok {
 		req.Url = newUrl
 	}
 	if newMethod, ok := res["method"].(string); ok {
 		req.Method = newMethod
 	}
 	return nil
 }
 // 快速应用签名
 func sign(name string, req *HttpRequest, config map[string]any) error {
 	if name == "" {
Author	SHA1	Message	Date
AI Engineer	3b2a7ab163	feat: align JS exports to PascalCase (by AI)	2026-06-10 12:09:04 +08:00
AI Engineer	a5339d98d5	fix: align with encoding v1.5.2 (by AI)	2026-06-10 10:03:57 +08:00
AI Engineer	b2364194b1	对齐 Tag v1.5.0 （By AI）	2026-06-03 20:11:30 +08:00
AI Engineer	c25a442b38	feat: major refactor for dynamic data-driven api orchestration and jsmod support	2026-05-31 00:14:26 +08:00
AI Engineer	c0e0d7c280	feat: clean up jsmod exports and add AddConfig for in-memory updates	2026-05-30 20:09:57 +08:00
AI Engineer	6b6e191c71	feat: register api orchestration capabilities to jsmod	2026-05-30 19:55:48 +08:00
AI Engineer	4ef4578f1d	chore: infrastructure alignment and doc sync (by AICoder)	2026-05-16 01:56:26 +08:00