feat(m5b): pallas_protocol 改名为 pb_protocol

[TogetsuDo]

Summary

• M5b：pallas_protocol → pb_protocol（目录、测试、文档、matrix、help 别名）
• plugin_package_aliases 保留 pallas_protocol → pb_protocol 兼容映射
• data/pallas_protocol/ 启动时一次性迁移至 data/pb_protocol/
• 配置字段与环境变量 PALLAS_PROTOCOL_* 保持不变

Test plan

• uv run ruff check src/
• pytest tests/plugins/pb_protocol/ 26 passed
• CI lint-and-format / build-test

Summary by Sourcery

将核心 QQ 协议管理插件在代码、测试和文档中从 pallas_protocol 重命名为 pb_protocol，同时在配置和插件别名层面保持向后兼容。

Enhancements:

• 通过专用的 pb_protocol_data_dir 辅助函数来访问协议账号数据目录，并在首次使用时迁移现有的 pallas_protocol 数据。
• 在插件矩阵中使用规范化的插件包别名解析，使旧的和新的协议插件名称都映射到相同的额外包和加载行为。
• 调整 WebUI 区块注册、环境配置区块、日志 facets 以及分片角色定义，使其将 pb_protocol 识别为主要的协议插件标识符。
• 更新分片数据同步和多机器人集群辅助逻辑，通过新的 pb_protocol 路径读取协议账号数据，而不是依赖硬编码的 plugin_data_dir 查找。

Documentation:

• 更新用户和开发者文档链接、插件文档以及 FAQ 引用，使其指向重命名后的 pb_protocol 插件及其文档路径。

Tests:

• 重命名并更新与协议相关的测试，使其引用 pb_protocol，并扩展插件矩阵测试，以覆盖新旧名称在别名处理和打包加载行为上的测试。

Chores:

• 扩展插件包别名、帮助插件别名以及启动时隐藏插件列表，将 pb_protocol 纳入其中，并保留 pallas_protocol 作为兼容性的遗留别名。
• 调整工具和脚本，例如文档同步和扩展仓库初始化脚本，使其使用 pb_protocol 标识符和路径。

Original summary in English

Summary by Sourcery

Rename the core QQ protocol management plugin from pallas_protocol to pb_protocol across code, tests, and docs while preserving backward compatibility for configuration and plugin aliases.

Enhancements:

• Route protocol account data access through a dedicated pb_protocol_data_dir helper that migrates existing pallas_protocol data on first use.
• Use canonical plugin package alias resolution in the plugin matrix so both old and new protocol plugin names map to the same extra package and loading behavior.
• Adjust WebUI section registration, environment sections, logging facets, and shard role definitions to recognize pb_protocol as the primary protocol plugin identifier.
• Update shard data synchronization and multi-bot fleet helpers to read protocol account data via the new pb_protocol paths instead of hardcoded plugin_data_dir lookups.

Documentation:

• Update user and developer documentation links, plugin docs, and FAQ references to point to the renamed pb_protocol plugin and its docs paths.

Tests:

• Rename and update protocol-related tests to reference pb_protocol, and extend plugin matrix tests to cover alias handling and bundled-loading behavior for both old and new names.

Chores:

• Extend plugin package aliases, help plugin aliases, and startup hidden-plugin lists to include pb_protocol and keep pallas_protocol as a legacy alias for compatibility.
• Adjust tooling and scripts such as documentation sync and extension repo bootstrapping to use the pb_protocol identifier and paths.

[sourcery-ai]

Hey - 我发现了 2 个安全问题、5 个其他问题，并留下了一些整体性的反馈：

安全问题：

• 检测到不安全的 WebSocket。所有 WebSocket 连接都应使用加密的 WebSocket Secure（wss）。(link)
• 检测到不安全的 WebSocket。所有 WebSocket 连接都应使用加密的 WebSocket Secure（wss）。(link)

总体评论：

• 在 pb_protocol_data_dir 中，一次性迁移直接使用 legacy.rename(new_root)，没有做错误处理；建议用 try/except 包裹，并在失败时回退到更安全的策略（例如 copy + remove），以避免在跨文件系统移动或启动时权限问题导致失败。
• 迁移保护开关 _migrated 仅在进程内生效；如果有多个进程并发启动，它们可能会在 pallas_protocol → pb_protocol 重命名时发生竞争——如果这是一个可能的场景，你可能需要增加文件系统层面的保护（例如检测新目录是否存在，或者使用锁文件），从而让该操作在多进程下也足够健壮。

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- In `pb_protocol_data_dir`, the one-time migration uses `legacy.rename(new_root)` without error handling; consider wrapping this in a try/except and falling back to a safer strategy (e.g., copy + remove) to avoid failures on cross-filesystem moves or permission issues during startup.
- The migration guard `_migrated` is process-local; if multiple processes start concurrently they may race on the `pallas_protocol` → `pb_protocol` rename—if this is a concern, you may want to add a filesystem-level guard (e.g., presence of the new dir or a lock file) to make the operation robust across processes.

## Individual Comments

### Comment 1
<location path="src/plugins/pb_protocol/data_dir.py" line_range="17-25" />
<code_context>
+_migrated = False
+
+
+def pb_protocol_data_dir(*, create: bool = True) -> Path:
+    global _migrated
+    if create and not _migrated:
+        legacy = plugin_data_dir(_LEGACY_PLUGIN, create=False)
+        new_root = plugin_data_dir(_CURRENT_PLUGIN, create=False)
+        if legacy.is_dir() and not new_root.exists():
+            legacy.rename(new_root)
+        _migrated = True
+    return plugin_data_dir(_CURRENT_PLUGIN, create=create)
</code_context>
<issue_to_address>
**issue (bug_risk):** Guard the legacy→current data dir rename against cross-process races

This migration is only guarded by the process-local `_migrated` flag. With multiple concurrent processes, more than one can see `legacy.is_dir()` and `not new_root.exists()` as true and attempt `legacy.rename(new_root)`, causing a `FileNotFoundError`/`OSError` and failing startup.

Please make the rename resilient to this race, e.g. by wrapping it in `try`/`except` for `FileNotFoundError`/`OSError` (only treating unexpected errors as fatal), or by re-checking `legacy.exists()` in a small try-block so concurrent migrations don’t crash the process.
</issue_to_address>

### Comment 2
<location path="src/platform/shard/data_sync.py" line_range="18-19" />
<code_context>
 _REGISTRY_FILE = "registry.json"


+def _accounts_data_dir():
+    return pb_protocol_data_dir(create=False)
+
+
</code_context>
<issue_to_address>
**question (bug_risk):** Consider whether shard data sync should also trigger protocol data dir migration

Because `_accounts_data_dir()` passes `create=False` to `pb_protocol_data_dir`, it never runs the migration logic there (which only executes when `create=True`). As a result, `_current_mtuples()` will ignore an existing legacy `pallas_protocol` accounts dir until some other code path calls `pb_protocol_data_dir(create=True)`. If shard data sync must work before the pb_protocol plugin is initialized (or in setups that only run registry syncing), consider having `_accounts_data_dir()` also trigger migration (e.g., by calling `pb_protocol_data_dir(create=True)` or via a helper that performs migration without creating a new dir).
</issue_to_address>

### Comment 3
<location path="src/console/webui/protocol_accounts.py" line_range="15" />
<code_context>
 def protocol_account_display_names() -> dict[str, str]:
     global _cached_mtime, _cached_names
-    path = plugin_data_dir("pallas_protocol") / "accounts.json"
+    path = pb_protocol_data_dir(create=False) / "accounts.json"
     if not path.is_file():
         return {}
</code_context>
<issue_to_address>
**suggestion (bug_risk):** Protocol accounts view might not see legacy pallas_protocol data without a migration trigger

Because this uses `pb_protocol_data_dir(create=False)`, the migration from `pallas_protocol` to `pb_protocol` won’t run here. If the web UI is hit before anything calls `pb_protocol_data_dir(create=True)`, the account list can appear empty even though `accounts.json` still exists in the legacy folder.

To avoid that, either call `pb_protocol_data_dir(create=True)` here so migration runs, or factor out a helper that performs a “migrate-if-legacy-exists” step (without creating a new dir when neither exists) and use that instead. This keeps behavior consistent regardless of initialization order.
</issue_to_address>

### Comment 4
<location path="tests/common/web/test_log_facets.py" line_range="11" />
<code_context>
         ("pallas_webui", "hello", True, False),
         ("other", "[pallas-webui] x", True, False),
-        ("pallas_protocol", "y", False, True),
+        ("pb_protocol", "y", False, True),
         ("x", "[pallas-protocol] z", False, True),
         ("nonebot", "plain", False, False),
</code_context>
<issue_to_address>
**suggestion (testing):** Also test that legacy pallas_protocol logger name still maps to the protocol facet

This parametrized test now only checks the new `pb_protocol` logger name, even though `nonebot_log_record_matches_http_facet` still treats both `pb_protocol` and `pallas_protocol` as protocol logs. Please add a parameter for the legacy name as well (e.g. `("pallas_protocol", "y", False, True)`) to verify the backward-compatibility behavior remains covered.
</issue_to_address>

### Comment 5
<location path="docs/FAQ.md" line_range="172" />
<code_context>
+A: **`pallasbot` 只是 Compose 服务名**，DNS 只在**同一 Compose 网络里的容器**之间有效。协议端在 **Linux Docker 模式**下用 `docker run` 起的 NapCat **默认不在**该网络里；若把客户端地址写成 **`ws://pallasbot:<PORT>/onebot/v11/ws`**（明文 WebSocket、主机填服务名），在默认桥接场景下**往往连不上**。插件会把 **主机** 改成解析后的 **`PALLAS_PROTOCOL_DOCKER_ONEBOT_HOST`**（留空时 Linux **`bridge`** 多为**默认网关 IP** 或 **`172.17.0.1`**；**`host` 网络为 `127.0.0.1`**）再写入 **`onebot*.json`**，**不会**自动替你填 `pallasbot`。一般不必为此去「取消」Compose 自定义网络；只有当你**自行**把 NapCat 做成与 Bot **同一 Compose 网络**的 service 时，才适合继续用 **`ws://pallasbot:<PORT>/onebot/v11/ws`** 这类内网写法。详见 [Docker 部署](DockerDeployment.md) 与 [`pallas_protocol` 插件说明](plugins/pb_protocol/README.md) 中「Docker 与反向 WebSocket」一节。
</code_context>
<issue_to_address>
**suggestion (typo):** Link text still uses `pallas_protocol` while pointing to `pb_protocol` docs.

The target path is correct, but the link label still says ``[`pallas_protocol` 插件说明]``. Please rename the inline code/link text to `pb_protocol` for consistency with the updated plugin name, unless you intend to keep the old name here for a specific reason.
</issue_to_address>

### Comment 6
<location path="docs/FAQ.md" line_range="172" />
<code_context>
A: **`pallasbot` 只是 Compose 服务名**，DNS 只在**同一 Compose 网络里的容器**之间有效。协议端在 **Linux Docker 模式**下用 `docker run` 起的 NapCat **默认不在**该网络里；若把客户端地址写成 **`ws://pallasbot:<PORT>/onebot/v11/ws`**（明文 WebSocket、主机填服务名），在默认桥接场景下**往往连不上**。插件会把 **主机** 改成解析后的 **`PALLAS_PROTOCOL_DOCKER_ONEBOT_HOST`**（留空时 Linux **`bridge`** 多为**默认网关 IP** 或 **`172.17.0.1`**；**`host` 网络为 `127.0.0.1`**）再写入 **`onebot*.json`**，**不会**自动替你填 `pallasbot`。一般不必为此去「取消」Compose 自定义网络；只有当你**自行**把 NapCat 做成与 Bot **同一 Compose 网络**的 service 时，才适合继续用 **`ws://pallasbot:<PORT>/onebot/v11/ws`** 这类内网写法。详见 [Docker 部署](DockerDeployment.md) 与 [`pallas_protocol` 插件说明](plugins/pb_protocol/README.md) 中「Docker 与反向 WebSocket」一节。
</code_context>
<issue_to_address>
**security (javascript.lang.security.detect-insecure-websocket):** Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.

*Source: opengrep*
</issue_to_address>

### Comment 7
<location path="docs/FAQ.md" line_range="172" />
<code_context>
A: **`pallasbot` 只是 Compose 服务名**，DNS 只在**同一 Compose 网络里的容器**之间有效。协议端在 **Linux Docker 模式**下用 `docker run` 起的 NapCat **默认不在**该网络里；若把客户端地址写成 **`ws://pallasbot:<PORT>/onebot/v11/ws`**（明文 WebSocket、主机填服务名），在默认桥接场景下**往往连不上**。插件会把 **主机** 改成解析后的 **`PALLAS_PROTOCOL_DOCKER_ONEBOT_HOST`**（留空时 Linux **`bridge`** 多为**默认网关 IP** 或 **`172.17.0.1`**；**`host` 网络为 `127.0.0.1`**）再写入 **`onebot*.json`**，**不会**自动替你填 `pallasbot`。一般不必为此去「取消」Compose 自定义网络；只有当你**自行**把 NapCat 做成与 Bot **同一 Compose 网络**的 service 时，才适合继续用 **`ws://pallasbot:<PORT>/onebot/v11/ws`** 这类内网写法。详见 [Docker 部署](DockerDeployment.md) 与 [`pallas_protocol` 插件说明](plugins/pb_protocol/README.md) 中「Docker 与反向 WebSocket」一节。
</code_context>
<issue_to_address>
**security (javascript.lang.security.detect-insecure-websocket):** Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.

*Source: opengrep*
</issue_to_address>

---

Sourcery 对开源项目免费使用——如果你觉得这些 review 有帮助，欢迎分享 ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{帮我变得更有用！请在每条评论上点 👍 或 👎，我会根据这些反馈改进后续的 review。}

Original comment in English

Hey - I've found 2 security issues, 5 other issues, and left some high level feedback:

Security issues:

• Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. (link)
• Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. (link)

General comments:

• In pb_protocol_data_dir, the one-time migration uses legacy.rename(new_root) without error handling; consider wrapping this in a try/except and falling back to a safer strategy (e.g., copy + remove) to avoid failures on cross-filesystem moves or permission issues during startup.
• The migration guard _migrated is process-local; if multiple processes start concurrently they may race on the pallas_protocol → pb_protocol rename—if this is a concern, you may want to add a filesystem-level guard (e.g., presence of the new dir or a lock file) to make the operation robust across processes.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- In `pb_protocol_data_dir`, the one-time migration uses `legacy.rename(new_root)` without error handling; consider wrapping this in a try/except and falling back to a safer strategy (e.g., copy + remove) to avoid failures on cross-filesystem moves or permission issues during startup.
- The migration guard `_migrated` is process-local; if multiple processes start concurrently they may race on the `pallas_protocol` → `pb_protocol` rename—if this is a concern, you may want to add a filesystem-level guard (e.g., presence of the new dir or a lock file) to make the operation robust across processes.

## Individual Comments

### Comment 1
<location path="src/plugins/pb_protocol/data_dir.py" line_range="17-25" />
<code_context>
+_migrated = False
+
+
+def pb_protocol_data_dir(*, create: bool = True) -> Path:
+    global _migrated
+    if create and not _migrated:
+        legacy = plugin_data_dir(_LEGACY_PLUGIN, create=False)
+        new_root = plugin_data_dir(_CURRENT_PLUGIN, create=False)
+        if legacy.is_dir() and not new_root.exists():
+            legacy.rename(new_root)
+        _migrated = True
+    return plugin_data_dir(_CURRENT_PLUGIN, create=create)
</code_context>
<issue_to_address>
**issue (bug_risk):** Guard the legacy→current data dir rename against cross-process races

This migration is only guarded by the process-local `_migrated` flag. With multiple concurrent processes, more than one can see `legacy.is_dir()` and `not new_root.exists()` as true and attempt `legacy.rename(new_root)`, causing a `FileNotFoundError`/`OSError` and failing startup.

Please make the rename resilient to this race, e.g. by wrapping it in `try`/`except` for `FileNotFoundError`/`OSError` (only treating unexpected errors as fatal), or by re-checking `legacy.exists()` in a small try-block so concurrent migrations don’t crash the process.
</issue_to_address>

### Comment 2
<location path="src/platform/shard/data_sync.py" line_range="18-19" />
<code_context>
 _REGISTRY_FILE = "registry.json"


+def _accounts_data_dir():
+    return pb_protocol_data_dir(create=False)
+
+
</code_context>
<issue_to_address>
**question (bug_risk):** Consider whether shard data sync should also trigger protocol data dir migration

Because `_accounts_data_dir()` passes `create=False` to `pb_protocol_data_dir`, it never runs the migration logic there (which only executes when `create=True`). As a result, `_current_mtuples()` will ignore an existing legacy `pallas_protocol` accounts dir until some other code path calls `pb_protocol_data_dir(create=True)`. If shard data sync must work before the pb_protocol plugin is initialized (or in setups that only run registry syncing), consider having `_accounts_data_dir()` also trigger migration (e.g., by calling `pb_protocol_data_dir(create=True)` or via a helper that performs migration without creating a new dir).
</issue_to_address>

### Comment 3
<location path="src/console/webui/protocol_accounts.py" line_range="15" />
<code_context>
 def protocol_account_display_names() -> dict[str, str]:
     global _cached_mtime, _cached_names
-    path = plugin_data_dir("pallas_protocol") / "accounts.json"
+    path = pb_protocol_data_dir(create=False) / "accounts.json"
     if not path.is_file():
         return {}
</code_context>
<issue_to_address>
**suggestion (bug_risk):** Protocol accounts view might not see legacy pallas_protocol data without a migration trigger

Because this uses `pb_protocol_data_dir(create=False)`, the migration from `pallas_protocol` to `pb_protocol` won’t run here. If the web UI is hit before anything calls `pb_protocol_data_dir(create=True)`, the account list can appear empty even though `accounts.json` still exists in the legacy folder.

To avoid that, either call `pb_protocol_data_dir(create=True)` here so migration runs, or factor out a helper that performs a “migrate-if-legacy-exists” step (without creating a new dir when neither exists) and use that instead. This keeps behavior consistent regardless of initialization order.
</issue_to_address>

### Comment 4
<location path="tests/common/web/test_log_facets.py" line_range="11" />
<code_context>
         ("pallas_webui", "hello", True, False),
         ("other", "[pallas-webui] x", True, False),
-        ("pallas_protocol", "y", False, True),
+        ("pb_protocol", "y", False, True),
         ("x", "[pallas-protocol] z", False, True),
         ("nonebot", "plain", False, False),
</code_context>
<issue_to_address>
**suggestion (testing):** Also test that legacy pallas_protocol logger name still maps to the protocol facet

This parametrized test now only checks the new `pb_protocol` logger name, even though `nonebot_log_record_matches_http_facet` still treats both `pb_protocol` and `pallas_protocol` as protocol logs. Please add a parameter for the legacy name as well (e.g. `("pallas_protocol", "y", False, True)`) to verify the backward-compatibility behavior remains covered.
</issue_to_address>

### Comment 5
<location path="docs/FAQ.md" line_range="172" />
<code_context>
+A: **`pallasbot` 只是 Compose 服务名**，DNS 只在**同一 Compose 网络里的容器**之间有效。协议端在 **Linux Docker 模式**下用 `docker run` 起的 NapCat **默认不在**该网络里；若把客户端地址写成 **`ws://pallasbot:<PORT>/onebot/v11/ws`**（明文 WebSocket、主机填服务名），在默认桥接场景下**往往连不上**。插件会把 **主机** 改成解析后的 **`PALLAS_PROTOCOL_DOCKER_ONEBOT_HOST`**（留空时 Linux **`bridge`** 多为**默认网关 IP** 或 **`172.17.0.1`**；**`host` 网络为 `127.0.0.1`**）再写入 **`onebot*.json`**，**不会**自动替你填 `pallasbot`。一般不必为此去「取消」Compose 自定义网络；只有当你**自行**把 NapCat 做成与 Bot **同一 Compose 网络**的 service 时，才适合继续用 **`ws://pallasbot:<PORT>/onebot/v11/ws`** 这类内网写法。详见 [Docker 部署](DockerDeployment.md) 与 [`pallas_protocol` 插件说明](plugins/pb_protocol/README.md) 中「Docker 与反向 WebSocket」一节。
</code_context>
<issue_to_address>
**suggestion (typo):** Link text still uses `pallas_protocol` while pointing to `pb_protocol` docs.

The target path is correct, but the link label still says ``[`pallas_protocol` 插件说明]``. Please rename the inline code/link text to `pb_protocol` for consistency with the updated plugin name, unless you intend to keep the old name here for a specific reason.
</issue_to_address>

### Comment 6
<location path="docs/FAQ.md" line_range="172" />
<code_context>
A: **`pallasbot` 只是 Compose 服务名**，DNS 只在**同一 Compose 网络里的容器**之间有效。协议端在 **Linux Docker 模式**下用 `docker run` 起的 NapCat **默认不在**该网络里；若把客户端地址写成 **`ws://pallasbot:<PORT>/onebot/v11/ws`**（明文 WebSocket、主机填服务名），在默认桥接场景下**往往连不上**。插件会把 **主机** 改成解析后的 **`PALLAS_PROTOCOL_DOCKER_ONEBOT_HOST`**（留空时 Linux **`bridge`** 多为**默认网关 IP** 或 **`172.17.0.1`**；**`host` 网络为 `127.0.0.1`**）再写入 **`onebot*.json`**，**不会**自动替你填 `pallasbot`。一般不必为此去「取消」Compose 自定义网络；只有当你**自行**把 NapCat 做成与 Bot **同一 Compose 网络**的 service 时，才适合继续用 **`ws://pallasbot:<PORT>/onebot/v11/ws`** 这类内网写法。详见 [Docker 部署](DockerDeployment.md) 与 [`pallas_protocol` 插件说明](plugins/pb_protocol/README.md) 中「Docker 与反向 WebSocket」一节。
</code_context>
<issue_to_address>
**security (javascript.lang.security.detect-insecure-websocket):** Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.

*Source: opengrep*
</issue_to_address>

### Comment 7
<location path="docs/FAQ.md" line_range="172" />
<code_context>
A: **`pallasbot` 只是 Compose 服务名**，DNS 只在**同一 Compose 网络里的容器**之间有效。协议端在 **Linux Docker 模式**下用 `docker run` 起的 NapCat **默认不在**该网络里；若把客户端地址写成 **`ws://pallasbot:<PORT>/onebot/v11/ws`**（明文 WebSocket、主机填服务名），在默认桥接场景下**往往连不上**。插件会把 **主机** 改成解析后的 **`PALLAS_PROTOCOL_DOCKER_ONEBOT_HOST`**（留空时 Linux **`bridge`** 多为**默认网关 IP** 或 **`172.17.0.1`**；**`host` 网络为 `127.0.0.1`**）再写入 **`onebot*.json`**，**不会**自动替你填 `pallasbot`。一般不必为此去「取消」Compose 自定义网络；只有当你**自行**把 NapCat 做成与 Bot **同一 Compose 网络**的 service 时，才适合继续用 **`ws://pallasbot:<PORT>/onebot/v11/ws`** 这类内网写法。详见 [Docker 部署](DockerDeployment.md) 与 [`pallas_protocol` 插件说明](plugins/pb_protocol/README.md) 中「Docker 与反向 WebSocket」一节。
</code_context>
<issue_to_address>
**security (javascript.lang.security.detect-insecure-websocket):** Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.

*Source: opengrep*
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

suggestion (testing): 建议同时测试旧版 pallas_protocol 日志名仍能映射到 protocol 维度

当前这个参数化测试只验证了新的 pb_protocol 日志记录器名称，但 nonebot_log_record_matches_http_facet 实际上仍会将 pb_protocol 和 pallas_protocol 都视为 protocol 日志。请增加一个旧名称的参数（例如 ("pallas_protocol", "y", False, True)），以验证向后兼容的行为仍被测试覆盖。

Original comment in English

suggestion (testing): Also test that legacy pallas_protocol logger name still maps to the protocol facet

This parametrized test now only checks the new pb_protocol logger name, even though nonebot_log_record_matches_http_facet still treats both pb_protocol and pallas_protocol as protocol logs. Please add a parameter for the legacy name as well (e.g. ("pallas_protocol", "y", False, True)) to verify the backward-compatibility behavior remains covered.

[sourcery-ai]

security (javascript.lang.security.detect-insecure-websocket): 检测到不安全的 WebSocket。所有 WebSocket 连接都应使用加密的 WebSocket Secure（wss）。

Source: opengrep

Original comment in English

security (javascript.lang.security.detect-insecure-websocket): Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.

Source: opengrep

[sourcery-ai]

security (javascript.lang.security.detect-insecure-websocket): 检测到不安全的 WebSocket。所有 WebSocket 连接都应使用加密的 WebSocket Secure（wss）。

Source: opengrep

Original comment in English

security (javascript.lang.security.detect-insecure-websocket): Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.

Source: opengrep