feat: отправка x-hwid-limit: false когда HWID активен и лимит не достигнут

[this-xkit]

Что изменено

Расширена логика отправки HTTP-хедера x-hwid-limit в ответе на запрос подписки.

Раньше хедер отправлялся только со значением true при превышении лимита устройств и когда клиент не отправил HWID. Теперь у хедера три состояния:

Состояние	Значение
HWID-контроль неактивен	хедер отсутствует
HWID активен, лимит не достигнут (новое устройство зарегистрировано)	false
HWID активен, лимит достигнут / клиент не поддерживает HWID	true

Что затронуто

Один файл: src/modules/subscription/subscription.service.ts

• В checkHwidDeviceLimit() добавлено поле isNewDevice: boolean в тип возврата — чтобы отличить регистрацию нового устройства от уже известного
• В getSubscriptionByShortUuid() — хедер x-hwid-limit: false ставится при успешной регистрации нового устройства
• В getRawSubscriptionByShortUuid() — аналогично

Что НЕ затронуто

• Шаблонная переменная SS_HWID_LIMIT — не изменена
• External squads override — работает как прежде
• Per-user hwidDeviceLimit = 0 — хедер отсутствует (как и раньше)
• Известное устройство — хедер отсутствует (как и раньше)
• Все остальные хедеры и логика подписки

Протестировано

Все сценарии проверены вручную на живом окружении:

Сценарий	Результат
Клиент не передаёт x-hwid	true ✅
Известное устройство	отсутствует ✅
Новое устройство, лимит не достигнут	false ✅
Лимит достигнут	true ✅
Per-user HWID отключён (hwidDeviceLimit = 0)	отсутствует ✅
HWID глобально выключен	отсутствует ✅

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[what-the-diff]

PR Summary

• Changed Default Settings in Service Generator
  The default setting for the "includeHidden" feature in the service generator module has been updated to 'false'. It's a small but significant change that can impact the behavior of the system.

• Added Device Limit Management Variable
  A new variable, 'hwidLimitHeader', has been introduced in the subscription service. This variable serves to manage device limit headers, making the service more flexible and efficient.

• New Logic Added for Device Allowance
  Some new logical steps have been implemented. Now, when a new device gets approved or allowed, the 'hwidLimitHeader' will automatically be set to 'false'. This helps in keeping the system updated and responsive.

• Refactored Header Assignments in Response
  The assignment system of headers within the response has been revamped. Now, they utilize a newly created 'headers' variable, which ultimately simplifies and streamlines the process.

• New Property for Response Type
  In the subscription service, a new property named 'isNewDevice' has been added to the response type. This property will signal if the device is new, making it easier to track and manage various devices.

• Adjusted Implementation for isNewDevice
  Various functions have been fine-tuned to ensure that the 'isNewDevice' property accurately reflects the device's appropriate state. This change enhances the accuracy and efficiency of the system.

[greptile-apps]

Greptile Summary

This PR extends the x-hwid-limit HTTP header logic to send false when HWID is active and a new device is successfully registered, giving v2rayTUN clients a three-state signal instead of the previous binary one. The core changes in subscription.service.ts are correct and well-structured.

However, the PR modifies a second file that is not documented in the PR description: mihomo.generator.service.ts now sets includeHiddenHosts default to false instead of true. This is a silent breaking change for existing Mihomo/Stash users whose templates don't explicitly set this field—they will lose hidden hosts from subscriptions after this update. This change should be documented in the PR description and users should be notified.

Key changes:

• checkHwidDeviceLimit() return type gains isNewDevice: boolean to distinguish a freshly registered device from an already-known one
• Both getSubscriptionByShortUuid() and getRawSubscriptionByShortUuid() now emit x-hwid-limit: false when a new device is registered
• mihomo.generator.service.ts: includeHiddenHosts default silently changed from true → false — not mentioned in the PR description and breaks existing user configurations

Confidence Score: 2/5

• The subscription HWID logic is sound, but an undocumented breaking change to the Mihomo generator's includeHiddenHosts default creates risk for existing users without proper migration guidance.
• The HWID header implementation is logically correct and covers all documented scenarios properly. However, the PR introduces a silent breaking change in mihomo.generator.service.ts that flips includeHiddenHosts from true to false by default. This is not mentioned in the PR description (which claims only one file is affected) and will cause existing Mihomo/Stash users to lose hidden hosts from their subscriptions unless they explicitly set the config option. Without documentation and user communication about this breaking change, the PR should not be merged as-is.
• src/modules/subscription-template/generators/mihomo.generator.service.ts — The undocumented includeHiddenHosts default change requires documentation in the PR description and consideration of migration/communication to affected users

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Subscription request received] --> B{hwidSettings.enabled?}
    B -- No --> C[checkAndUpsertHwidUserDevice\nskip header]
    B -- Yes --> D[checkHwidDeviceLimit]

    D --> E{isAllowed.isOk\n& !isSubscriptionAllowed?}
    E -- Yes --> F[Set x-hwid-limit: 'true'\nearly return / isHwidLimited=true]
    E -- No --> G{isAllowed.isOk\n& isNewDevice?}
    G -- Yes --> H[Set x-hwid-limit: 'false']
    G -- No --> I[No x-hwid-limit header\ne.g. known device or hwidDeviceLimit=0]

    H --> J[Generate subscription & return response]
    I --> J
    C --> J

Loading

_{Last reviewed commit: dd4fbba}

[greptile-apps]

_{2 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

The default value for includeHiddenHosts has been changed from true to false on this line, but this breaking change is not mentioned in the PR description. The PR description states only subscription.service.ts is modified ("Один файл"), yet this file is also changed.

Mihomo/Stash users who have not explicitly set remnawave.includeHiddenHosts in their templates will silently lose hidden hosts from their subscriptions after this update — a breaking behavior change for existing deployments.

Please document this change in the PR description and consider whether existing users need migration guidance.