fix: 端口更换 & 代码审核修复

端口:
- 服务端口 8000 → 7329
- 前端开发端口 5173 → 7330

安全:
- CORS 收紧为白名单，关闭 credentials
- SPA 路由白名单完善
- 前端 XSS 转义

可靠性:
- 时区统一为 datetime.now(timezone.utc)
- 文章入库改为内存去重 + 增量计数
- OPML 导入改为 body 参数接收
- OPML 导出 URL XML 转义
- 首次抓取改为 BackgroundTasks 异步
- articles.py HTTPException 移到顶部 import
- FTS5 异常显式日志
- FTS5 查询加引号包裹防布尔注入
- 中文摘要支持中文标点
- 去掉未使用的 hashlib import

部署:
- Dockerfile 锁 python:3.12.7-slim
- requirements 锁定具体版本
- healthcheck 不用 curl（镜像里没有）
- docker-compose 使用 .env 文件
- 新增 .env 配置文件

backend/models.py

@@ -1,5 +1,5 @@
 """SQLAlchemy 数据模型"""
-from datetime import datetime
+from datetime import datetime, timezone
 from sqlalchemy import Column, Integer, String, Text, Boolean, DateTime, ForeignKey
 from sqlalchemy.orm import relationship
 from database import Base
@@ -25,13 +25,13 @@ class Feed(Base):
     fail_count = Column(Integer, default=0)
     article_count = Column(Integer, default=0)
 
-    created_at = Column(DateTime, default=datetime.utcnow)
+    created_at = Column(DateTime, default=lambda: datetime.now(timezone.utc))
 
     # 关联
     articles = relationship("Article", back_populates="feed", cascade="all, delete-orphan")
     fetch_logs = relationship("FetchLog", back_populates="feed", cascade="all, delete-orphan")
 
-    def health_status(self):
+    def health_status(self, now: datetime = None):
         """计算健康度
         🟢 健康: 成功率 >= 90%, 最近7天有更新
         🟡 警告: 成功率 50%-90%, 或超过3天未更新
@@ -43,9 +43,12 @@ class Feed(Base):
 
         success_rate = self.success_count / total
 
+        if now is None:
+            now = datetime.now(timezone.utc)
+
         days_since_last_fetch = None
         if self.last_fetch_at:
-            days_since_last_fetch = (datetime.utcnow() - self.last_fetch_at).days
+            days_since_last_fetch = (now - self.last_fetch_at).days
 
         if success_rate >= 0.9 and (days_since_last_fetch is None or days_since_last_fetch <= 7):
             return "healthy"
@@ -68,7 +71,7 @@ class Article(Base):
     content = Column(Text, default="")
     summary = Column(Text, default="")
     is_read = Column(Boolean, default=False)
-    created_at = Column(DateTime, default=datetime.utcnow, index=True)
+    created_at = Column(DateTime, default=lambda: datetime.now(timezone.utc), index=True)
 
     # 关联
     feed = relationship("Feed", back_populates="articles")
@@ -84,7 +87,7 @@ class FetchLog(Base):
     articles_fetched = Column(Integer, default=0)
     error_message = Column(Text, default="")
     response_time_ms = Column(Integer, nullable=True)
-    created_at = Column(DateTime, default=datetime.utcnow, index=True)
+    created_at = Column(DateTime, default=lambda: datetime.now(timezone.utc), index=True)
 
     # 关联
     feed = relationship("Feed", back_populates="fetch_logs")