fix(saas): P1 审计修复 — 连接池断路器 + Worker重试 + XSS防护 + 状态机SQL解析器

P1 修复内容:
- F7: health handler 连接池容量检查 (80%阈值返回503 degraded)
- F9: SSE spawned task 并发限制 (Semaphore 16 permits)
- F10: Key Pool 单次 JOIN 查询优化 (消除 N+1)
- F12: CORS panic → 配置错误
- F14: 连接池使用率计算修正 (ratio = used*100/total)
- F15: SQL 迁移解析器替换为状态机 (支持 $$, DO $body$, 存储过程)
- Worker 重试机制: 失败任务通过 mpsc channel 重新入队
- DOMPurify XSS 防护 (PipelineResultPreview)
- Admin V2: ErrorBoundary + SWR全局配置 + 请求优化

admin-v2/src/services/api-keys.ts

@@ -1,13 +1,13 @@
-import request from './request'
+import request, { withSignal } from './request'
 import type { TokenInfo, CreateTokenRequest, PaginatedResponse } from '@/types'
 
 export const apiKeyService = {
-  list: (params?: Record<string, unknown>) =>
-    request.get<PaginatedResponse<TokenInfo>>('/keys', { params }).then((r) => r.data),
+  list: (params?: Record<string, unknown>, signal?: AbortSignal) =>
+    request.get<PaginatedResponse<TokenInfo>>('/keys', withSignal({ params }, signal)).then((r) => r.data),
 
-  create: (data: CreateTokenRequest) =>
-    request.post<TokenInfo>('/keys', data).then((r) => r.data),
+  create: (data: CreateTokenRequest, signal?: AbortSignal) =>
+    request.post<TokenInfo>('/keys', data, withSignal({}, signal)).then((r) => r.data),
 
-  revoke: (id: string) =>
-    request.delete(`/keys/${id}`).then((r) => r.data),
+  revoke: (id: string, signal?: AbortSignal) =>
+    request.delete(`/keys/${id}`, withSignal({}, signal)).then((r) => r.data),
 }