fix: 端口更换 & 代码审核修复

端口:
- 服务端口 8000 → 7329
- 前端开发端口 5173 → 7330

安全:
- CORS 收紧为白名单，关闭 credentials
- SPA 路由白名单完善
- 前端 XSS 转义

可靠性:
- 时区统一为 datetime.now(timezone.utc)
- 文章入库改为内存去重 + 增量计数
- OPML 导入改为 body 参数接收
- OPML 导出 URL XML 转义
- 首次抓取改为 BackgroundTasks 异步
- articles.py HTTPException 移到顶部 import
- FTS5 异常显式日志
- FTS5 查询加引号包裹防布尔注入
- 中文摘要支持中文标点
- 去掉未使用的 hashlib import

部署:
- Dockerfile 锁 python:3.12.7-slim
- requirements 锁定具体版本
- healthcheck 不用 curl（镜像里没有）
- docker-compose 使用 .env 文件
- 新增 .env 配置文件

backend/health_checker.py

@@ -1,6 +1,7 @@
 """RSS 源健康度检测"""
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
 from typing import List, Dict
+from sqlalchemy import func
 from sqlalchemy.orm import Session
 from models import Feed, FetchLog
 
@@ -9,6 +10,7 @@ def get_feed_health(db: Session, feed_id: int = None) -> List[Dict]:
     """获取 RSS 源健康度信息
     返回每个源的健康状态详情
     """
+    now = datetime.now(timezone.utc)
     query = db.query(Feed)
     if feed_id:
         query = query.filter(Feed.id == feed_id)
@@ -22,15 +24,16 @@ def get_feed_health(db: Session, feed_id: int = None) -> List[Dict]:
 
         days_since_fetch = None
         if feed.last_fetch_at:
-            days_since_fetch = (datetime.utcnow() - feed.last_fetch_at).days
+            days_since_fetch = (now - feed.last_fetch_at).days
 
         # 获取最近 7 天抓取记录
+        week_ago = now - timedelta(days=7)
         recent_logs = db.query(FetchLog).filter(
             FetchLog.feed_id == feed.id,
-            FetchLog.created_at >= datetime.utcnow() - timedelta(days=7)
+            FetchLog.created_at >= week_ago
         ).order_by(FetchLog.created_at.desc()).limit(10).all()
 
-        health = feed.health_status()
+        health = feed.health_status(now=now)
 
         results.append({
             "id": feed.id,
@@ -76,14 +79,14 @@ def get_overall_stats(db: Session) -> Dict:
     """获取整体统计信息"""
     total_feeds = db.query(Feed).count()
     active_feeds = db.query(Feed).filter(Feed.is_active == True).count()
-    total_articles = db.query(Feed).with_entities(Feed.article_count).all()
-    total_articles_count = sum(a[0] for a in total_articles) if total_articles else 0
+    total_articles_count = db.query(func.sum(Feed.article_count)).scalar() or 0
 
     # 健康源统计
     feeds = db.query(Feed).all()
     healthy = warning = unhealthy = 0
+    now = datetime.now(timezone.utc)
     for feed in feeds:
-        status = feed.health_status()
+        status = feed.health_status(now=now)
         if status == "healthy":
             healthy += 1
         elif status == "warning":
@@ -92,8 +95,7 @@ def get_overall_stats(db: Session) -> Dict:
             unhealthy += 1
 
     # 今日抓取
-    today = datetime.utcnow().replace(hour=0, minute=0, second=0, microsecond=0)
-    from models import FetchLog
+    today = now.replace(hour=0, minute=0, second=0, microsecond=0)
     today_fetches = db.query(FetchLog).filter(FetchLog.created_at >= today).count()
     today_success = db.query(FetchLog).filter(
         FetchLog.created_at >= today, FetchLog.status == "success"