v1.28.2

Merge pull request #244 from origami-owo/v2

.github/workflows/build-image-for-test.yml

@@ -0,0 +1,79 @@
+name: build-image-for-test
+on:
+  push:
+    branches: ['v2-dev']
+    paths:
+      - "build-dev.trigger"
+
+#  schedule:
+#    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
+#    - cron: '17 19 * * *'
+permissions:
+  contents: read
+
+jobs:
+  build-certd-image:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: v2-dev
+
+      - name: get_certd_version
+        id: get_certd_version
+        uses: actions/github-script@v6
+        with:
+          result-encoding: string
+          script: |
+            const fs = require('fs');
+            const path = require('path');
+            const pnpmWorkspace = "./pnpm-workspace.yaml";
+            fs.unlinkSync(pnpmWorkspace)
+            const jsonFilePath = "./packages/ui/certd-server/package.json";
+            const jsonContent = fs.readFileSync(jsonFilePath, 'utf-8');
+            const pkg = JSON.parse(jsonContent)
+            console.log("certd_version:",pkg.version);
+            return pkg.version
+#      - name: Use Node.js
+#        uses: actions/setup-node@v4
+#        with:
+#          node-version: 18
+#          cache: 'npm'
+#        working-directory: ./packages/ui/certd-client
+      - run: |
+          npm install -g pnpm@8.15.7
+          pnpm install
+          npm run build
+        working-directory: ./packages/ui/certd-client
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to aliyun container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: registry.cn-shenzhen.aliyuncs.com
+          username: ${{ secrets.aliyun_cs_username }}
+          password: ${{ secrets.aliyun_cs_password }}
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.dockerhub_username }}
+          password: ${{ secrets.dockerhub_password }}
+
+      - name: Build default platforms
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          context: ./packages/ui/
+          tags: |
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-dev:latest
+            greper/certd-dev:latest
+

.github/workflows/build-image.yml

@@ -17,6 +17,9 @@ jobs:
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          lfs: true
 
       - name: get_certd_version
         id: get_certd_version
@@ -76,17 +79,17 @@ jobs:
             greper/certd:latest
             greper/certd:${{steps.get_certd_version.outputs.result}}
 
-      - name: Build armv7
-        uses: docker/build-push-action@v6
-        with:
-          platforms: linux/arm/v7
-          push: true
-          context: ./packages/ui/
-          tags: |
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
-            greper/certd:armv7
-            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
+#      - name: Build armv7
+#        uses: docker/build-push-action@v6
+#        with:
+#          platforms: linux/arm/v7
+#          push: true
+#          context: ./packages/ui/
+#          tags: |
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
+#            greper/certd:armv7
+#            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
 
       - name: Build agent
         uses: docker/build-push-action@v6

.github/workflows/deploy-demo.yml

@@ -2,8 +2,8 @@ name: deploy-demo
 on:
   push:
     branches: ['v2-dev']
-#    paths:
-#      - "deploy.trigger"
+    paths:
+      - "deploy.trigger"
   workflow_run:
     workflows: [ "build-image" ]
     types:
@@ -21,6 +21,9 @@ jobs:
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: v2-dev
       - name: get_certd_version
         id: get_certd_version
         uses: actions/github-script@v6
@@ -56,6 +59,8 @@ jobs:
         with:
           url: http://flow-openapi.aliyun.com/pipeline/webhook/IiSxLDp9aOhgDUxJPytv
           method: POST
+          body: |
+            {}
           headers: |
             Content-Type: application/json
           retry-count: 3

.github/workflows/sync-to-gitee-dev.yml

@@ -13,9 +13,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          lfs: true
       - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
         run: |
           git config --global user.name "xiaojunnuo"

.github/workflows/sync-to-gitee.yml

@@ -13,9 +13,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          lfs: true
       - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
         run: |
           git config --global user.name "xiaojunnuo"

.gitignore

@@ -29,3 +29,5 @@ test/**/*.js
 /packages/ui/certd-server/data/db.sqlite
 /packages/ui/certd-server/data/keys.yaml
 /packages/pro/
+
+test.js

.npmrc

@@ -1,2 +1,2 @@
-link-workspace-packages=true
+link-workspace-packages=deep
 prefer-workspace-packages=true

CHANGELOG.md

@@ -3,6 +3,207 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Bug Fixes
+
+* 修复创建流水线通知设置无效的bug ([498cf34](https://github.com/certd/certd/commit/498cf34999fddfa24ce088e2e678469fa669abb8))
+* 修复流水线分组可以被所有人看见的bug ([a0e838d](https://github.com/certd/certd/commit/a0e838d1eec918e5dc92fe95dc72ac14facb930e))
+
+### Performance Improvements
+
+* 优化数据表索引 ([228fdf0](https://github.com/certd/certd/commit/228fdf0a0d28013f5dd156a97bbde80537e8e97e))
+* 支持mysql ([7cde1fd](https://github.com/certd/certd/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Bug Fixes
+
+* 修复cname排查方法 nslookup命令显示黑色的问题 ([3dfeeec](https://github.com/certd/certd/commit/3dfeeec899d7d0d7292695ce410f78548e076c03))
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+* 新增server酱3通知 ([6aa4872](https://github.com/certd/certd/commit/6aa487269c9f6862e188b37a0d6c73f79c937d94))
+* 支持邀请奖励 ([618ec93](https://github.com/certd/certd/commit/618ec937866b24ebcf8164db43acb1ed66a5b329))
+* 支持易发云短信 ([94fa77f](https://github.com/certd/certd/commit/94fa77fcd2b9bea294fb05736c0d8cdc81f56103))
+* cname value优化 ([e8c9c2a](https://github.com/certd/certd/commit/e8c9c2a47d47048ae743b16f7bc932dbe18a89e9))
+* favicon支持自定义 ([8b9c47d](https://github.com/certd/certd/commit/8b9c47daf194515006689a212ae9cf586bdf5993))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Bug Fixes
+
+* 修复自定义webhook contextType的bug ([7e5ea0c](https://github.com/certd/certd/commit/7e5ea0cee003acda952d922ca70592f1e8a2ed80))
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 部署到IIS插件 ([1534f45](https://github.com/certd/certd/commit/1534f4523633265d219d7b3a249a9ea1af99c512))
+* 登录失败增加重试次数限制及冷却时间 ([954b6df](https://github.com/certd/certd/commit/954b6df3608695fe074130f8149a33e311d80cc4))
+* 流水线支持批量修改分组，批量删除 ([a847e66](https://github.com/certd/certd/commit/a847e66c4fc843b98f1520b2b8072d3586ce8b81))
+* 取消docker-compose的dns配置 ([87bbf6f](https://github.com/certd/certd/commit/87bbf6f14080b9fa287c250d7fc4d33279c83ff7))
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化七牛云cdn，获取域名列表可以选择 ([5a20242](https://github.com/certd/certd/commit/5a20242111d6bd255b25dac86fe1f062c8543096))
+* 优化七牛云cdn部署，保持http2和forceHttp设置，当未开启https时，主动开启https ([196f7d9](https://github.com/certd/certd/commit/196f7d9dc23d7dd96b663c686542e85270b81aef))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+* 支持威联通证书部署 ([0d8913e](https://github.com/certd/certd/commit/0d8913ea2f56fdebbcc9bb207eae59e8ddbb8cad))
+* 自定义webhook显示详细的错误信息 ([3254afc](https://github.com/certd/certd/commit/3254afc75640eed3729d0fc02a818fefbe5c7fc3))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+### Performance Improvements
+
+* 通知支持自定义webhook、anpush、iyuu、server酱 ([cbccd9e](https://github.com/certd/certd/commit/cbccd9e3d0a4c24aba772af62734666d40b22c57))
+* 通知支持vocechat、bark、telegram、discord、slack ([642f57f](https://github.com/certd/certd/commit/642f57ff6d7152a9e14f59c7fc0e32a6b1751fb7))
+
+## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package root
+
+## [1.27.7](https://github.com/certd/certd/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+### Bug Fixes
+
+* 修复关键字查询bug ([fab6660](https://github.com/certd/certd/commit/fab66606b35a540fac31fee902331ba1ffdebc16))
+* 修复CNAME时子域名级数超出限制的问题 ([3af6d96](https://github.com/certd/certd/commit/3af6d96e6e353c9b2111cff81679b79c55195a0a))
+
+### Performance Improvements
+
+* 谷歌EAB绑定邮箱改成必填 ([81a8123](https://github.com/certd/certd/commit/81a8123725d7bf4bd6a32a64a066bd760b7b6a7f))
+* 华为云密钥获取提示及访问链接 ([de43391](https://github.com/certd/certd/commit/de43391e4c12dc3ad976f8fa8787f4eb70a41e75))
+* 通知管理 ([d9a00ee](https://github.com/certd/certd/commit/d9a00eeaf72735ced67c59d7983d84e3c730064a))
+* 通知渠道支持测试按钮 ([b54ae27](https://github.com/certd/certd/commit/b54ae272ebc2d31b32b049d44e2299a6be7f153c))
+* 优化插件开发，dnsProvider无需写http logger 变量 ([fcbb5e4](https://github.com/certd/certd/commit/fcbb5e46a112174150a62648319b8224fce3b7ed))
+* 支持部署到阿里云WAF ([c96fcb7](https://github.com/certd/certd/commit/c96fcb7afced979435cffa73591275008033c90d))
+* 支持企业微信群聊机器人通知 ([b805a29](https://github.com/certd/certd/commit/b805a2925984144a31575b8aaa622f0c30d41b56))
+
+## [1.27.6](https://github.com/certd/certd/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+### Bug Fixes
+
+* .env 读取 \r 问题 ([0e33dfa](https://github.com/certd/certd/commit/0e33dfa019a55ea76193c428ec756af386adeb9d))
+* 修复vip试用secret报错的bug ([018dee6](https://github.com/certd/certd/commit/018dee6c383233560f078dfd30f6c2857a7e15ee))
+
+### Performance Improvements
+
+* 当步骤全部都禁用时，任务本身显示删除线 ([9ab9a6e](https://github.com/certd/certd/commit/9ab9a6e8b083e19793894f23e59f29c604ec98e5))
+
+## [1.27.5](https://github.com/certd/certd/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+### Bug Fixes
+
+* 修复1Panel面板本身证书更新导致判定执行失败的问题 ([2689e6d](https://github.com/certd/certd/commit/2689e6d6c03aba21da90d5d45232c6ba08696be1))
+* 修复角色无法删除的bug ([66629a5](https://github.com/certd/certd/commit/66629a591aecc2d8364ea415c7afc3f9d0406562))
+* 修复Cname情况下，无法使用DNS类型的bug ([26dad39](https://github.com/certd/certd/commit/26dad399d5768b3205da099ddc11809aef7d6224))
+
+### Performance Improvements
+
+* 日志查看自动滚动到底部 ([4a2f7eb](https://github.com/certd/certd/commit/4a2f7ebf87b7c027cebff7cb763f8f35f6d2aa36))
+* 系统设置中的代理设置优化为可全局生效，环境变量中的https_proxy设置将无效 ([381a37f](https://github.com/certd/certd/commit/381a37fbaa6b61c887eda743897ae00afb825bdf))
+* 新手导航在非编辑模式下不显示 ([18bfcc2](https://github.com/certd/certd/commit/18bfcc24ad0bde57bb04db8a4209861ec6b8ff1d))
+* 优化腾讯云 cloudflare 重复解析记录时的返回值 ([90d1b68](https://github.com/certd/certd/commit/90d1b68bd6cf232fbe085234efe07d29b7690044))
+* 支持namesilo ([80159ec](https://github.com/certd/certd/commit/80159ecca895103d0495f3217311199e66056572))
+* 专业版试用，无需绑定账号 ([c7c4318](https://github.com/certd/certd/commit/c7c4318c11b65a76089787aa58939832d338a232))
+
+## [1.27.4](https://github.com/certd/certd/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+### Bug Fixes
+
+* 修复未设置pfx密码，导致jks转换报错的bug ([c3cfbd8](https://github.com/certd/certd/commit/c3cfbd8474155aed4379f91075de37d5d8c73ef0))
+
+### Performance Improvements
+
+* 公共cname服务支持关闭 ([f4ae512](https://github.com/certd/certd/commit/f4ae5125dc4cd97816976779cb3586b5ee78947e))
+
+## [1.27.3](https://github.com/certd/certd/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+### Bug Fixes
+
+* 修复偶发性cname一直验证超时的bug ([d2ce72e](https://github.com/certd/certd/commit/d2ce72e4aaacdf726ba8b91fcd71db40a27714ba))
+* 修复邮件配置，忽略证书校验设置不生效的bug ([66a9690](https://github.com/certd/certd/commit/66a9690dc958732e1b3c672d965db502296446f9))
+* 修复ipv6未开启情况下，请求带有ipv6地址域名报ETIMEDOUT的bug ([a9a0967](https://github.com/certd/certd/commit/a9a0967a6f1d0bd27e69f3ec52c31d90d470bc23))
+
+### Performance Improvements
+
+* 修复站点个性化，浏览器标题没有生效的bug ([bcfac02](https://github.com/certd/certd/commit/bcfac02c96ceaf23d1a0b05b48d8047da933beaf))
+* 优化上传到主机插 路径选择，根据证书格式显示 ([8c3f86c](https://github.com/certd/certd/commit/8c3f86c6909ed91f48bb2880e78834e22f6f6a29))
+* 支持jks ([889eaae](https://github.com/certd/certd/commit/889eaaea92818f628b922dae540c026630611707))
+* ipv6支持 ([da6ac16](https://github.com/certd/certd/commit/da6ac1626b3574be2fabeeb18a1f10d60bdcbe49))
+
+## [1.27.2](https://github.com/certd/certd/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+### Bug Fixes
+
+* 修复某些容器管理ui无法识别端口列表的bug ([576e60a](https://github.com/certd/certd/commit/576e60a2b52315909e659d2a58cf98b130e69e6f))
+* 修复删除腾讯云过期证书时间判断上的bug，导致已过期仍然没有删除证书 ([1ba1007](https://github.com/certd/certd/commit/1ba10072615015d91b81fc56a3b01dae6a2ae9d1))
+
+### Performance Improvements
+
+* 优化部署到阿里云CDN插件，支持多域名，更易用 ([80c500f](https://github.com/certd/certd/commit/80c500f618b169a1f64c57fe442242a4d0d9d833))
+* 优化流水线页面切换回来不丢失查询条件 ([4dcf6e8](https://github.com/certd/certd/commit/4dcf6e87bc5f7657ce8a56c5331e8723a0fee8ee))
+* 支持公共cname服务 ([3c919ee](https://github.com/certd/certd/commit/3c919ee5d1aef5d26cf3620a7c49d920786bc941))
+* 执行历史支持点击查看流水线详情 ([8968639](https://github.com/certd/certd/commit/89686399f90058835435b92872fc236fac990148))
+* 专业版7天试用 ([c58250e](https://github.com/certd/certd/commit/c58250e1f065a9bd8b4e82acc1df754504c0010c))
+
+## [1.27.1](https://github.com/certd/certd/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+### Bug Fixes
+
+* 修复头像没有更新的bug ([9b4a31f](https://github.com/certd/certd/commit/9b4a31fa6a32b9cab2e22bd141cf96ca29120445))
+
+### Performance Improvements
+
+* 禁止页面缓存，点击tab页签可以刷新数据 ([7ad4b55](https://github.com/certd/certd/commit/7ad4b55ee000c1dd0747832b11107f32b0ffb889))
+* 优化时间选择器，自动填写分钟和秒钟 ([396dc34](https://github.com/certd/certd/commit/396dc34a841c7d016b033736afdba8366fb2d211))
+* cname 域名映射记录可读性优化 ([b1117ed](https://github.com/certd/certd/commit/b1117ed54a3ef015752999324ff72b821ef5e4b9))
+
+# [1.27.0](https://github.com/certd/certd/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+### Bug Fixes
+
+* 修复历史记录不能按名称查询的bug ([6113c38](https://github.com/certd/certd/commit/6113c388b7fc58b11ca19ff05cc1286d096c8d28))
+* pfx兼容windows server 2016 ([e5e468a](https://github.com/certd/certd/commit/e5e468a463f66d02f235de54b7c1e09ace5f1cb1))
+
+### Features
+
+* 首页全新改版 ([63ec5b5](https://github.com/certd/certd/commit/63ec5b5519c760a3330569c0da6dac157302a330))
+
+### Performance Improvements
+
+* 管理控制台数据统计 ([babd589](https://github.com/certd/certd/commit/babd5897ae013ff7c04ebfcbfac8a00d84dd627c))
+* 增加向导 ([6d9ef26](https://github.com/certd/certd/commit/6d9ef26ecab71d752c2c55d75aed4fb5f6c05a39))
+* lego 升级到 4.19.2 ([129bf53](https://github.com/certd/certd/commit/129bf53edc9bbb001fe49fbd7e239bd1d09cc128))
+
+## [1.26.16](https://github.com/certd/certd/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+### Bug Fixes
+
+* 修复lego No help topic for 错误 ([aaaf8d7](https://github.com/certd/certd/commit/aaaf8d7db34896cf8f2ff8f12eec1ab0cae58f0f))
+
+### Performance Improvements
+
+* 支持白山云cdn部署 ([b1b2cd0](https://github.com/certd/certd/commit/b1b2cd088b684eda764962abd61754c26a204d1c))
+* 支持华为云cdn ([81a3fdb](https://github.com/certd/certd/commit/81a3fdbc29b71f380762008cc151493ec97458f9))
+
+## [1.26.15](https://github.com/certd/certd/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+### Bug Fixes
+
+* 顶部菜单变...的bug ([6dabad7](https://github.com/certd/certd/commit/6dabad76baba96be0f8af36a3fbfb9f5182aecf1))
+
+### Performance Improvements
+
+* 默认证书更新时间设置为35天，增加腾讯云删除过期证书插件，可以避免腾讯云过期证书邮件 ([51b6fed](https://github.com/certd/certd/commit/51b6fed468eaa6f28ce4497ce303ace1a52abb96))
+* 授权加密支持解密查看 ([5575c83](https://github.com/certd/certd/commit/5575c839705f6987ad2bdcd33256b0962c6a9c6a))
+* 重置管理员密码同时启用管理员账户，避免之前禁用了，重置密码还是登录不进去 ([f92d918](https://github.com/certd/certd/commit/f92d918a1e28e29b794ad4754661ea760c18af46))
+
 ## [1.26.14](https://github.com/certd/certd/compare/v1.26.13...v1.26.14) (2024-10-26)
 
 ### Bug Fixes

README.md

@@ -5,15 +5,14 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 
-
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
 * 全自动申请证书（支持所有注册商注册的域名）
 * 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持30+部署插件）
-* 支持通配符域名/泛域名，支持多个域名打到一个证书上
+* 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
 * 邮件通知
-* 私有化部署，保障数据安全
+* 私有化部署，数据保存本地，镜像由Github Actions构建，过程公开透明
 * 支持sqlite，postgresql数据库
 
 
@@ -23,30 +22,42 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系
 
 官方Demo地址，自助注册后体验    
 
-https://certd.handsfree.work/
+https://certd.handfree.work/
 
 > 注意数据将不定期清理，不定期停止定时任务，生产使用请自行部署    
 > 包含敏感信息，务必自己本地部署进行生产使用
 
+![首页](./docs/images/start/home.png)
+
 ## 三、使用教程
 
-更多教程请访问文档网站 [certd.docmirror.cn](https://certd.docmirror.cn/)
+仅需3步，让你的证书永不过期
 
+### 1. 创建证书流水线
+![演示](packages/ui/certd-client/public/static/doc/images/1-add.png)
 
-本案例演示，如何配置自动申请证书，并部署到阿里云CDN，然后快要到期前自动更新证书并重新部署     
+> 添加成功后，就可以直接运行流水线申请证书了
 
-![演示](packages/ui/certd-client/public/static/doc/images/5-view.png)
-![演示](packages/ui/certd-client/public/static/doc/images/9-start.png)
-![演示](packages/ui/certd-client/public/static/doc/images/10-1-log.png)
+### 2. 添加部署任务
+当然我们一般需要把证书部署到应用上，certd支持海量的部署插件，您可以根据自身实际情况进行选择，比如部署到Nginx、阿里云、腾讯云、K8S、CDN、宝塔、1Panel等等
+
+此处演示部署证书到主机的nginx上    
+![演示](packages/ui/certd-client/public/static/doc/images/5-1-add-host.png)
+
+如果目前的部署插件都无法满足，您也可以手动下载，然后自行部署   
 ![演示](packages/ui/certd-client/public/static/doc/images/13-3-download.png)
-![演示](packages/ui/certd-client/public/static/doc/images/13-1-result.png)
+
+### 3. 定时运行
+![演示](packages/ui/certd-client/public/static/doc/images/12-1-log-success.png)
+
 
 ↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓      
 -------> [点我查看详细使用步骤演示](./step.md)   <--------      
 ↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑     
 
-当前支持的部署插件列表
-![演示](./docs/images/plugins/list.png)
+更多教程请访问文档网站 [certd.docmirror.cn](https://certd.docmirror.cn/)
+
+
 
 ## 四、私有化部署
 
@@ -54,10 +65,10 @@ https://certd.handsfree.work/
 
 您可以根据实际情况从如下方式中选择一种方式进行私有化部署：
 
-1. [宝塔面板方式部署](./install/baota/)
-2. [1Panel面板方式部署](./install/1panel/)
-2. [Docker方式部署](./install/docker/)
-3. [源码方式部署](./install/source/)
+1. [宝塔面板方式部署](https://certd.docmirror.cn/guide/install/docker/)
+2. [1Panel面板方式部署](https://certd.docmirror.cn/guide/install/1panel/)
+3. [Docker方式部署](https://certd.docmirror.cn/guide/install/docker/)
+4. [源码方式部署](https://certd.docmirror.cn/guide/install/source/)
 
 #### Docker镜像说明：
 * 国内镜像地址:
@@ -104,7 +115,7 @@ docker compose up -d
   * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
   * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
 * 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
-* 设置每天自动运行，当证书过期前20天，会自动重新申请证书并部署
+* 设置每天自动运行，当证书过期前35天，会自动重新申请证书并部署
 
 
 ## 七、不同平台的设置说明
@@ -155,7 +166,7 @@ https://afdian.com/a/greper
 
 ## 十一、贡献代码
 
-1. 本地开发 [贡献插件教程](https://certd.docmirror.cn/guide/development/)
+1. 本地开发 [贡献插件](https://certd.docmirror.cn/guide/development/)
 2. 作为贡献者，代表您同意您贡献的代码如下许可：
    1. 可以调整开源协议以使其更严格或更宽松。
    2. 可以用于商业用途。
@@ -164,7 +175,7 @@ https://afdian.com/a/greper
 
 ## 十二、 开源许可
 * 本项目遵循 GNU Affero General Public License（AGPL）开源协议。   
-* 允许个人和公司使用、复制、修改和分发本项目，禁止任何形式的商业用途 
+* 允许个人和公司内部自由使用、复制、修改和分发本项目，未获得商业授权情况下禁止任何形式的商业用途 
 * 未获得商业授权情况下，禁止任何对logo、版权信息及授权许可相关代码的修改。
 * 如需商业授权，请联系作者。
 

build-dev.trigger

@@ -0,0 +1 @@
+1

build.trigger

@@ -1 +1 @@
-20:31
+01:55

docker/run/docker-compose.yaml

@@ -11,42 +11,56 @@ services:
     ports: # 端口映射
       #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号
       - "7001:7001"
-      #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露相关服务端口
+      #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露该端口
       - "7002:7002"
-    dns:
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND等错误，可以尝试修改或注释dns配置
-      - 223.5.5.5
-      - 223.6.6.6
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果你服务器部署在国外，可以用8.8.8.8替换上面的dns
-#      - 8.8.8.8
+    #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND错误，可以尝试设置dns
+#    dns:
+#      - 223.5.5.5      # 阿里云公共dns
+#      - 223.6.6.6
+#       # ↓↓↓↓ --------------------------------------------------------- 如果你服务器在腾讯云，可以用这个替换上面阿里云的公共dns
+#      - 119.29.29.29  # 腾讯云公共dns
+#      - 182.254.116.116
+#       # ↓↓↓↓ --------------------------------------------------------- 如果你服务器部署在国外，可以用这个替换上面阿里云的公共dns
+#      - 8.8.8.8       # 谷歌公共dns
 #      - 8.8.4.4
 #    extra_hosts:
-      #  ↓↓↓↓ ---------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
+#        # ↓↓↓↓ -------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
 #      - "localdomain.comm:192.168.1.3"
-    environment: # 环境变量
-      - TZ=Asia/Shanghai
-      # 设置环境变量即可自定义certd配置
-      # 配置项见： packages/ui/certd-server/src/config/config.default.ts
-      # 配置规则： certd_ + 配置项, 点号用_代替
 
-                           #  ↓↓↓↓  ------------------------------------ 这里可以设置http代理
-      #- HTTPS_PROXY=http://xxxxxx:xx
-      #- HTTP_PROXY=http://xxxxxx:xx
-      #                               ↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
+    environment:
+#     设置环境变量即可自定义certd配置
+#     配置项见： packages/ui/certd-server/src/config/config.default.ts
+#     配置规则： certd_ + 配置项, 点号用_代替
+#                                    #↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
       - certd_system_resetAdminPasswd=false
-      #                                  ↓↓↓↓ -------------------------- 如果设置为true，启动后所有配置了cron的流水线任务都将被立即触发一次
-      - certd_cron_immediateTriggerOnce=false
-      #                            ↓↓↓↓ -------------------------------- 配置证书和key，则表示https方式启动，使用https协议访问，https://your.domain:7001
-      #- certd_koa_key=./data/ssl/cert.key
-      #- certd_koa_cert=./data/ssl/cert.crt
+#                                    #↓↓↓↓ ----------------------------- 使用postgresql数据库，需要提前创建数据库
+#      - certd_flyway_scriptDir=./db/migration-pg                        # 升级脚本目录
+#      - certd_typeorm_dataSource_default_type=postgres                  # 数据库类型
+#      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+#      - certd_typeorm_dataSource_default_port=5433                      # 数据库端口
+#      - certd_typeorm_dataSource_default_username=postgres              # 用户名
+#      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+#      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
 
-      #                             ↓↓↓↓ ------------------------------- 使用postgresql数据库
-#      - certd_flyway_scriptDir=./db/migration-pg               # 升级脚本目录
-#      - certd_typeorm_dataSource_default_type=postgres         # 数据库类型
-#      - certd_typeorm_dataSource_default_host=localhost        # 数据库地址
-#      - certd_typeorm_dataSource_default_port=5433             # 数据库端口
-#      - certd_typeorm_dataSource_default_username=postgres     # 用户名
-#      - certd_typeorm_dataSource_default_password=yourpasswd   # 密码
-#      - certd_typeorm_dataSource_default_database=certd        # 数据库名
+#                                    #↓↓↓↓ ----------------------------- 使用mysql数据库，需要提前创建数据库 charset=utf8mb4, collation=utf8mb4_bin
+#      - certd_flyway_scriptDir=./db/migration-mysql                     # 升级脚本目录
+#      - certd_typeorm_dataSource_default_type=mysql                     # 数据库类型， 或者 mariadb
+#      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+#      - certd_typeorm_dataSource_default_port=3306                      # 数据库端口
+#      - certd_typeorm_dataSource_default_username=root                  # 用户名
+#      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+#      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
 
 
+
+
+
+#    #↓↓↓↓ ------------------------------------------------------------- 启用ipv6网络
+#    networks:
+#      - ip6net
+#networks:
+#  ip6net:
+#    enable_ipv6: true
+#    ipam:
+#      config:
+#        - subnet: 2001:db8::/64

docs/.vitepress/config.ts

@@ -57,7 +57,7 @@ export default defineConfig({
     nav: [
       { text: "首页", link: "/" },
       { text: "指南", link: "/guide/" },
-      { text: "Demo体验", link: "https://certd.handsfree.work" }
+      { text: "Demo体验", link: "https://certd.handfree.work" }
     ],
     sidebar: {
       "/guide/": [
@@ -98,6 +98,9 @@ export default defineConfig({
             { text: "忘记密码", link: "/guide/use/forgotpasswd/" },
             { text: "数据备份", link: "/guide/use/backup/" },
             { text: "Certd本身的证书更新", link: "/guide/use/https/index.md" },
+            { text: "js脚本插件使用", link: "/guide/use/custom-script/index.md" },
+            { text: "邮箱配置", link: "/guide/use/email/index.md" },
+            { text: "IPv6支持", link: "/guide/use/setting/ipv6.md" },
             { text: "如何贡献代码", link: "/guide/development/index.md" },
           ]
         },

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,272 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Bug Fixes
+
+* 修复cname排查方法 nslookup命令显示黑色的问题 ([3dfeeec](https://github.com/certd/certd/commit/3dfeeec899d7d0d7292695ce410f78548e076c03))
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+* 新增server酱3通知 ([6aa4872](https://github.com/certd/certd/commit/6aa487269c9f6862e188b37a0d6c73f79c937d94))
+* 支持邀请奖励 ([618ec93](https://github.com/certd/certd/commit/618ec937866b24ebcf8164db43acb1ed66a5b329))
+* 支持易发云短信 ([94fa77f](https://github.com/certd/certd/commit/94fa77fcd2b9bea294fb05736c0d8cdc81f56103))
+* cname value优化 ([e8c9c2a](https://github.com/certd/certd/commit/e8c9c2a47d47048ae743b16f7bc932dbe18a89e9))
+* favicon支持自定义 ([8b9c47d](https://github.com/certd/certd/commit/8b9c47daf194515006689a212ae9cf586bdf5993))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Bug Fixes
+
+* 修复自定义webhook contextType的bug ([7e5ea0c](https://github.com/certd/certd/commit/7e5ea0cee003acda952d922ca70592f1e8a2ed80))
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 部署到IIS插件 ([1534f45](https://github.com/certd/certd/commit/1534f4523633265d219d7b3a249a9ea1af99c512))
+* 登录失败增加重试次数限制及冷却时间 ([954b6df](https://github.com/certd/certd/commit/954b6df3608695fe074130f8149a33e311d80cc4))
+* 流水线支持批量修改分组，批量删除 ([a847e66](https://github.com/certd/certd/commit/a847e66c4fc843b98f1520b2b8072d3586ce8b81))
+* 取消docker-compose的dns配置 ([87bbf6f](https://github.com/certd/certd/commit/87bbf6f14080b9fa287c250d7fc4d33279c83ff7))
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化七牛云cdn，获取域名列表可以选择 ([5a20242](https://github.com/certd/certd/commit/5a20242111d6bd255b25dac86fe1f062c8543096))
+* 优化七牛云cdn部署，保持http2和forceHttp设置，当未开启https时，主动开启https ([196f7d9](https://github.com/certd/certd/commit/196f7d9dc23d7dd96b663c686542e85270b81aef))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+* 支持威联通证书部署 ([0d8913e](https://github.com/certd/certd/commit/0d8913ea2f56fdebbcc9bb207eae59e8ddbb8cad))
+* 自定义webhook显示详细的错误信息 ([3254afc](https://github.com/certd/certd/commit/3254afc75640eed3729d0fc02a818fefbe5c7fc3))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+### Performance Improvements
+
+* 通知支持自定义webhook、anpush、iyuu、server酱 ([cbccd9e](https://github.com/certd/certd/commit/cbccd9e3d0a4c24aba772af62734666d40b22c57))
+* 通知支持vocechat、bark、telegram、discord、slack ([642f57f](https://github.com/certd/certd/commit/642f57ff6d7152a9e14f59c7fc0e32a6b1751fb7))
+
+## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package root
+
+## [1.27.7](https://github.com/certd/certd/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+### Bug Fixes
+
+* 修复关键字查询bug ([fab6660](https://github.com/certd/certd/commit/fab66606b35a540fac31fee902331ba1ffdebc16))
+* 修复CNAME时子域名级数超出限制的问题 ([3af6d96](https://github.com/certd/certd/commit/3af6d96e6e353c9b2111cff81679b79c55195a0a))
+
+### Performance Improvements
+
+* 谷歌EAB绑定邮箱改成必填 ([81a8123](https://github.com/certd/certd/commit/81a8123725d7bf4bd6a32a64a066bd760b7b6a7f))
+* 华为云密钥获取提示及访问链接 ([de43391](https://github.com/certd/certd/commit/de43391e4c12dc3ad976f8fa8787f4eb70a41e75))
+* 通知管理 ([d9a00ee](https://github.com/certd/certd/commit/d9a00eeaf72735ced67c59d7983d84e3c730064a))
+* 通知渠道支持测试按钮 ([b54ae27](https://github.com/certd/certd/commit/b54ae272ebc2d31b32b049d44e2299a6be7f153c))
+* 优化插件开发，dnsProvider无需写http logger 变量 ([fcbb5e4](https://github.com/certd/certd/commit/fcbb5e46a112174150a62648319b8224fce3b7ed))
+* 支持部署到阿里云WAF ([c96fcb7](https://github.com/certd/certd/commit/c96fcb7afced979435cffa73591275008033c90d))
+* 支持企业微信群聊机器人通知 ([b805a29](https://github.com/certd/certd/commit/b805a2925984144a31575b8aaa622f0c30d41b56))
+
+## [1.27.6](https://github.com/certd/certd/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+### Bug Fixes
+
+* .env 读取 \r 问题 ([0e33dfa](https://github.com/certd/certd/commit/0e33dfa019a55ea76193c428ec756af386adeb9d))
+* 修复vip试用secret报错的bug ([018dee6](https://github.com/certd/certd/commit/018dee6c383233560f078dfd30f6c2857a7e15ee))
+
+### Performance Improvements
+
+* 当步骤全部都禁用时，任务本身显示删除线 ([9ab9a6e](https://github.com/certd/certd/commit/9ab9a6e8b083e19793894f23e59f29c604ec98e5))
+
+## [1.27.5](https://github.com/certd/certd/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+### Bug Fixes
+
+* 修复1Panel面板本身证书更新导致判定执行失败的问题 ([2689e6d](https://github.com/certd/certd/commit/2689e6d6c03aba21da90d5d45232c6ba08696be1))
+* 修复角色无法删除的bug ([66629a5](https://github.com/certd/certd/commit/66629a591aecc2d8364ea415c7afc3f9d0406562))
+* 修复Cname情况下，无法使用DNS类型的bug ([26dad39](https://github.com/certd/certd/commit/26dad399d5768b3205da099ddc11809aef7d6224))
+
+### Performance Improvements
+
+* 日志查看自动滚动到底部 ([4a2f7eb](https://github.com/certd/certd/commit/4a2f7ebf87b7c027cebff7cb763f8f35f6d2aa36))
+* 系统设置中的代理设置优化为可全局生效，环境变量中的https_proxy设置将无效 ([381a37f](https://github.com/certd/certd/commit/381a37fbaa6b61c887eda743897ae00afb825bdf))
+* 新手导航在非编辑模式下不显示 ([18bfcc2](https://github.com/certd/certd/commit/18bfcc24ad0bde57bb04db8a4209861ec6b8ff1d))
+* 优化腾讯云 cloudflare 重复解析记录时的返回值 ([90d1b68](https://github.com/certd/certd/commit/90d1b68bd6cf232fbe085234efe07d29b7690044))
+* 支持namesilo ([80159ec](https://github.com/certd/certd/commit/80159ecca895103d0495f3217311199e66056572))
+* 专业版试用，无需绑定账号 ([c7c4318](https://github.com/certd/certd/commit/c7c4318c11b65a76089787aa58939832d338a232))
+
+## [1.27.4](https://github.com/certd/certd/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+### Bug Fixes
+
+* 修复未设置pfx密码，导致jks转换报错的bug ([c3cfbd8](https://github.com/certd/certd/commit/c3cfbd8474155aed4379f91075de37d5d8c73ef0))
+
+### Performance Improvements
+
+* 公共cname服务支持关闭 ([f4ae512](https://github.com/certd/certd/commit/f4ae5125dc4cd97816976779cb3586b5ee78947e))
+
+## [1.27.3](https://github.com/certd/certd/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+### Bug Fixes
+
+* 修复偶发性cname一直验证超时的bug ([d2ce72e](https://github.com/certd/certd/commit/d2ce72e4aaacdf726ba8b91fcd71db40a27714ba))
+* 修复邮件配置，忽略证书校验设置不生效的bug ([66a9690](https://github.com/certd/certd/commit/66a9690dc958732e1b3c672d965db502296446f9))
+* 修复ipv6未开启情况下，请求带有ipv6地址域名报ETIMEDOUT的bug ([a9a0967](https://github.com/certd/certd/commit/a9a0967a6f1d0bd27e69f3ec52c31d90d470bc23))
+
+### Performance Improvements
+
+* 修复站点个性化，浏览器标题没有生效的bug ([bcfac02](https://github.com/certd/certd/commit/bcfac02c96ceaf23d1a0b05b48d8047da933beaf))
+* 优化上传到主机插 路径选择，根据证书格式显示 ([8c3f86c](https://github.com/certd/certd/commit/8c3f86c6909ed91f48bb2880e78834e22f6f6a29))
+* 支持jks ([889eaae](https://github.com/certd/certd/commit/889eaaea92818f628b922dae540c026630611707))
+* ipv6支持 ([da6ac16](https://github.com/certd/certd/commit/da6ac1626b3574be2fabeeb18a1f10d60bdcbe49))
+
+## [1.27.2](https://github.com/certd/certd/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+### Bug Fixes
+
+* 修复某些容器管理ui无法识别端口列表的bug ([576e60a](https://github.com/certd/certd/commit/576e60a2b52315909e659d2a58cf98b130e69e6f))
+* 修复删除腾讯云过期证书时间判断上的bug，导致已过期仍然没有删除证书 ([1ba1007](https://github.com/certd/certd/commit/1ba10072615015d91b81fc56a3b01dae6a2ae9d1))
+
+### Performance Improvements
+
+* 优化部署到阿里云CDN插件，支持多域名，更易用 ([80c500f](https://github.com/certd/certd/commit/80c500f618b169a1f64c57fe442242a4d0d9d833))
+* 优化流水线页面切换回来不丢失查询条件 ([4dcf6e8](https://github.com/certd/certd/commit/4dcf6e87bc5f7657ce8a56c5331e8723a0fee8ee))
+* 支持公共cname服务 ([3c919ee](https://github.com/certd/certd/commit/3c919ee5d1aef5d26cf3620a7c49d920786bc941))
+* 执行历史支持点击查看流水线详情 ([8968639](https://github.com/certd/certd/commit/89686399f90058835435b92872fc236fac990148))
+* 专业版7天试用 ([c58250e](https://github.com/certd/certd/commit/c58250e1f065a9bd8b4e82acc1df754504c0010c))
+
+## [1.27.1](https://github.com/certd/certd/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+### Bug Fixes
+
+* 修复头像没有更新的bug ([9b4a31f](https://github.com/certd/certd/commit/9b4a31fa6a32b9cab2e22bd141cf96ca29120445))
+
+### Performance Improvements
+
+* 禁止页面缓存，点击tab页签可以刷新数据 ([7ad4b55](https://github.com/certd/certd/commit/7ad4b55ee000c1dd0747832b11107f32b0ffb889))
+* 优化时间选择器，自动填写分钟和秒钟 ([396dc34](https://github.com/certd/certd/commit/396dc34a841c7d016b033736afdba8366fb2d211))
+* cname 域名映射记录可读性优化 ([b1117ed](https://github.com/certd/certd/commit/b1117ed54a3ef015752999324ff72b821ef5e4b9))
+
+# [1.27.0](https://github.com/certd/certd/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+### Bug Fixes
+
+* 修复历史记录不能按名称查询的bug ([6113c38](https://github.com/certd/certd/commit/6113c388b7fc58b11ca19ff05cc1286d096c8d28))
+* pfx兼容windows server 2016 ([e5e468a](https://github.com/certd/certd/commit/e5e468a463f66d02f235de54b7c1e09ace5f1cb1))
+
+### Features
+
+* 首页全新改版 ([63ec5b5](https://github.com/certd/certd/commit/63ec5b5519c760a3330569c0da6dac157302a330))
+
+### Performance Improvements
+
+* 管理控制台数据统计 ([babd589](https://github.com/certd/certd/commit/babd5897ae013ff7c04ebfcbfac8a00d84dd627c))
+* 增加向导 ([6d9ef26](https://github.com/certd/certd/commit/6d9ef26ecab71d752c2c55d75aed4fb5f6c05a39))
+* lego 升级到 4.19.2 ([129bf53](https://github.com/certd/certd/commit/129bf53edc9bbb001fe49fbd7e239bd1d09cc128))
+
+## [1.26.16](https://github.com/certd/certd/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+### Bug Fixes
+
+* 修复lego No help topic for 错误 ([aaaf8d7](https://github.com/certd/certd/commit/aaaf8d7db34896cf8f2ff8f12eec1ab0cae58f0f))
+
+### Performance Improvements
+
+* 支持白山云cdn部署 ([b1b2cd0](https://github.com/certd/certd/commit/b1b2cd088b684eda764962abd61754c26a204d1c))
+* 支持华为云cdn ([81a3fdb](https://github.com/certd/certd/commit/81a3fdbc29b71f380762008cc151493ec97458f9))
+
+## [1.26.15](https://github.com/certd/certd/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+### Bug Fixes
+
+* 顶部菜单变...的bug ([6dabad7](https://github.com/certd/certd/commit/6dabad76baba96be0f8af36a3fbfb9f5182aecf1))
+
+### Performance Improvements
+
+* 默认证书更新时间设置为35天，增加腾讯云删除过期证书插件，可以避免腾讯云过期证书邮件 ([51b6fed](https://github.com/certd/certd/commit/51b6fed468eaa6f28ce4497ce303ace1a52abb96))
+* 授权加密支持解密查看 ([5575c83](https://github.com/certd/certd/commit/5575c839705f6987ad2bdcd33256b0962c6a9c6a))
+* 重置管理员密码同时启用管理员账户，避免之前禁用了，重置密码还是登录不进去 ([f92d918](https://github.com/certd/certd/commit/f92d918a1e28e29b794ad4754661ea760c18af46))
+
+## [1.26.14](https://github.com/certd/certd/compare/v1.26.13...v1.26.14) (2024-10-26)
+
+### Bug Fixes
+
+* 修复阿里云部署大杀器报插件_还未注册错误的bug ([abd2dcf](https://github.com/certd/certd/commit/abd2dcf2e85a545321bae6451406d081f773b132))
+* 修复启动时自签证书无法保存的bug ([526c484](https://github.com/certd/certd/commit/526c48450bcd37b3ccded9b448f17de8140bdc6e))
+
+### Performance Improvements
+
+* 顶部菜单自定义 ([54d136c](https://github.com/certd/certd/commit/54d136cc6ae122f7c891b7a5c7232fe5de8e5cb5))
+* 禁用readonly用户 ([d10d42e](https://github.com/certd/certd/commit/d10d42e20619bb55a50d636b8867ff33db4e3b4b))
+* 限制其他用户流水线数量 ([315e437](https://github.com/certd/certd/commit/315e43746baf01682737f82e41579237a48409af))
+* 用户管理优化头像上传 ([661293c](https://github.com/certd/certd/commit/661293c189a3abf3cdc953b5225192372f57930d))
+
+## [1.26.13](https://github.com/certd/certd/compare/v1.26.12...v1.26.13) (2024-10-26)
+
+### Bug Fixes
+
+* 修复对话框全屏按钮与关闭按钮重叠的bug ([95df56c](https://github.com/certd/certd/commit/95df56cc5ca5e3eb843cd17cb7078cde47729f1e))
+* deprecated的运行时不要报错，只报警告 ([bcbefaa](https://github.com/certd/certd/commit/bcbefaaa35cf6d0eec085b3a2c5bfc7c6a8de9e1))
+
+### Performance Improvements
+
+* 更新certd本身的证书文档说明 ([0c50ede](https://github.com/certd/certd/commit/0c50ede129337b82df54575cbd2f4c2a783a0732))
+* 支持同时监听https端口，7002 ([d5a17f9](https://github.com/certd/certd/commit/d5a17f9e6afd63fda2df0981118480f25a1fac2e))
+
+## [1.26.12](https://github.com/certd/certd/compare/v1.26.11...v1.26.12) (2024-10-25)
+
+### Performance Improvements
+
+* 部署到阿里云任意云资源，阿里云部署大杀器 ([4075be7](https://github.com/certd/certd/commit/4075be7849b140acb92bd8da8a9acbf4eef85180))
+* 文件名特殊字符限制输入 ([c4164c6](https://github.com/certd/certd/commit/c4164c66e29f3ec799f98108a344806ca61e94ff))
+* 新增部署到百度云CDN插件 ([f126f9f](https://github.com/certd/certd/commit/f126f9f932d37fa01fff1accc7bdd17d349f8db5))
+* 新增部署到腾讯云CDN-v2，推荐使用 ([d782655](https://github.com/certd/certd/commit/d782655cb4dfbb74138178afbffeee76fc755115))
+* 优化cron选择器，增加下次触发时间显示 ([5b148b7](https://github.com/certd/certd/commit/5b148b7ed960ca6f7f5b733b2eadd56eeecbd4c2))
+* 支持部署到腾讯云COS ([a8a45d7](https://github.com/certd/certd/commit/a8a45d7f757820990e278533277a3deda5ba48f3))
+* 支持配置公共ZeroSSL授权 ([a90d1e6](https://github.com/certd/certd/commit/a90d1e68ee9cbc3705223457b8a86f071b150968))
+
+## [1.26.11](https://github.com/certd/certd/compare/v1.26.10...v1.26.11) (2024-10-23)
+
+### Bug Fixes
+
+* 申请证书没有使用到系统设置的http代理的bug ([3db216f](https://github.com/certd/certd/commit/3db216f515ba404cb4330fdab452971b22a50f08))
+* 修复移动任务后出现空阶段的bug ([4ea3edd](https://github.com/certd/certd/commit/4ea3edd59e93ca4f5b2e43b20dd4ef33909caddb))
+* 修复google证书*.xx.com与xx.com同时申请时报错的bug ([f8b99b8](https://github.com/certd/certd/commit/f8b99b81a23e7e9fd5e05ebd5caf355c41d67a90))
+* 允许七牛云cdn插件输入.号开头的通配符域名 ([18ee87d](https://github.com/certd/certd/commit/18ee87daff6eafc2201b58e28d85aafd3cb7a5b9))
+
+### Performance Improvements
+
+* 申请证书启用新的反代地址 ([a705182](https://github.com/certd/certd/commit/a705182b85e51157883e48f23463263793bf3c12))
+* 优化日志颜色 ([1291e98](https://github.com/certd/certd/commit/1291e98e821c5b1810aab7f0aebe3f5f5cd44a20))
+* 优化证书申请速度和成功率，反代地址优化，google基本可以稳定请求。增加请求重试。 ([41d9c3a](https://github.com/certd/certd/commit/41d9c3ac8398def541e65351cbe920d4a927182d))
+* 优化pfx密码密码输入框，让浏览器不自动填写密码 ([ffeede3](https://github.com/certd/certd/commit/ffeede38afa70c5ff6f2015516bead23d2c4df87))
+
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+### Bug Fixes
+
+* 修复cname服务普通用户access访问权限问题 ([c1e3e2e](https://github.com/certd/certd/commit/c1e3e2ee1f923ee5806479dd5f178c3286a01ae0))
+
+## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
+
+### Bug Fixes
+
+* 修复普通用户无法校验cname配置的bug ([6285497](https://github.com/certd/certd/commit/62854978bf0bdbe749b42f8e40ab227ab31ec92f))
+* 修复切换普通用户登录时，左侧菜单没有同步更新的bug ([12116a8](https://github.com/certd/certd/commit/12116a89f43cf8b98f16d2ea6073f6b72a643215))
+* 修正邮箱设置跳转路由 ([17d8890](https://github.com/certd/certd/commit/17d88900a1f0e3af609b74597f5b1978230db32d))
+
+### Performance Improvements
+
+* 触发证书重新申请input变化对比规则优化，减少升级版本后触发申请证书的情况 ([c46a2a9](https://github.com/certd/certd/commit/c46a2a9a399c2a9a8bb59a48b9fb6e93227cce9b))
+* 任务下所有步骤都跳过时，整个任务显示跳过 ([84fd3b2](https://github.com/certd/certd/commit/84fd3b250dd1161ea06c5582fdadece4b29c2e53))
+* 授权配置去除前后空格 ([57d8d48](https://github.com/certd/certd/commit/57d8d48046fbf51c52b041d2dec03d51fb018587))
+* 数据库备份插件，先压缩再备份 ([304ef49](https://github.com/certd/certd/commit/304ef494fd5787c996ad0dcb6edd2f517afce9e2))
+* 优化菜单 ([1f4f157](https://github.com/certd/certd/commit/1f4f15757de1015cf7563f7022599eef58cc93d7))
+* 增加文档站 https://certd.docmirror.cn ([6e2ac1c](https://github.com/certd/certd/commit/6e2ac1c089f6ddccb396f1f2738509c05333e1bb))
+
 ## [1.26.8](https://github.com/certd/certd/compare/v1.26.7...v1.26.8) (2024-10-15)
 
 ### Bug Fixes

docs/guide/development/index.md

@@ -1,20 +1,19 @@
 # 本地开发
 欢迎贡献插件
 
-## 1.本地调试运行
+建议nodejs版本 `20.x` 及以上
+
+## 一、本地调试运行
 
 ### 克隆代码
 ```shell
 
 # 克隆代码
-git clone https://github.com/certd/certd
+git clone https://github.com/certd/certd --depth=1
 
 #进入项目目录
 cd certd
 
-# 切换到最新版本代码
-git checkout v1.26.7  # 这里换成最新版本号
-
 ```
 
 ### 修改pnpm-workspace.yaml文件
@@ -55,7 +54,7 @@ npm run dev
 
 ```
 
-## 开发插件
+## 二、开发插件
 进入 `packages/ui/certd-server/src/plugins`
 
 ### 1.复制`plugin-demo`目录作为你的插件目录
@@ -89,8 +88,22 @@ export * from './plugins/plugin-deploy-to-xx'
 export * from "./plugin-cloudflare.js"
 ```
 
-## 重启服务进行调试
+### 6. 重启服务进行调试
 刷新浏览器，检查你的插件是否工作正常， 确保能够正常进行证书申请和部署
 
-## 提交PR
+## 三、提交PR
 我们将尽快审核PR
+
+## 四、 注意事项
+### 1.  如何让任务报错停止
+
+```js
+// 抛出异常即可使任务停止，否则会判定为成功
+throw new Error("错误信息")
+```
+
+
+## 五、贡献插件送激活码
+
+- PR要求，插件功能完整，代码规范
+- PR通过后，联系我们，送您一个专业版激活码

docs/guide/feature/cname/index.md

@@ -11,7 +11,7 @@
 
 ## 2. 原理
 * 假设你要申请证书的域名叫：`cert.com` ,它是在`Certd`不支持的服务商注册的
-* 假设你还有另外一个域名叫：`proxy.com`，它是在`Certd`支持的服务商注册的。
+* 假设我们还有另外一个域名叫：`proxy.com`，它是在`Certd`支持的服务商注册的。
 * 当我们按照如下进行配置时
 ```
                   CNAME记录（手动、固定）           TXT记录（自动、随机）
@@ -19,20 +19,17 @@ _acme-challenge.cert.com ---> xxxxx.cname.proxy.com ----> txt-record-abcdefg
    
 ```
 * 证书颁发机构就可以从`_acme-challenge.cert.com`查到TXT记录 `txt-record-abcdefg`，从而完成域名所有权校验。
-* 以上可以看出 `xxxxx.cname.proxy.com ----> txt-record-abcdefg` 这一段`Certd`可以自动添加的。
+* 以上可以看出 `xxxxx.cname.proxy.com ----> txt-record-abcdefg` 这一段`Certd` 是可以自动添加的。
 * 剩下的只需要在你的`cert.com`域名中手动添加一条固定的`CNAME解析`即可
                          
 
 ## 3. Certd CNAME使用步骤
 
-1. 准备`一个`支持的服务商的注册的域名（`proxy.com`），或者将你众多域名其中`一个`的`DNS服务器`转到这几家服务商。
-2. 然后到`Certd`的 `CNAME服务管理`界面，用`cname.proxy.com`创建一条默认的CNAME服务，提供DNS提供商授权。
-   ![](./images/cname1.png)
-2. 然后创建证书流水线，输入`cert.com`，选择`CNAME`校验方式
-  
-3. 此时需要配置验证计划，Certd会生成一个随机的CNAME记录，例如：`_acme-challenge`->`xxxxxx.cname.proxy.com`
+
+1. 创建证书流水线，输入你要申请证书的域名，假设就是`cert.com`，然后选择`CNAME`校验方式
+2. 此时需要配置验证计划，Certd会生成一个随机的CNAME记录模版，例如：`_acme-challenge`->`xxxxxx.cname.proxy.com`
    ![](./images/cname2.png)
-3. 您需要手动在你的`cert.com`域名中添加CNAME解析，点击校验，校验成功后就可以开始申请证书了 (此操作每个域名只需要做一次，后续可以重复使用，注意不要删除添加的CNAME记录)
+3. 您需要手动在你的`cert.com`域名中添加CNAME解析，点击验证，校验成功后就可以开始申请证书了 (此操作每个域名只需要做一次，后续可以重复使用，注意不要删除添加的CNAME记录)
    ![](./images/cname3.png)
    ![](./images/cname4.png)
 4. 申请过程中，Certd会在`xxxxxx.cname.proxy.com`下自动添加TXT记录。 

docs/guide/index.md

@@ -26,5 +26,9 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
     * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
     * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
 * 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
-* 设置每天自动运行，当证书过期前20天，会自动重新申请证书并部署
+* 设置每天自动运行，当证书过期前35天，会自动重新申请证书并部署
 
+## 三、证书颁发机构对比
+* Let's Encrypt：申请最简单。
+* Google: 大厂光环，兼容性好，首次需要翻墙获取EAB。
+* ZeroSSL： 需要EAB，获取EAB无需翻墙。

docs/guide/install/1panel/index.md

@@ -48,4 +48,4 @@ admin/123456
 
 ## 五、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/baota/index.md

@@ -40,7 +40,7 @@ admin/123456
 ## 三、如何升级
 
 ### 1. 应用商店安装，直接更新镜像即可
-
+`docker`->`容器编排`->`左侧选择Certd-xxxx`->`更新镜像`
 ![img.png](./images/upgrade.png)
 
 
@@ -81,4 +81,4 @@ services:
 
 ## 五、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/docker/index.md

@@ -41,7 +41,7 @@ docker compose up -d
 
 > 如果提示 没有docker compose命令,请安装docker-compose   
 > https://docs.docker.com/compose/install/linux/   
-> 然后使用 `docker-compose up -d` 启动
+
 
 ### 3. 访问测试
 
@@ -71,4 +71,4 @@ docker compose up -d
 
 ## 四、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/source/index.md

@@ -1,6 +1,9 @@
 # 源码部署
-
+不推荐
 ## 一、源码安装
+
+### 环境要求
+- nodejs 20 及以上
 ### 源码启动
 ```shell
 # 克隆代码
@@ -42,4 +45,4 @@ kill -9 $(lsof -t -i:7001)
 
 ## 四、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`及同目录下的其他文件覆盖到原来的位置，重启certd即可

docs/guide/use/aliyun/index.md

@@ -8,4 +8,14 @@
 ALIYUN_CLIENT_CONNECT_TIMEOUT=10000 # 连接超时，单位毫秒
 ALIYUN_CLIENT_READ_TIMEOUT=10000 #读取数据超时，单位毫秒
 
-```
+```
+
+
+## 阿里云Access权限设置
+
+
+* 申请证书 ：`AliyunDNSFullAccess`
+* 上传证书到阿里云： `AliyunYundunCertFullAccess`
+* 部署证书到OSS: `AliyunYundunCertFullAccess`、`AliyunOSSFullAccess`
+* 部署证书到CDN: `AliyunYundunCertFullAccess`、`AliyunCDNFullAccess`
+* 部署证书到DCDN： `AliyunYundunCertFullAccess`、`AliyunDCDNFullAccess`

docs/guide/use/backup/index.md

@@ -27,4 +27,4 @@
 
 ## 三、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`覆盖到原来的位置，重启certd即可

docs/guide/use/custom-script/index.md

@@ -0,0 +1,86 @@
+# 自定义脚本插件
+
+## 1. 介绍
+
+自定义脚本插件是一个通用的插件，可以通过编写脚本来实现各种功能，例如：调用第三方API、执行系统命令、发送邮件等。
+
+## 2. 使用示例
+```js
+const certPem = ctx.self.cert.crt
+const certKey = ctx.self.cert.key
+
+//axios发起http请求上传证书
+const res = await ctx.http.request({
+  url:"your_cert_deploy_url",
+  method:"post",
+  data:{
+    crt : certPem,
+    key : certKey
+  }
+})
+if(!res || res.code !== 0){
+    //抛异常才能让任务失败
+    throw new Error("上传失败")
+}
+//不能用console.log，需要用ctx.logger 才能把日志打印在ui上
+ctx.logger.info("上传成功",res.data)
+
+
+```
+## 3. API
+下面是`ctx`对象的`typescript`类型定义
+
+```ts
+
+type ctx = {
+  CertReader: typeof CertReader;
+  self: CustomScriptPlugin;
+  //流水线定义
+  pipeline: Pipeline;
+  //步骤定义
+  step: Step;
+  //日志
+  logger: Logger;
+  //当前步骤输入参数跟上一次执行比较是否有变化
+  inputChanged: boolean;
+  //授权获取服务 
+  accessService: IAccessService;
+  //邮件服务
+  emailService: IEmailService;
+  //cname记录服务
+  cnameProxyService: ICnameProxyService;
+  //插件配置服务
+  pluginConfigService: IPluginConfigService;
+  //流水线上下文
+  pipelineContext: IContext;
+  //用户上下文
+  userContext: IContext;
+  //http请求客户端 
+  http: HttpClient; // http.request(AxiosConfig)
+  //文件存储
+  fileStore: FileStore;
+  //上一次执行结果状态
+  lastStatus?: Runnable;
+  //用户取消信号
+  signal: AbortSignal;
+  //工具类
+  utils: typeof utils;
+  //用户信息
+  user: UserInfo;
+}
+
+type CertInfo = {
+  crt:string; //fullchain证书，即 cert.pem， cert.crt
+  key:string; // 私钥
+  ic: string; //中间证书
+  pfx: string;//PFX证书，base64编码
+  der: string;//DER证书，base64编码
+}
+
+type CustomScriptPlugin = {
+  //可以获取证书
+  cert: CertInfo
+}
+
+```
+

docs/guide/use/email/index.md

@@ -0,0 +1,23 @@
+# 邮箱配置
+
+
+## 腾讯企业邮箱配置
+1. 开启smtp
+![](./images/qq-3.png)
+2. 获取授权码作为密码
+![](./images/qq-1.png)
+![](./images/qq-2.png)
+3. 填写域名、端口和密码
+   ![](./images/qq-0.png)
+
+## QQ邮箱配置
+1. smtp配置
+```yaml
+smtp域名: smtp.qq.com
+smtp端口: 465
+密码: 授权码，获取方式见下方
+是否SSL: 是
+```
+
+2. 获取授权码
+   ![](./images/qq-11.png)

docs/guide/use/host/windows.md

@@ -4,7 +4,10 @@
 
 ## windows开启OpenSSH Server
 ### 1. 安装OpenSSH Server    
-请前往Microsoft官方文档查看如何开启openSSH    
+
+* 下载安装包安装： https://github.com/PowerShell/Win32-OpenSSH/releases  OpenSSH-Win64-vxx.xx.x.msi
+
+* 前往Microsoft官方文档查看如何开启openSSH，以及其他设置    
 https://learn.microsoft.com/zh-cn/windows-server/administration/openssh/openssh_install_firstuse?tabs=gui#install-openssh-for-windows
 
 ### 2. 启动OpenSSH Server服务
@@ -22,3 +25,15 @@ win+R  弹出运行对话框，输入 services.msc 打开服务管理器
 C:\Users\xxxxx>
           ↑↑↑↑---------这个就是windows ssh的登录用户名
 ```
+
+### 4. 切换默认shell终端
+安装openssh后，默认终端是cmd，建议切换成powershell
+```shell
+# powershell中执行如下命令切换
+# 设置默认shell为powershell 【推荐】
+New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
+
+# 恢复默认shell为cmd 【不推荐】
+New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\cmd.exe" -PropertyType String -Force
+
+```

docs/guide/use/setting/ipv6.md

@@ -0,0 +1,21 @@
+# IPv6支持
+
+## 启用IPv6
+在`docker-compose.yaml`中启用IPv6支持，放开如下注释：
+```yaml
+#    #↓↓↓↓ ------------------------------------------------------------- 启用ipv6网络
+    networks:
+      - ip6net
+networks:
+  ip6net:
+    enable_ipv6: true
+    ipam:
+      config:
+        - subnet: 2001:db8::/64
+
+```
+
+## 设置双栈网络优先级
+可根据实际情况设置
+
+![img.png](./images/ipv6.png)

docs/guide/use/tencent/index.md

@@ -6,3 +6,16 @@
 打开 https://console.cloud.tencent.com/cam/capi   
 然后按如下方式获取腾讯云的API密钥    
 ![](./tencent-access.png)
+
+
+## 如何避免收到腾讯云证书过期邮件
+
+腾讯云在证书有效期还剩28天时会发送过期通知邮件    
+您可以通过配置“腾讯云过期证书删除”任务来避免收到此类邮件。
+
+![](./images/delete.png)
+
+注意点：
+> 1. 选择腾讯云授权，需授权`服务角色SSL_QCSLinkedRoleInReplaceLoadCertificate`权限
+> 2. `1.26.14`版本之前Certd创建的证书流水线默认是到期前20天才更新证书，需要将之前创建的证书申请任务的更新天数修改为35天，保证删除之前就已经替换掉即将过期证书
+![](./images/delete2.png)

docs/index.md

@@ -18,7 +18,7 @@ hero:
       link: /guide/tutorial.md
     - theme: alt
       text: demo体验
-      link: https://certd.handsfree.work
+      link: https://certd.handfree.work
 
 features:
   - title: 全自动申请证书
@@ -28,7 +28,7 @@ features:
   - title: 多域名、泛域名打到一个证书上
     details: 支持通配符域名/泛域名，支持多个域名打到一个证书上
   - title: 多证书格式支持
-    details: 支持pem、pfx、der等多种证书格式，支持Google、Letsencrypt、ZeroSSL证书颁发机构
+    details: 支持pem、pfx、der、jks等多种证书格式，支持Google、Letsencrypt、ZeroSSL证书颁发机构
   - title: 支持私有化部署
     details: 保障数据安全
   - title: 多数据库支持

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.26.14"
+  "version": "1.28.2"
 }

package.json

@@ -14,13 +14,14 @@
   },
   "scripts": {
     "start": "lerna bootstrap --hoist",
+    "devb": "lerna run dev-build",
     "i-all": "lerna link && lerna exec npm install  ",
     "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
-    "afterpublishOnly": "time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "afterpublishOnly": "npm run copylogs && time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
     "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
     "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
     "commitPro": "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
-    "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/other/changelogs/",
+    "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/changelogs/",
     "prepublishOnly1": "npm run check && lerna run build ",
     "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
     "before-build": "npm run transform-sql && cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
@@ -34,9 +35,11 @@
   "license": "AGPL-3.0",
   "dependencies": {
     "axios": "^1.7.7",
-    "lodash-es": "^4.17.21"
+    "copyfiles": "^2.4.1",
+    "lodash-es": "^4.17.21",
+    "typescript": "^5.4.2"
   },
   "workspaces": [
     "packages/**"
   ]
-}
+}

packages/core/acme-client/.eslintrc

@@ -0,0 +1,28 @@
+{
+  "extends": [
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "plugins": [
+    "eslint-plugin-import"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-empty-function": "off",
+    //    "no-unused-expressions": "off",
+    "max-len": [
+      0,
+      160,
+      2,
+      {
+        "ignoreUrls": true
+      }
+    ]
+  }
+}

packages/core/acme-client/.eslintrc.yml

@@ -1,16 +0,0 @@
-extends:
-  - 'airbnb-base'
-
-env:
-  browser: false
-  node: true
-  mocha: true
-
-rules:
-  indent: [2, 4, { SwitchCase: 1, VariableDeclarator: 1 }]
-  brace-style: [2, 'stroustrup', { allowSingleLine: true }]
-  func-names: 0
-  class-methods-use-this: 0
-  no-param-reassign: 0
-  max-len: [1, 200, 2, { ignoreUrls: true, ignoreComments: false }]
-  import/no-useless-path-segments: 0

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,68 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.28.2](https://github.com/publishlab/node-acme-client/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Performance Improvements
+
+* 支持mysql ([7cde1fd](https://github.com/publishlab/node-acme-client/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/publishlab/node-acme-client/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.28.0](https://github.com/publishlab/node-acme-client/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.9](https://github.com/publishlab/node-acme-client/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.8](https://github.com/publishlab/node-acme-client/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.7](https://github.com/publishlab/node-acme-client/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.6](https://github.com/publishlab/node-acme-client/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.5](https://github.com/publishlab/node-acme-client/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.4](https://github.com/publishlab/node-acme-client/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.3](https://github.com/publishlab/node-acme-client/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.2](https://github.com/publishlab/node-acme-client/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.1](https://github.com/publishlab/node-acme-client/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.27.0](https://github.com/publishlab/node-acme-client/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.26.16](https://github.com/publishlab/node-acme-client/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.26.15](https://github.com/publishlab/node-acme-client/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.26.14](https://github.com/publishlab/node-acme-client/compare/v1.26.13...v1.26.14) (2024-10-26)
 
 ### Bug Fixes

packages/core/acme-client/docs/crypto.md

@@ -6,6 +6,38 @@
 </dd>
 </dl>
 
+## Constants
+
+<dl>
+<dt><a href="#createPrivateEcdsaKey">createPrivateEcdsaKey</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Generate a private ECDSA key</p>
+</dd>
+<dt><a href="#getPublicKey">getPublicKey</a> ⇒ <code>buffer</code></dt>
+<dd><p>Get a public key derived from a RSA or ECDSA key</p>
+</dd>
+<dt><a href="#getPemBodyAsB64u">getPemBodyAsB64u</a> ⇒ <code>string</code></dt>
+<dd><p>Parse body of PEM encoded object and return a Base64URL string
+If multiple objects are chained, the first body will be returned</p>
+</dd>
+<dt><a href="#readCsrDomains">readCsrDomains</a> ⇒ <code>object</code></dt>
+<dd><p>Read domains from a Certificate Signing Request</p>
+</dd>
+<dt><a href="#readCertificateInfo">readCertificateInfo</a> ⇒ <code>object</code></dt>
+<dd><p>Read information from a certificate
+If multiple certificates are chained, the first will be read</p>
+</dd>
+<dt><a href="#createCsr">createCsr</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
+<dd><p>Create a Certificate Signing Request</p>
+</dd>
+<dt><a href="#createAlpnCertificate">createAlpnCertificate</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
+<dd><p>Create a self-signed ALPN certificate for TLS-ALPN-01 challenges</p>
+<p><a href="https://datatracker.ietf.org/doc/html/rfc8737">https://datatracker.ietf.org/doc/html/rfc8737</a></p>
+</dd>
+<dt><a href="#isAlpnCertificateAuthorizationValid">isAlpnCertificateAuthorizationValid</a> ⇒ <code>boolean</code></dt>
+<dd><p>Validate that a ALPN certificate contains the expected key authorization</p>
+</dd>
+</dl>
+
 ## Functions
 
 <dl>
@@ -15,12 +47,6 @@
 <dt><a href="#createPrivateKey">createPrivateKey()</a></dt>
 <dd><p>Alias of <code>createPrivateRsaKey()</code></p>
 </dd>
-<dt><a href="#createPrivateEcdsaKey">createPrivateEcdsaKey([namedCurve])</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Generate a private ECDSA key</p>
-</dd>
-<dt><a href="#getPublicKey">getPublicKey(keyPem)</a> ⇒ <code>buffer</code></dt>
-<dd><p>Get a public key derived from a RSA or ECDSA key</p>
-</dd>
 <dt><a href="#getJwk">getJwk(keyPem)</a> ⇒ <code>object</code></dt>
 <dd><p>Get a JSON Web Key derived from a RSA or ECDSA key</p>
 <p><a href="https://datatracker.ietf.org/doc/html/rfc7517">https://datatracker.ietf.org/doc/html/rfc7517</a></p>
@@ -28,27 +54,6 @@
 <dt><a href="#splitPemChain">splitPemChain(chainPem)</a> ⇒ <code>Array.&lt;string&gt;</code></dt>
 <dd><p>Split chain of PEM encoded objects from string into array</p>
 </dd>
-<dt><a href="#getPemBodyAsB64u">getPemBodyAsB64u(pem)</a> ⇒ <code>string</code></dt>
-<dd><p>Parse body of PEM encoded object and return a Base64URL string
-If multiple objects are chained, the first body will be returned</p>
-</dd>
-<dt><a href="#readCsrDomains">readCsrDomains(csrPem)</a> ⇒ <code>object</code></dt>
-<dd><p>Read domains from a Certificate Signing Request</p>
-</dd>
-<dt><a href="#readCertificateInfo">readCertificateInfo(certPem)</a> ⇒ <code>object</code></dt>
-<dd><p>Read information from a certificate
-If multiple certificates are chained, the first will be read</p>
-</dd>
-<dt><a href="#createCsr">createCsr(data, [keyPem])</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
-<dd><p>Create a Certificate Signing Request</p>
-</dd>
-<dt><a href="#createAlpnCertificate">createAlpnCertificate(authz, keyAuthorization, [keyPem])</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
-<dd><p>Create a self-signed ALPN certificate for TLS-ALPN-01 challenges</p>
-<p><a href="https://datatracker.ietf.org/doc/html/rfc8737">https://datatracker.ietf.org/doc/html/rfc8737</a></p>
-</dd>
-<dt><a href="#isAlpnCertificateAuthorizationValid">isAlpnCertificateAuthorizationValid(certPem, keyAuthorization)</a> ⇒ <code>boolean</code></dt>
-<dd><p>Validate that a ALPN certificate contains the expected key authorization</p>
-</dd>
 </dl>
 
 <a name="crypto"></a>
@@ -57,40 +62,12 @@ If multiple certificates are chained, the first will be read</p>
 Native Node.js crypto interface
 
 **Kind**: global namespace  
-<a name="createPrivateRsaKey"></a>
-
-## createPrivateRsaKey([modulusLength]) ⇒ <code>Promise.&lt;buffer&gt;</code>
-Generate a private RSA key
-
-**Kind**: global function  
-**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
-
-| Param | Type | Default | Description |
-| --- | --- | --- | --- |
-| [modulusLength] | <code>number</code> | <code>2048</code> | Size of the keys modulus in bits, default: `2048` |
-
-**Example**  
-Generate private RSA key
-```js
-const privateKey = await acme.crypto.createPrivateRsaKey();
-```
-**Example**  
-Private RSA key with modulus size 4096
-```js
-const privateKey = await acme.crypto.createPrivateRsaKey(4096);
-```
-<a name="createPrivateKey"></a>
-
-## createPrivateKey()
-Alias of `createPrivateRsaKey()`
-
-**Kind**: global function  
 <a name="createPrivateEcdsaKey"></a>
 
-## createPrivateEcdsaKey([namedCurve]) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## createPrivateEcdsaKey ⇒ <code>Promise.&lt;buffer&gt;</code>
 Generate a private ECDSA key
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private ECDSA key  
 
 | Param | Type | Description |
@@ -109,10 +86,10 @@ const privateKey = await acme.crypto.createPrivateEcdsaKey('P-384');
 ```
 <a name="getPublicKey"></a>
 
-## getPublicKey(keyPem) ⇒ <code>buffer</code>
+## getPublicKey ⇒ <code>buffer</code>
 Get a public key derived from a RSA or ECDSA key
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>buffer</code> - PEM encoded public key  
 
 | Param | Type | Description |
@@ -124,44 +101,13 @@ Get public key
 ```js
 const publicKey = acme.crypto.getPublicKey(privateKey);
 ```
-<a name="getJwk"></a>
-
-## getJwk(keyPem) ⇒ <code>object</code>
-Get a JSON Web Key derived from a RSA or ECDSA key
-
-https://datatracker.ietf.org/doc/html/rfc7517
-
-**Kind**: global function  
-**Returns**: <code>object</code> - JSON Web Key  
-
-| Param | Type | Description |
-| --- | --- | --- |
-| keyPem | <code>buffer</code> \| <code>string</code> | PEM encoded private or public key |
-
-**Example**  
-Get JWK
-```js
-const jwk = acme.crypto.getJwk(privateKey);
-```
-<a name="splitPemChain"></a>
-
-## splitPemChain(chainPem) ⇒ <code>Array.&lt;string&gt;</code>
-Split chain of PEM encoded objects from string into array
-
-**Kind**: global function  
-**Returns**: <code>Array.&lt;string&gt;</code> - Array of PEM objects including headers  
-
-| Param | Type | Description |
-| --- | --- | --- |
-| chainPem | <code>buffer</code> \| <code>string</code> | PEM encoded object chain |
-
 <a name="getPemBodyAsB64u"></a>
 
-## getPemBodyAsB64u(pem) ⇒ <code>string</code>
+## getPemBodyAsB64u ⇒ <code>string</code>
 Parse body of PEM encoded object and return a Base64URL string
 If multiple objects are chained, the first body will be returned
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>string</code> - Base64URL-encoded body  
 
 | Param | Type | Description |
@@ -170,10 +116,10 @@ If multiple objects are chained, the first body will be returned
 
 <a name="readCsrDomains"></a>
 
-## readCsrDomains(csrPem) ⇒ <code>object</code>
+## readCsrDomains ⇒ <code>object</code>
 Read domains from a Certificate Signing Request
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>object</code> - {commonName, altNames}  
 
 | Param | Type | Description |
@@ -190,11 +136,11 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="readCertificateInfo"></a>
 
-## readCertificateInfo(certPem) ⇒ <code>object</code>
+## readCertificateInfo ⇒ <code>object</code>
 Read information from a certificate
 If multiple certificates are chained, the first will be read
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>object</code> - Certificate info  
 
 | Param | Type | Description |
@@ -215,10 +161,10 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="createCsr"></a>
 
-## createCsr(data, [keyPem]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
+## createCsr ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
 Create a Certificate Signing Request
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code> - [privateKey, certificateSigningRequest]  
 
 | Param | Type | Description |
@@ -276,12 +222,12 @@ const [, certificateRequest] = await acme.crypto.createCsr({
 ```
 <a name="createAlpnCertificate"></a>
 
-## createAlpnCertificate(authz, keyAuthorization, [keyPem]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
+## createAlpnCertificate ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
 Create a self-signed ALPN certificate for TLS-ALPN-01 challenges
 
 https://datatracker.ietf.org/doc/html/rfc8737
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code> - [privateKey, certificate]  
 
 | Param | Type | Description |
@@ -303,10 +249,10 @@ const [, alpnCertificate] = await acme.crypto.createAlpnCertificate(authz, keyAu
 ```
 <a name="isAlpnCertificateAuthorizationValid"></a>
 
-## isAlpnCertificateAuthorizationValid(certPem, keyAuthorization) ⇒ <code>boolean</code>
+## isAlpnCertificateAuthorizationValid ⇒ <code>boolean</code>
 Validate that a ALPN certificate contains the expected key authorization
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>boolean</code> - True when valid  
 
 | Param | Type | Description |
@@ -314,3 +260,62 @@ Validate that a ALPN certificate contains the expected key authorization
 | certPem | <code>buffer</code> \| <code>string</code> | PEM encoded certificate |
 | keyAuthorization | <code>string</code> | Expected challenge key authorization |
 
+<a name="createPrivateRsaKey"></a>
+
+## createPrivateRsaKey([modulusLength]) ⇒ <code>Promise.&lt;buffer&gt;</code>
+Generate a private RSA key
+
+**Kind**: global function  
+**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| [modulusLength] | <code>number</code> | Size of the keys modulus in bits, default: `2048` |
+
+**Example**  
+Generate private RSA key
+```js
+const privateKey = await acme.crypto.createPrivateRsaKey();
+```
+**Example**  
+Private RSA key with modulus size 4096
+```js
+const privateKey = await acme.crypto.createPrivateRsaKey(4096);
+```
+<a name="createPrivateKey"></a>
+
+## createPrivateKey()
+Alias of `createPrivateRsaKey()`
+
+**Kind**: global function  
+<a name="getJwk"></a>
+
+## getJwk(keyPem) ⇒ <code>object</code>
+Get a JSON Web Key derived from a RSA or ECDSA key
+
+https://datatracker.ietf.org/doc/html/rfc7517
+
+**Kind**: global function  
+**Returns**: <code>object</code> - JSON Web Key  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| keyPem | <code>buffer</code> \| <code>string</code> | PEM encoded private or public key |
+
+**Example**  
+Get JWK
+```js
+const jwk = acme.crypto.getJwk(privateKey);
+```
+<a name="splitPemChain"></a>
+
+## splitPemChain(chainPem) ⇒ <code>Array.&lt;string&gt;</code>
+Split chain of PEM encoded objects from string into array
+
+**Kind**: global function  
+**Returns**: <code>Array.&lt;string&gt;</code> - Array of PEM objects including headers  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| chainPem | <code>buffer</code> \| <code>string</code> | PEM encoded object chain |
+

packages/core/acme-client/docs/forge.md

@@ -8,37 +8,42 @@ major release. Please migrate to the new <code>acme.crypto</code> interface at y
 </dd>
 </dl>
 
+## Constants
+
+<dl>
+<dt><a href="#createPublicKey">createPublicKey</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Create public key from a private RSA key</p>
+</dd>
+<dt><a href="#getPemBody">getPemBody</a> ⇒ <code>string</code></dt>
+<dd><p>Parse body of PEM encoded object from buffer or string
+If multiple objects are chained, the first body will be returned</p>
+</dd>
+<dt><a href="#splitPemChain">splitPemChain</a> ⇒ <code>Array.&lt;string&gt;</code></dt>
+<dd><p>Split chain of PEM encoded objects from buffer or string into array</p>
+</dd>
+<dt><a href="#getModulus">getModulus</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Get modulus</p>
+</dd>
+<dt><a href="#getPublicExponent">getPublicExponent</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Get public exponent</p>
+</dd>
+<dt><a href="#readCsrDomains">readCsrDomains</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
+<dd><p>Read domains from a Certificate Signing Request</p>
+</dd>
+<dt><a href="#readCertificateInfo">readCertificateInfo</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
+<dd><p>Read information from a certificate</p>
+</dd>
+<dt><a href="#createCsr">createCsr</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
+<dd><p>Create a Certificate Signing Request</p>
+</dd>
+</dl>
+
 ## Functions
 
 <dl>
 <dt><a href="#createPrivateKey">createPrivateKey([size])</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
 <dd><p>Generate a private RSA key</p>
 </dd>
-<dt><a href="#createPublicKey">createPublicKey(key)</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Create public key from a private RSA key</p>
-</dd>
-<dt><a href="#getPemBody">getPemBody(str)</a> ⇒ <code>string</code></dt>
-<dd><p>Parse body of PEM encoded object from buffer or string
-If multiple objects are chained, the first body will be returned</p>
-</dd>
-<dt><a href="#splitPemChain">splitPemChain(str)</a> ⇒ <code>Array.&lt;string&gt;</code></dt>
-<dd><p>Split chain of PEM encoded objects from buffer or string into array</p>
-</dd>
-<dt><a href="#getModulus">getModulus(input)</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Get modulus</p>
-</dd>
-<dt><a href="#getPublicExponent">getPublicExponent(input)</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Get public exponent</p>
-</dd>
-<dt><a href="#readCsrDomains">readCsrDomains(csr)</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
-<dd><p>Read domains from a Certificate Signing Request</p>
-</dd>
-<dt><a href="#readCertificateInfo">readCertificateInfo(cert)</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
-<dd><p>Read information from a certificate</p>
-</dd>
-<dt><a href="#createCsr">createCsr(data, [key])</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
-<dd><p>Create a Certificate Signing Request</p>
-</dd>
 </dl>
 
 <a name="forge"></a>
@@ -50,34 +55,12 @@ DEPRECATION WARNING: This crypto interface is deprecated and will be removed fro
 major release. Please migrate to the new `acme.crypto` interface at your earliest convenience.
 
 **Kind**: global namespace  
-<a name="createPrivateKey"></a>
-
-## createPrivateKey([size]) ⇒ <code>Promise.&lt;buffer&gt;</code>
-Generate a private RSA key
-
-**Kind**: global function  
-**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
-
-| Param | Type | Default | Description |
-| --- | --- | --- | --- |
-| [size] | <code>number</code> | <code>2048</code> | Size of the key, default: `2048` |
-
-**Example**  
-Generate private RSA key
-```js
-const privateKey = await acme.forge.createPrivateKey();
-```
-**Example**  
-Private RSA key with defined size
-```js
-const privateKey = await acme.forge.createPrivateKey(4096);
-```
 <a name="createPublicKey"></a>
 
-## createPublicKey(key) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## createPublicKey ⇒ <code>Promise.&lt;buffer&gt;</code>
 Create public key from a private RSA key
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded public RSA key  
 
 | Param | Type | Description |
@@ -91,11 +74,11 @@ const publicKey = await acme.forge.createPublicKey(privateKey);
 ```
 <a name="getPemBody"></a>
 
-## getPemBody(str) ⇒ <code>string</code>
+## getPemBody ⇒ <code>string</code>
 Parse body of PEM encoded object from buffer or string
 If multiple objects are chained, the first body will be returned
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>string</code> - PEM body  
 
 | Param | Type | Description |
@@ -104,10 +87,10 @@ If multiple objects are chained, the first body will be returned
 
 <a name="splitPemChain"></a>
 
-## splitPemChain(str) ⇒ <code>Array.&lt;string&gt;</code>
+## splitPemChain ⇒ <code>Array.&lt;string&gt;</code>
 Split chain of PEM encoded objects from buffer or string into array
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Array.&lt;string&gt;</code> - Array of PEM bodies  
 
 | Param | Type | Description |
@@ -116,10 +99,10 @@ Split chain of PEM encoded objects from buffer or string into array
 
 <a name="getModulus"></a>
 
-## getModulus(input) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## getModulus ⇒ <code>Promise.&lt;buffer&gt;</code>
 Get modulus
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - Modulus  
 
 | Param | Type | Description |
@@ -135,10 +118,10 @@ const m3 = await acme.forge.getModulus(certificateRequest);
 ```
 <a name="getPublicExponent"></a>
 
-## getPublicExponent(input) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## getPublicExponent ⇒ <code>Promise.&lt;buffer&gt;</code>
 Get public exponent
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - Exponent  
 
 | Param | Type | Description |
@@ -154,10 +137,10 @@ const e3 = await acme.forge.getPublicExponent(certificateRequest);
 ```
 <a name="readCsrDomains"></a>
 
-## readCsrDomains(csr) ⇒ <code>Promise.&lt;object&gt;</code>
+## readCsrDomains ⇒ <code>Promise.&lt;object&gt;</code>
 Read domains from a Certificate Signing Request
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;object&gt;</code> - {commonName, altNames}  
 
 | Param | Type | Description |
@@ -174,10 +157,10 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="readCertificateInfo"></a>
 
-## readCertificateInfo(cert) ⇒ <code>Promise.&lt;object&gt;</code>
+## readCertificateInfo ⇒ <code>Promise.&lt;object&gt;</code>
 Read information from a certificate
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;object&gt;</code> - Certificate info  
 
 | Param | Type | Description |
@@ -198,10 +181,10 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="createCsr"></a>
 
-## createCsr(data, [key]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
+## createCsr ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
 Create a Certificate Signing Request
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code> - [privateKey, certificateSigningRequest]  
 
 | Param | Type | Description |
@@ -256,3 +239,25 @@ const certificateKey = await acme.forge.createPrivateKey();
 const [, certificateRequest] = await acme.forge.createCsr({
     altNames: ['test.example.com'],
 }, certificateKey);
+<a name="createPrivateKey"></a>
+
+## createPrivateKey([size]) ⇒ <code>Promise.&lt;buffer&gt;</code>
+Generate a private RSA key
+
+**Kind**: global function  
+**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| [size] | <code>number</code> | Size of the key, default: `2048` |
+
+**Example**  
+Generate private RSA key
+```js
+const privateKey = await acme.forge.createPrivateKey();
+```
+**Example**  
+Private RSA key with defined size
+```js
+const privateKey = await acme.forge.createPrivateKey(4096);
+```

packages/core/acme-client/package.json

@@ -3,7 +3,9 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.26.14",
+    "version": "1.28.2",
+    "type": "module",
+    "module": "scr/index.js",
     "main": "src/index.js",
     "types": "types/index.d.ts",
     "license": "MIT",
@@ -16,12 +18,14 @@
         "types"
     ],
     "dependencies": {
+        "@certd/basic": "^1.28.2",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
         "debug": "^4.3.5",
         "http-proxy-agent": "^7.0.2",
         "https-proxy-agent": "^7.0.5",
+        "lodash-es": "^4.17.21",
         "node-forge": "^1.3.1"
     },
     "devDependencies": {
@@ -29,14 +33,15 @@
         "chai": "^4.4.1",
         "chai-as-promised": "^7.1.2",
         "eslint": "^8.57.0",
-        "eslint-config-airbnb-base": "^15.0.0",
+        "eslint-config-prettier": "^8.5.0",
         "eslint-plugin-import": "^2.29.1",
+        "eslint-plugin-prettier": "^4.2.1",
         "jsdoc-to-markdown": "^8.0.1",
         "mocha": "^10.6.0",
         "nock": "^13.5.4",
+        "prettier": "^2.8.8",
         "tsd": "^0.31.1",
-        "typescript": "^5.4.2",
-        "uuid": "^8.3.2"
+        "typescript": "^5.4.2"
     },
     "scripts": {
         "build-docs": "jsdoc2md src/client.js > docs/client.md && jsdoc2md src/crypto/index.js > docs/crypto.md && jsdoc2md src/crypto/forge.js > docs/forge.md",
@@ -60,5 +65,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "586725a15c561436cda37de830b278907a6fc3f5"
+    "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
 }

packages/core/acme-client/src/agents.js

@@ -1,94 +0,0 @@
-const nodeHttp = require('node:http');
-const https = require('node:https');
-const { HttpProxyAgent } = require('http-proxy-agent');
-const { HttpsProxyAgent } = require('https-proxy-agent');
-const { log } = require('./logger');
-
-function createAgent(opts = {}) {
-    let httpAgent;
-    let
-        httpsAgent;
-    const httpProxy = opts.httpProxy || process.env.HTTP_PROXY || process.env.http_proxy;
-    if (httpProxy) {
-        log(`acme use httpProxy:${httpProxy}`);
-        httpAgent = new HttpProxyAgent(httpProxy, opts);
-    }
-    else {
-        httpAgent = new nodeHttp.Agent(opts);
-    }
-    const httpsProxy = opts.httpsProxy || process.env.HTTPS_PROXY || process.env.https_proxy;
-    if (httpsProxy) {
-        log(`acme use httpsProxy:${httpsProxy}`);
-        httpsAgent = new HttpsProxyAgent(httpsProxy, opts);
-    }
-    else {
-        httpsAgent = new https.Agent(opts);
-    }
-    return {
-        httpAgent,
-        httpsAgent,
-    };
-}
-
-let defaultAgents = createAgent();
-
-function getGlobalAgents() {
-    return defaultAgents;
-}
-
-function setGlobalProxy(opts) {
-    log('acme setGlobalProxy:', opts);
-    defaultAgents = createAgent(opts);
-}
-
-class HttpError extends Error {
-    constructor(error) {
-        super(error || error.message);
-        if (!error) {
-            return;
-        }
-
-        if (error.message.indexOf('ssl3_get_record:wrong version number') >= 0) {
-            this.message = 'http协议错误，服务端要求http协议，请检查是否使用了https请求';
-        }
-
-        this.name = error.name;
-        this.code = error.code;
-        this.cause = error.cause;
-
-        if (error.response) {
-            this.status = error.response.status;
-            this.statusText = error.response.statusText;
-            this.response = {
-                data: error.response.data,
-            };
-        }
-
-        let url = '';
-        if (error.config) {
-            this.request = {
-                baseURL: error.config.baseURL,
-                url: error.config.url,
-                method: error.config.method,
-                params: error.config.params,
-                data: error.config.data,
-            };
-            url = error.config.baseURL + error.config.url;
-        }
-        if (url) {
-            this.message = `${this.message}:${url}`;
-        }
-
-        delete error.response;
-        delete error.config;
-        delete error.request;
-        // logger.error(error);
-    }
-}
-
-module.exports = {
-    setGlobalProxy,
-    createAgent,
-    getGlobalAgents,
-    HttpError,
-};

packages/core/acme-client/src/api.js

@@ -1,9 +1,7 @@
 /**
  * ACME API client
  */
-
-const util = require('./util');
-const { log } = require('./logger');
+import  * as util  from './util.js';
 
 /**
  * AcmeApi
@@ -248,4 +246,4 @@ class AcmeApi {
 }
 
 /* Export API */
-module.exports = AcmeApi;
+export default AcmeApi;

packages/core/acme-client/src/auto.js

@@ -1,10 +1,11 @@
 /**
  * ACME auto helper
  */
+import { readCsrDomains } from './crypto/index.js';
+import { log } from './logger.js';
+import { wait } from './wait.js';
+import { CancelError } from './error.js';
 
-const { readCsrDomains } = require('./crypto');
-const { log } = require('./logger');
-const { wait } = require('./wait');
 
 const defaultOpts = {
     csr: null,
@@ -29,7 +30,7 @@ const defaultOpts = {
  * @returns {Promise<buffer>} Certificate
  */
 
-module.exports = async (client, userOpts) => {
+export default  async (client, userOpts) => {
     const opts = { ...defaultOpts, ...userOpts };
     const accountPayload = { termsOfServiceAgreed: opts.termsOfServiceAgreed };
 
@@ -250,7 +251,7 @@ module.exports = async (client, userOpts) => {
             i += 1;
             log(`开始第${i}组`);
             if (opts.signal && opts.signal.aborted) {
-                throw new Error('用户取消');
+                throw new CancelError('用户取消');
             }
 
             try {

packages/core/acme-client/src/axios.js

@@ -1,14 +1,11 @@
 /**
  * Axios instance
  */
-const axios = require('axios');
-const { parseRetryAfterHeader } = require('./util');
-const { log } = require('./logger');
-const pkg = require('./../package.json');
-const Agents = require('./agents');
-
+import axios from 'axios';
+import { parseRetryAfterHeader } from './util.js';
+import { log } from './logger.js';
 const { AxiosError } = axios;
-
+import {getGlobalAgents, HttpError} from '@certd/basic'
 /**
  * Defaults
  */
@@ -16,7 +13,7 @@ const { AxiosError } = axios;
 const instance = axios.create();
 
 /* Default User-Agent */
-instance.defaults.headers.common['User-Agent'] = `node-${pkg.name}/${pkg.version}`;
+instance.defaults.headers.common['User-Agent'] = `@certd/acme-client`;
 
 /* Default ACME settings */
 instance.defaults.acmeSettings = {
@@ -75,7 +72,7 @@ function validateStatus(response) {
         response,
     );
 
-    throw new Agents.HttpError(err);
+    throw new HttpError(err);
 }
 
 /* Pass all responses through the error interceptor */
@@ -85,7 +82,7 @@ instance.interceptors.request.use((config) => {
     }
     config.validateStatus = () => false;
 
-    const agents = Agents.getGlobalAgents();
+    const agents = getGlobalAgents();
     // if (config.skipSslVerify) {
     //     logger.info('跳过SSL验证');
     //     agents = createAgent({ rejectUnauthorized: false } as any);
@@ -102,7 +99,7 @@ instance.interceptors.response.use(null, async (error) => {
     const { config, response } = error;
 
     if (!config) {
-        return Promise.reject(new Agents.HttpError(error));
+        return Promise.reject(new HttpError(error));
     }
 
     /* Pick up errors we want to retry */
@@ -114,17 +111,19 @@ instance.interceptors.response.use(null, async (error) => {
             const code = response ? `HTTP ${response.status}` : error.code;
             log(`Caught ${code}, retry attempt ${config.retryAttempt}/${retryMaxAttempts} to URL ${config.url}`);
 
+            const retryAfter = (retryDefaultDelay * config.retryAttempt);
             /* Attempt to parse Retry-After header, fallback to default delay */
-            let retryAfter = response ? parseRetryAfterHeader(response.headers['retry-after']) : 0;
+            const headerRetryAfter = response ? parseRetryAfterHeader(response.headers['retry-after']) : 0;
 
-            if (retryAfter > 0) {
-                log(`Found retry-after response header with value: ${response.headers['retry-after']}, waiting ${retryAfter} seconds`);
-            }
-            else {
-                retryAfter = (retryDefaultDelay * config.retryAttempt);
-                log(`Unable to locate or parse retry-after response header, waiting ${retryAfter} seconds`);
+            if (headerRetryAfter > 0) {
+                const waitMinutes = (headerRetryAfter / 60).toFixed(1);
+                log(`Found retry-after response header with value: ${response.headers['retry-after']}, waiting ${waitMinutes} minutes`);
+                log(JSON.stringify(response.data));
+                return Promise.reject(new HttpError(error));
             }
 
+            log(`waiting ${retryAfter} seconds`);
+
             /* Wait and retry the request */
             await new Promise((resolve) => { setTimeout(resolve, (retryAfter * 1000)); });
             return instance(config);
@@ -132,7 +131,7 @@ instance.interceptors.response.use(null, async (error) => {
     }
 
     if (!response) {
-        return Promise.reject(new Agents.HttpError(error));
+        return Promise.reject(new HttpError(error));
     }
     /* Validate and return response */
     return validateStatus(response);
@@ -142,4 +141,4 @@ instance.interceptors.response.use(null, async (error) => {
  * Export instance
  */
 
-module.exports = instance;
+export default instance;

packages/core/acme-client/src/client.js

@@ -3,15 +3,17 @@
  *
  * @namespace Client
  */
+import { createHash } from 'crypto';
+import  { getPemBodyAsB64u } from './crypto/index.js';
+import { log } from './logger.js';
+import HttpClient from './http.js';
+import AcmeApi from './api.js';
+import verify from './verify.js';
+import * as util from './util.js';
+import auto from './auto.js';
+import { CancelError } from './error.js';
+
 
-const { createHash } = require('crypto');
-const { getPemBodyAsB64u } = require('./crypto');
-const { log } = require('./logger');
-const HttpClient = require('./http');
-const AcmeApi = require('./api');
-const verify = require('./verify');
-const util = require('./util');
-const auto = require('./auto');
 
 /**
  * ACME states
@@ -490,9 +492,10 @@ class AcmeClient {
 
         const keyAuthorization = await this.getChallengeKeyAuthorization(challenge);
 
-        const verifyFn = async () => {
+        const verifyFn = async (abort) => {
             if (this.opts.signal && this.opts.signal.aborted) {
-                throw new Error('用户取消');
+                abort();
+                throw new CancelError('用户取消');
             }
             await verify[challenge.type](authz, challenge, keyAuthorization);
         };
@@ -518,7 +521,7 @@ class AcmeClient {
 
     async completeChallenge(challenge) {
         if (this.opts.signal && this.opts.signal.aborted) {
-            throw new Error('用户取消');
+            throw new CancelError('用户取消');
         }
         const resp = await this.api.completeChallenge(challenge.url, {});
         return resp.data;
@@ -559,7 +562,7 @@ class AcmeClient {
         const verifyFn = async (abort) => {
             if (this.opts.signal && this.opts.signal.aborted) {
                 abort();
-                throw new Error('用户取消');
+                throw new CancelError('用户取消');
             }
 
             const resp = await this.api.apiRequest(item.url, null, [200]);
@@ -717,4 +720,4 @@ class AcmeClient {
 }
 
 /* Export client */
-module.exports = AcmeClient;
+export default  AcmeClient;

packages/core/acme-client/src/crypto/forge.js

@@ -6,11 +6,10 @@
  *
  * @namespace forge
  */
-
-const net = require('net');
-const { promisify } = require('util');
-const forge = require('node-forge');
-const { createPrivateEcdsaKey, getPublicKey } = require('./index');
+import net from 'net';
+import { promisify } from 'util';
+import forge from 'node-forge';
+import { createPrivateEcdsaKey } from './index.js';
 
 const generateKeyPair = promisify(forge.pki.rsa.generateKeyPair);
 
@@ -113,13 +112,12 @@ function parseDomains(obj) {
  * ```
  */
 
-async function createPrivateKey(size = 2048) {
+export async function createPrivateKey(size = 2048) {
     const keyPair = await generateKeyPair({ bits: size });
     const pemKey = forge.pki.privateKeyToPem(keyPair.privateKey);
     return Buffer.from(pemKey);
 }
 
-exports.createPrivateKey = createPrivateKey;
 
 /**
  * Create public key from a private RSA key
@@ -133,7 +131,7 @@ exports.createPrivateKey = createPrivateKey;
  * ```
  */
 
-exports.createPublicKey = async (key) => {
+export const createPublicKey = async (key) => {
     const privateKey = forge.pki.privateKeyFromPem(key);
     const publicKey = forge.pki.rsa.setPublicKey(privateKey.n, privateKey.e);
     const pemKey = forge.pki.publicKeyToPem(publicKey);
@@ -148,7 +146,7 @@ exports.createPublicKey = async (key) => {
  * @returns {string} PEM body
  */
 
-exports.getPemBody = (str) => {
+export const getPemBody = (str) => {
     const msg = forge.pem.decode(str)[0];
     return forge.util.encode64(msg.body);
 };
@@ -160,7 +158,7 @@ exports.getPemBody = (str) => {
  * @returns {string[]} Array of PEM bodies
  */
 
-exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
+export const splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
 
 /**
  * Get modulus
@@ -176,7 +174,7 @@ exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
  * ```
  */
 
-exports.getModulus = async (input) => {
+export const getModulus = async (input) => {
     if (!Buffer.isBuffer(input)) {
         input = Buffer.from(input);
     }
@@ -199,7 +197,7 @@ exports.getModulus = async (input) => {
  * ```
  */
 
-exports.getPublicExponent = async (input) => {
+export const getPublicExponent = async (input) => {
     if (!Buffer.isBuffer(input)) {
         input = Buffer.from(input);
     }
@@ -223,7 +221,7 @@ exports.getPublicExponent = async (input) => {
  * ```
  */
 
-exports.readCsrDomains = async (csr) => {
+export const readCsrDomains = async (csr) => {
     if (!Buffer.isBuffer(csr)) {
         csr = Buffer.from(csr);
     }
@@ -251,7 +249,7 @@ exports.readCsrDomains = async (csr) => {
  * ```
  */
 
-exports.readCertificateInfo = async (cert) => {
+export const readCertificateInfo = async (cert) => {
     if (!Buffer.isBuffer(cert)) {
         cert = Buffer.from(cert);
     }
@@ -379,7 +377,7 @@ function formatCsrAltNames(altNames) {
  * }, certificateKey);
  */
 
-exports.createCsr = async (data, keyType = null) => {
+export const createCsr = async (data, keyType = null) => {
     let key = null;
     if (keyType === 'ec') {
         key = await createPrivateEcdsaKey();

packages/core/acme-client/src/crypto/index.js

@@ -3,12 +3,12 @@
  *
  * @namespace crypto
  */
+import  net from 'net';
+import { promisify } from 'util';
+import crypto from 'crypto';
+import asn1js from 'asn1js';
+import x509 from '@peculiar/x509';
 
-const net = require('net');
-const { promisify } = require('util');
-const crypto = require('crypto');
-const asn1js = require('asn1js');
-const x509 = require('@peculiar/x509');
 
 const randomInt = promisify(crypto.randomInt);
 const generateKeyPair = promisify(crypto.generateKeyPair);
@@ -67,7 +67,7 @@ function getKeyInfo(keyPem) {
  * ```
  */
 
-async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
+export async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
     const pair = await generateKeyPair('rsa', {
         modulusLength,
         privateKeyEncoding: {
@@ -79,7 +79,6 @@ async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8')
     return Buffer.from(pair.privateKey);
 }
 
-exports.createPrivateRsaKey = createPrivateRsaKey;
 
 /**
  * Alias of `createPrivateRsaKey()`
@@ -87,7 +86,7 @@ exports.createPrivateRsaKey = createPrivateRsaKey;
  * @function
  */
 
-exports.createPrivateKey = createPrivateRsaKey;
+export const createPrivateKey = createPrivateRsaKey;
 
 /**
  * Generate a private ECDSA key
@@ -106,7 +105,7 @@ exports.createPrivateKey = createPrivateRsaKey;
  * ```
  */
 
-exports.createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
+export const createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
     const pair = await generateKeyPair('ec', {
         namedCurve,
         privateKeyEncoding: {
@@ -130,7 +129,7 @@ exports.createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkc
  * ```
  */
 
-exports.getPublicKey = (keyPem) => {
+export const getPublicKey = (keyPem) => {
     const info = getKeyInfo(keyPem);
 
     const publicKey = info.publicKey.export({
@@ -155,7 +154,7 @@ exports.getPublicKey = (keyPem) => {
  * ```
  */
 
-function getJwk(keyPem) {
+export function getJwk(keyPem) {
     const jwk = crypto.createPublicKey(keyPem).export({
         format: 'jwk',
     });
@@ -167,7 +166,6 @@ function getJwk(keyPem) {
     }, {});
 }
 
-exports.getJwk = getJwk;
 
 /**
  * Produce CryptoKeyPair and signing algorithm from a PEM encoded private key
@@ -215,7 +213,7 @@ async function getWebCryptoKeyPair(keyPem) {
  * @returns {string[]} Array of PEM objects including headers
  */
 
-function splitPemChain(chainPem) {
+export function splitPemChain(chainPem) {
     if (Buffer.isBuffer(chainPem)) {
         chainPem = chainPem.toString();
     }
@@ -225,7 +223,6 @@ function splitPemChain(chainPem) {
         .map((params) => x509.PemConverter.encode([params]));
 }
 
-exports.splitPemChain = splitPemChain;
 
 /**
  * Parse body of PEM encoded object and return a Base64URL string
@@ -235,7 +232,7 @@ exports.splitPemChain = splitPemChain;
  * @returns {string} Base64URL-encoded body
  */
 
-exports.getPemBodyAsB64u = (pem) => {
+export const getPemBodyAsB64u = (pem) => {
     const chain = splitPemChain(pem);
 
     if (!chain.length) {
@@ -286,7 +283,7 @@ function parseDomains(input) {
  * ```
  */
 
-exports.readCsrDomains = (csrPem) => {
+export const readCsrDomains = (csrPem) => {
     if (Buffer.isBuffer(csrPem)) {
         csrPem = csrPem.toString();
     }
@@ -315,7 +312,7 @@ exports.readCsrDomains = (csrPem) => {
  * ```
  */
 
-exports.readCertificateInfo = (certPem) => {
+export const readCertificateInfo = (certPem) => {
     if (Buffer.isBuffer(certPem)) {
         certPem = certPem.toString();
     }
@@ -449,7 +446,7 @@ function createSubjectAltNameExtension(altNames) {
  * ```
  */
 
-exports.createCsr = async (data, keyPem = null) => {
+export const createCsr = async (data, keyPem = null) => {
     if (!keyPem) {
         keyPem = await createPrivateRsaKey(data.keySize);
     }
@@ -520,7 +517,7 @@ exports.createCsr = async (data, keyPem = null) => {
  * ```
  */
 
-exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) => {
+export const createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) => {
     if (!keyPem) {
         keyPem = await createPrivateRsaKey();
     }
@@ -583,7 +580,7 @@ exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) =
  * @returns {boolean} True when valid
  */
 
-exports.isAlpnCertificateAuthorizationValid = (certPem, keyAuthorization) => {
+export const isAlpnCertificateAuthorizationValid = (certPem, keyAuthorization) => {
     const expected = crypto.createHash('sha256').update(keyAuthorization).digest('hex');
 
     /* Attempt to locate ALPN extension */

packages/core/acme-client/src/error.js

@@ -0,0 +1,7 @@
+export class CancelError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'CancelError';
+    }
+}
+

packages/core/acme-client/src/http.js

@@ -1,11 +1,11 @@
 /**
  * ACME HTTP client
  */
-
-const { createHmac, createSign, constants: { RSA_PKCS1_PADDING } } = require('crypto');
-const { getJwk } = require('./crypto');
-const { log } = require('./logger');
-const axios = require('./axios');
+import { createHmac, createSign, constants } from 'crypto';
+const { RSA_PKCS1_PADDING } = constants;
+import axios from './axios.js';
+import { log } from './logger.js';
+import { getJwk } from './crypto/index.js';
 
 /**
  * ACME HTTP client
@@ -324,4 +324,4 @@ class HttpClient {
 }
 
 /* Export client */
-module.exports = HttpClient;
+export default HttpClient;

packages/core/acme-client/src/index.js

@@ -1,14 +1,14 @@
 /**
  * acme-client
  */
-
-exports.Client = require('./client');
+import AcmeClinet  from './client.js'
+export const Client = AcmeClinet
 
 /**
  * Directory URLs
  */
 
-exports.directory = {
+export const directory = {
     buypass: {
         staging: 'https://api.test4.buypass.no/acme/directory',
         production: 'https://api.buypass.com/acme/directory',
@@ -31,20 +31,18 @@ exports.directory = {
  * Crypto
  */
 
-exports.crypto = require('./crypto');
-exports.forge = require('./crypto/forge');
+export * as crypto from './crypto/index.js'
+export * as forge from './crypto/forge.js'
 
 /**
  * Axios
  */
 
-exports.axios = require('./axios');
-exports.agents = require('./agents');
-
+export *  from './axios.js'
 /**
  * Logger
  */
 
-exports.setLogger = require('./logger').setLogger;
-
-exports.walkTxtRecord = require('./verify').walkTxtRecord;
+export * from './logger.js'
+export * from './verify.js'
+export * from './error.js'

packages/core/acme-client/src/logger.js

@@ -2,7 +2,8 @@
  * ACME logger
  */
 
-const debug = require('debug')('acme-client');
+import debugg from 'debug'
+const debug = debugg('acme-client');
 
 let logger = () => {};
 
@@ -12,7 +13,7 @@ let logger = () => {};
  * @param {function} fn Logger function
  */
 
-exports.setLogger = (fn) => {
+export const setLogger = (fn) => {
     logger = fn;
 };
 
@@ -22,7 +23,7 @@ exports.setLogger = (fn) => {
  * @param {string} msg Message
  */
 
-exports.log = (...msg) => {
+export const  log = (...msg) => {
     debug(...msg);
     logger(...msg);
 };

packages/core/acme-client/src/util.js

@@ -2,11 +2,12 @@
  * Utility methods
  */
 
-const tls = require('tls');
-const dns = require('dns').promises;
-const { readCertificateInfo, splitPemChain } = require('./crypto');
-const { log } = require('./logger');
+import tls from 'tls';
+import dnsSdk from 'dns';
+import { readCertificateInfo, splitPemChain }from './crypto/index.js'
+import { log } from './logger.js'
 
+const dns = dnsSdk.promises;
 /**
  * Exponential backoff
  *
@@ -329,7 +330,7 @@ async function retrieveTlsAlpnCertificate(host, port, timeout = 30000) {
  * Export utils
  */
 
-module.exports = {
+export {
     retry,
     parseLinkHeader,
     parseRetryAfterHeader,
@@ -338,3 +339,4 @@ module.exports = {
     getAuthoritativeDnsResolver,
     retrieveTlsAlpnCertificate,
 };
+

packages/core/acme-client/src/verify.js

@@ -2,13 +2,15 @@
  * ACME challenge verification
  */
 
-const dns = require('dns').promises;
-const https = require('https');
-const { log } = require('./logger');
-const axios = require('./axios');
-const util = require('./util');
-const { isAlpnCertificateAuthorizationValid } = require('./crypto');
+import dnsSdk from "dns"
+import https from 'https'
+import {log} from './logger.js'
+import axios from './axios.js'
+import * as util from './util.js'
+import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'
 
+
+const dns = dnsSdk.promises
 /**
  * Verify ACME HTTP challenge
  *
@@ -79,7 +81,7 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
     }
 }
 
-async function walkTxtRecord(recordName) {
+export async function walkTxtRecord(recordName) {
     try {
         /* Default DNS resolver first */
         log('Attempting to resolve TXT with default DNS resolver first');
@@ -153,9 +155,8 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
  * Export API
  */
 
-module.exports = {
+export default {
     'http-01': verifyHttpChallenge,
     'dns-01': verifyDnsChallenge,
     'tls-alpn-01': verifyTlsAlpnChallenge,
-    walkTxtRecord,
 };

packages/core/acme-client/src/wait.js

@@ -1,9 +1,5 @@
-async function wait(ms) {
+export async function wait(ms) {
     return new Promise((resolve) => {
         setTimeout(resolve, ms);
     });
 }
-
-module.exports = {
-    wait
-};

packages/core/acme-client/tsconfig.json

@@ -1,13 +0,0 @@
-{
-    "compileOnSave": false,
-    "compilerOptions": {
-        "module": "commonjs",
-        "lib": ["es6"],
-        "strict": true,
-        "noEmit": false,
-        "esModuleInterop": true,
-        "baseUrl": ".",
-        "composite": true,
-        "paths": { "acme-client": ["."] }
-    }
-}

packages/core/acme-client/types/index.d.ts

@@ -198,6 +198,8 @@ export const agents: any;
  * Logger
  */
 
-export function setLogger(fn: (msg: string) => void): void;
+export function setLogger(fn: (message: any, ...args: any[]) => void): void;
 
 export function walkTxtRecord(record: any): Promise<string[]>;
+
+export const CancelError: Error;

packages/core/acme-client/types/index.test-d.js

@@ -0,0 +1,137 @@
+"use strict";
+/**
+ * acme-client type definition tests
+ */
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (g && (g = 0, op[0] && (_ = 0)), _) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+var acme = require("acme-client");
+(function () { return __awaiter(void 0, void 0, void 0, function () {
+    var accountKey, client, order, authorizations, authorization, challenge, _a, certKey, certCsr;
+    return __generator(this, function (_b) {
+        switch (_b.label) {
+            case 0: return [4 /*yield*/, acme.crypto.createPrivateKey()];
+            case 1:
+                accountKey = _b.sent();
+                client = new acme.Client({
+                    accountKey: accountKey,
+                    directoryUrl: acme.directory.letsencrypt.staging
+                });
+                /* Account */
+                return [4 /*yield*/, client.createAccount({
+                        termsOfServiceAgreed: true,
+                        contact: ['mailto:test@example.com']
+                    })];
+            case 2:
+                /* Account */
+                _b.sent();
+                return [4 /*yield*/, client.createOrder({
+                        identifiers: [
+                            { type: 'dns', value: 'example.com' },
+                            { type: 'dns', value: '*.example.com' },
+                        ]
+                    })];
+            case 3:
+                order = _b.sent();
+                return [4 /*yield*/, client.getOrder(order)];
+            case 4:
+                _b.sent();
+                return [4 /*yield*/, client.getAuthorizations(order)];
+            case 5:
+                authorizations = _b.sent();
+                authorization = authorizations[0];
+                challenge = authorization.challenges[0];
+                return [4 /*yield*/, client.getChallengeKeyAuthorization(challenge)];
+            case 6:
+                _b.sent();
+                return [4 /*yield*/, client.verifyChallenge(authorization, challenge)];
+            case 7:
+                _b.sent();
+                return [4 /*yield*/, client.completeChallenge(challenge)];
+            case 8:
+                _b.sent();
+                return [4 /*yield*/, client.waitForValidStatus(challenge)];
+            case 9:
+                _b.sent();
+                return [4 /*yield*/, acme.crypto.createCsr({
+                        commonName: 'example.com',
+                        altNames: ['example.com', '*.example.com']
+                    })];
+            case 10:
+                _a = _b.sent(), certKey = _a[0], certCsr = _a[1];
+                return [4 /*yield*/, client.finalizeOrder(order, certCsr)];
+            case 11:
+                _b.sent();
+                return [4 /*yield*/, client.getCertificate(order)];
+            case 12:
+                _b.sent();
+                return [4 /*yield*/, client.getCertificate(order, 'DST Root CA X3')];
+            case 13:
+                _b.sent();
+                /* Auto */
+                return [4 /*yield*/, client.auto({
+                        csr: certCsr,
+                        challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); },
+                        challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); }
+                    })];
+            case 14:
+                /* Auto */
+                _b.sent();
+                return [4 /*yield*/, client.auto({
+                        csr: certCsr,
+                        email: 'test@example.com',
+                        termsOfServiceAgreed: false,
+                        skipChallengeVerification: false,
+                        challengePriority: ['http-01', 'dns-01'],
+                        preferredChain: 'DST Root CA X3',
+                        challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); },
+                        challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); }
+                    })];
+            case 15:
+                _b.sent();
+                return [2 /*return*/];
+        }
+    });
+}); })();

packages/core/basic/.npmrc

@@ -1,2 +1,2 @@
-link-workspace-packages=true
+link-workspace-packages=deep
 prefer-workspace-packages=true

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,83 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Performance Improvements
+
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.7](https://github.com/certd/certd/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.6](https://github.com/certd/certd/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.5](https://github.com/certd/certd/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+### Performance Improvements
+
+* 系统设置中的代理设置优化为可全局生效，环境变量中的https_proxy设置将无效 ([381a37f](https://github.com/certd/certd/commit/381a37fbaa6b61c887eda743897ae00afb825bdf))
+* 新手导航在非编辑模式下不显示 ([18bfcc2](https://github.com/certd/certd/commit/18bfcc24ad0bde57bb04db8a4209861ec6b8ff1d))
+* 优化腾讯云 cloudflare 重复解析记录时的返回值 ([90d1b68](https://github.com/certd/certd/commit/90d1b68bd6cf232fbe085234efe07d29b7690044))
+
+## [1.27.4](https://github.com/certd/certd/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.3](https://github.com/certd/certd/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+### Bug Fixes
+
+* 修复ipv6未开启情况下，请求带有ipv6地址域名报ETIMEDOUT的bug ([a9a0967](https://github.com/certd/certd/commit/a9a0967a6f1d0bd27e69f3ec52c31d90d470bc23))
+
+## [1.27.2](https://github.com/certd/certd/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+### Performance Improvements
+
+* 支持公共cname服务 ([3c919ee](https://github.com/certd/certd/commit/3c919ee5d1aef5d26cf3620a7c49d920786bc941))
+
+## [1.27.1](https://github.com/certd/certd/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+### Performance Improvements
+
+* cname 域名映射记录可读性优化 ([b1117ed](https://github.com/certd/certd/commit/b1117ed54a3ef015752999324ff72b821ef5e4b9))
+
+# [1.27.0](https://github.com/certd/certd/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.26.16](https://github.com/certd/certd/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+### Performance Improvements
+
+* 支持华为云cdn ([81a3fdb](https://github.com/certd/certd/commit/81a3fdbc29b71f380762008cc151493ec97458f9))
+
+## [1.26.15](https://github.com/certd/certd/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.26.14](https://github.com/certd/certd/compare/v1.26.13...v1.26.14) (2024-10-26)
 
 ### Bug Fixes

packages/core/basic/build.md

@@ -1 +1 @@
-02:53
+22:42

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.26.14",
+  "version": "1.28.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,52 +17,31 @@
   "dependencies": {
     "axios": "^1.7.2",
     "dayjs": "^1.11.7",
-    "fix-path": "^4.0.0",
     "http-proxy-agent": "^7.0.2",
     "https-proxy-agent": "^7.0.5",
+    "iconv-lite": "^0.6.3",
     "lodash-es": "^4.17.21",
+    "log4js": "^6.9.1",
     "lru-cache": "^10.0.0",
     "nanoid": "^5.0.7",
     "node-forge": "^1.3.1",
-    "nodemailer": "^6.9.3",
-    "proxy-agent": "^6.4.0",
-    "qs": "^6.11.2"
+    "nodemailer": "^6.9.3"
   },
   "devDependencies": {
-    "@rollup/plugin-commonjs": "^23.0.4",
-    "@rollup/plugin-json": "^6.0.0",
-    "@rollup/plugin-node-resolve": "^15.0.1",
-    "@rollup/plugin-terser": "^0.4.3",
-    "@rollup/plugin-typescript": "^11.0.0",
     "@types/chai": "^4.3.10",
     "@types/lodash-es": "^4.17.12",
     "@types/mocha": "^10.0.1",
     "@types/node-forge": "^1.3.2",
-    "@types/uuid": "^9.0.2",
     "@typescript-eslint/eslint-plugin": "^5.59.7",
     "@typescript-eslint/parser": "^5.59.7",
     "chai": "4.3.10",
-    "dayjs": "^1.11.7",
     "eslint": "^8.41.0",
     "eslint-config-prettier": "^8.8.0",
-    "eslint-plugin-import": "^2.27.5",
-    "eslint-plugin-node": "^11.1.0",
     "eslint-plugin-prettier": "^4.2.1",
-    "iconv-lite": "^0.6.3",
-    "log4js": "^6.9.1",
-    "mocha": "^10.2.0",
     "prettier": "^2.8.8",
-    "reflect-metadata": "^0.1.13",
     "rimraf": "^5.0.5",
-    "rollup": "^3.7.4",
-    "rollup-plugin-typescript2": "^0.34.1",
-    "rollup-plugin-visualizer": "^5.8.2",
-    "ts-node": "^10.9.1",
-    "tsc-esm-fix": "^3.0.0",
-    "tslib": "^2.5.2",
-    "typescript": "^5.4.2",
-    "vite": "^4.3.8",
-    "vue-tsc": "^1.6.5"
+    "tslib": "^2.8.1",
+    "typescript": "^5.4.2"
   },
-  "gitHead": "586725a15c561436cda37de830b278907a6fc3f5"
+  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
 }

packages/core/basic/src/index.ts

@@ -1 +1,2 @@
 export * from './utils/index.js';
+export * from './utils/util.id.js';

packages/core/basic/src/utils/index.ts

@@ -1,4 +1,5 @@
 export * from './util.request.js';
+export * from './util.env.js';
 export * from './util.log.js';
 export * from './util.file.js';
 export * from './util.sp.js';
@@ -6,9 +7,11 @@ export * from './util.promise.js';
 export * from './util.hash.js';
 export * from './util.merge.js';
 export * from './util.cache.js';
+export * from './util.string.js';
+import { stringUtils } from './util.string.js';
 import sleep from './util.sleep.js';
-import { http } from './util.request.js';
-import { nanoid } from 'nanoid';
+import { http, download } from './util.request.js';
+
 import { mergeUtils } from './util.merge.js';
 import { sp } from './util.sp.js';
 import { hashUtils } from './util.hash.js';
@@ -19,10 +22,12 @@ import { cache } from './util.cache.js';
 import dayjs from 'dayjs';
 import { domainUtils } from './util.domain.js';
 import { optionsUtils } from './util.options.js';
-
+import { nanoid } from 'nanoid';
+import * as id from './util.id.js';
 export const utils = {
   sleep,
   http,
+  download,
   sp,
   hash: hashUtils,
   promises,
@@ -31,7 +36,9 @@ export const utils = {
   mergeUtils,
   cache,
   nanoid,
+  id,
   dayjs,
   domain: domainUtils,
   options: optionsUtils,
+  string: stringUtils,
 };

packages/core/basic/src/utils/util.cache.ts

@@ -1,6 +1,6 @@
 // LRUCache
 
-import { LRUCache } from "lru-cache";
+import { LRUCache } from 'lru-cache';
 
 export const cache = new LRUCache<string, any>({
   max: 1000,

packages/core/basic/src/utils/util.env.ts

@@ -0,0 +1,4 @@
+export function isDev() {
+  const nodeEnv = process.env.NODE_ENV || '';
+  return nodeEnv === 'development' || nodeEnv.indexOf('local') >= 0;
+}

packages/core/basic/src/utils/util.hash.ts

@@ -1,7 +1,7 @@
-import crypto from "crypto";
+import crypto from 'crypto';
 
 function md5(data: string) {
-  return crypto.createHash("md5").update(data).digest("hex");
+  return crypto.createHash('md5').update(data).digest('hex');
 }
 
 export const hashUtils = {

packages/core/basic/src/utils/util.id.ts

@@ -0,0 +1,4 @@
+import { customAlphabet } from 'nanoid';
+
+export const randomNumber = customAlphabet('1234567890', 4);
+export const simpleNanoId = customAlphabet('1234567890abcdefghijklmopqrstuvwxyz', 12);

packages/core/basic/src/utils/util.log.ts

@@ -1,4 +1,4 @@
-import log4js, { LoggingEvent, Logger } from "log4js";
+import log4js, { LoggingEvent, Logger } from 'log4js';
 
 const OutputAppender = {
   configure: (config: any, layouts: any, findAppender: any, levels: any) => {
@@ -18,18 +18,22 @@ const OutputAppender = {
   },
 };
 
-// @ts-ignore
-log4js.configure({
-  appenders: { std: { type: "stdout" }, output: { type: OutputAppender } },
-  categories: { default: { appenders: ["std"], level: "info" }, pipeline: { appenders: ["std", "output"], level: "info" } },
-});
-export const logger = log4js.getLogger("default");
+export function resetLogConfigure() {
+  // @ts-ignore
+  log4js.configure({
+    appenders: { std: { type: 'stdout' }, output: { type: OutputAppender } },
+    categories: { default: { appenders: ['std'], level: 'info' }, pipeline: { appenders: ['std', 'output'], level: 'info' } },
+  });
+}
+resetLogConfigure();
+export const logger = log4js.getLogger('default');
 
 export function buildLogger(write: (text: string) => void) {
-  const logger = log4js.getLogger("pipeline");
-  logger.addContext("outputHandler", {
+  const logger = log4js.getLogger('pipeline');
+  logger.addContext('outputHandler', {
     write,
   });
   return logger;
 }
+
 export type ILogger = Logger;

packages/core/basic/src/utils/util.merge.ts

@@ -1,4 +1,4 @@
-import _ from "lodash-es";
+import * as _ from 'lodash-es';
 function isUnMergeable(srcValue: any) {
   return srcValue != null && srcValue instanceof UnMergeable;
 }

packages/core/basic/src/utils/util.options.ts

@@ -19,7 +19,7 @@ function groupByDomain(options: any[], inDomains: string[]) {
 function buildGroupOptions(options: any[], inDomains: string[]) {
   const grouped = groupByDomain(options, inDomains);
   const groupOptions = [];
-  groupOptions.push({ value: '', disabled: true, label: '----已匹配----' });
+  groupOptions.push({ value: 'matched', disabled: true, label: '----已匹配----' });
   if (grouped.matched.length === 0) {
     options.push({ value: '', disabled: true, label: '没有可以匹配的域名' });
   } else {
@@ -28,7 +28,7 @@ function buildGroupOptions(options: any[], inDomains: string[]) {
     }
   }
   if (grouped.notMatched.length > 0) {
-    groupOptions.push({ value: '', disabled: true, label: '----未匹配----' });
+    groupOptions.push({ value: 'unmatched', disabled: true, label: '----未匹配----' });
     for (const notMatched of grouped.notMatched) {
       groupOptions.push(notMatched);
     }

packages/core/basic/src/utils/util.request.ts

@@ -1,11 +1,13 @@
 import axios, { AxiosRequestConfig } from 'axios';
-import { logger } from './util.log.js';
+import { ILogger, logger } from './util.log.js';
 import { Logger } from 'log4js';
 import { HttpProxyAgent } from 'http-proxy-agent';
 import { HttpsProxyAgent } from 'https-proxy-agent';
 import nodeHttp from 'http';
 import * as https from 'node:https';
 import { merge } from 'lodash-es';
+import { safePromise } from './util.promise.js';
+import fs from 'fs';
 export class HttpError extends Error {
   status?: number;
   statusText?: string;
@@ -17,18 +19,25 @@ export class HttpError extends Error {
     if (!error) {
       return;
     }
-    super(error.message);
+    super(error.message || error.response?.statusText);
 
-    if (error?.message?.indexOf('ssl3_get_record:wrong version number') >= 0) {
-      this.message = 'http协议错误，服务端要求http协议，请检查是否使用了https请求';
+    const message = error?.message;
+    if (message && typeof message === 'string') {
+      if (message.indexOf && message.indexOf('ssl3_get_record:wrong version number') >= 0) {
+        this.message = `${message}(http协议错误，服务端要求http协议，请检查是否使用了https请求)`;
+      } else if (message.indexOf('getaddrinfo EAI_AGAIN') >= 0) {
+        this.message = `${message}(无法解析域名，请检查网络连接或dns配置，更换docker-compose.yaml中dns配置)`;
+      }
     }
 
     this.name = error.name;
     this.code = error.code;
-    this.cause = error.cause;
 
     this.status = error.response?.status;
-    this.statusText = error.response?.statusText;
+    this.statusText = error.response?.statusText || error.code;
+    if (!this.message) {
+      this.message = error.code;
+    }
     this.request = {
       baseURL: error.config?.baseURL,
       url: error.config?.url,
@@ -38,16 +47,19 @@ export class HttpError extends Error {
     };
     let url = error.config?.url;
     if (error.config?.baseURL) {
-      url = error.config?.baseURL + url;
+      url = (error.config?.baseURL || '') + url;
     }
     if (url) {
-      this.message = `${this.message}  : url=${url}`;
+      this.message = `${this.message} 【${url}】`;
     }
 
     this.response = {
       data: error.response?.data,
     };
 
+    const { stack, cause } = error;
+    this.cause = cause;
+    this.stack = stack;
     delete error.response;
     delete error.config;
     delete error.request;
@@ -86,10 +98,22 @@ export function createAxiosService({ logger }: { logger: Logger }) {
         config.timeout = 15000;
       }
       let agents = defaultAgents;
-      if (config.skipSslVerify) {
-        logger.info('跳过SSL验证');
-        agents = createAgent({ rejectUnauthorized: false } as any);
+      if (config.skipSslVerify || config.httpProxy) {
+        let rejectUnauthorized = true;
+        if (config.skipSslVerify) {
+          logger.info('跳过SSL验证');
+          rejectUnauthorized = false;
+        }
+        const proxy: any = {};
+        if (config.httpProxy) {
+          logger.info('使用自定义http代理:', config.httpProxy);
+          proxy.httpProxy = config.httpProxy;
+          proxy.httpsProxy = config.httpProxy;
+        }
+
+        agents = createAgent({ rejectUnauthorized, ...proxy } as any);
       }
+
       delete config.skipSslVerify;
       config.httpsAgent = agents.httpsAgent;
       config.httpAgent = agents.httpAgent;
@@ -111,10 +135,18 @@ export function createAxiosService({ logger }: { logger: Logger }) {
   service.interceptors.response.use(
     (response: any) => {
       if (response?.config?.logRes !== false) {
-        logger.info(`http response : status=${response?.status},data=${JSON.stringify(response?.data)}`);
+        let resData = response?.data;
+        try {
+          resData = JSON.stringify(response?.data);
+        } catch (e) {}
+
+        logger.info(`http response : status=${response?.status},data=${resData}`);
       } else {
         logger.info('http response status:', response?.status);
       }
+      if (response?.config?.returnResponse) {
+        return response;
+      }
       return response.data;
     },
     (error: any) => {
@@ -161,7 +193,10 @@ export function createAxiosService({ logger }: { logger: Logger }) {
       );
       logger.error('返回数据:', JSON.stringify(error.response?.data));
       if (error.response?.data) {
-        error.message = error.response.data.message || error.response.data.msg || error.response.data.error || error.response.data;
+        const message = error.response.data.message || error.response.data.msg || error.response.data.error;
+        if (typeof message === 'string') {
+          error.message = message;
+        }
       }
       if (error instanceof AggregateError) {
         logger.error('AggregateError', error);
@@ -180,31 +215,51 @@ export type HttpRequestConfig<D = any> = {
   skipCheckRes?: boolean;
   logParams?: boolean;
   logRes?: boolean;
+  httpProxy?: string;
 } & AxiosRequestConfig<D>;
 export type HttpClient = {
   request<D = any, R = any>(config: HttpRequestConfig<D>): Promise<HttpClientResponse<R>>;
 };
 
+// const http_proxy_backup = process.env.HTTP_PROXY || process.env.http_proxy;
+// const https_proxy_backup = process.env.HTTPS_PROXY || process.env.https_proxy;
+
 export type CreateAgentOptions = {
   httpProxy?: string;
   httpsProxy?: string;
 } & nodeHttp.AgentOptions;
 export function createAgent(opts: CreateAgentOptions = {}) {
+  opts = merge(
+    {
+      autoSelectFamily: true,
+      autoSelectFamilyAttemptTimeout: 1000,
+    },
+    opts
+  );
+
   let httpAgent, httpsAgent;
-  const httpProxy = opts.httpProxy || process.env.HTTP_PROXY || process.env.http_proxy;
+  const httpProxy = opts.httpProxy;
   if (httpProxy) {
+    process.env.HTTP_PROXY = httpProxy;
+    process.env.http_proxy = httpProxy;
     logger.info('use httpProxy:', httpProxy);
     httpAgent = new HttpProxyAgent(httpProxy, opts as any);
     merge(httpAgent.options, opts);
   } else {
+    process.env.HTTP_PROXY = '';
+    process.env.http_proxy = '';
     httpAgent = new nodeHttp.Agent(opts);
   }
-  const httpsProxy = opts.httpsProxy || process.env.HTTPS_PROXY || process.env.https_proxy;
+  const httpsProxy = opts.httpsProxy;
   if (httpsProxy) {
+    process.env.HTTPS_PROXY = httpsProxy;
+    process.env.https_proxy = httpsProxy;
     logger.info('use httpsProxy:', httpsProxy);
     httpsAgent = new HttpsProxyAgent(httpsProxy, opts as any);
     merge(httpsAgent.options, opts);
   } else {
+    process.env.HTTPS_PROXY = '';
+    process.env.https_proxy = '';
     httpsAgent = new https.Agent(opts);
   }
   return {
@@ -212,3 +267,44 @@ export function createAgent(opts: CreateAgentOptions = {}) {
     httpsAgent,
   };
 }
+
+export async function download(req: { http: HttpClient; config: HttpRequestConfig; savePath: string; logger: ILogger }) {
+  const { http, config, savePath, logger } = req;
+  return safePromise((resolve, reject) => {
+    http
+      .request({
+        logRes: false,
+        responseType: 'stream',
+        ...config,
+      })
+      .then(res => {
+        const writer = fs.createWriteStream(savePath);
+        res.pipe(writer);
+        writer.on('close', () => {
+          logger.info('文件下载成功');
+          resolve(true);
+        });
+        //error
+        writer.on('error', err => {
+          logger.error('下载失败', err);
+          reject(err);
+        });
+        //进度条打印
+        const totalLength = res.headers['content-length'];
+        let currentLength = 0;
+        // 每5%打印一次
+        const step = (totalLength / 100) * 5;
+        res.on('data', (chunk: any) => {
+          currentLength += chunk.length;
+          if (currentLength % step < chunk.length) {
+            const percent = ((currentLength / totalLength) * 100).toFixed(2);
+            logger.info(`下载进度：${percent}%`);
+          }
+        });
+      })
+      .catch(err => {
+        logger.info('下载失败', err);
+        reject(err);
+      });
+  });
+}

packages/core/basic/src/utils/util.sp.ts

@@ -1,8 +1,8 @@
 //转换为import
-import childProcess from "child_process";
-import { safePromise } from "./util.promise.js";
-import { ILogger, logger } from "./util.log.js";
-
+import childProcess from 'child_process';
+import { safePromise } from './util.promise.js';
+import { ILogger, logger } from './util.log.js';
+import iconv from 'iconv-lite';
 export type ExecOption = {
   cmd: string | string[];
   env: any;
@@ -11,12 +11,12 @@ export type ExecOption = {
 };
 
 async function exec(opts: ExecOption): Promise<string> {
-  let cmd = "";
+  let cmd = '';
   const log = opts.logger || logger;
   if (opts.cmd instanceof Array) {
     for (const item of opts.cmd) {
       if (cmd) {
-        cmd += " && " + item;
+        cmd += ' && ' + item;
       } else {
         cmd = item;
       }
@@ -38,7 +38,7 @@ async function exec(opts: ExecOption): Promise<string> {
           log.error(`exec error: ${error}`);
           reject(error);
         } else {
-          const res = stdout.toString("utf-8");
+          const res = stdout.toString('utf-8');
           log.info(`stdout: ${res}`);
           resolve(res);
         }
@@ -55,13 +55,31 @@ export type SpawnOption = {
   logger?: ILogger;
   options?: any;
 };
+
+function isWindows() {
+  return process.platform === 'win32';
+}
+function convert(buffer: any) {
+  if (isWindows()) {
+    const decoded = iconv.decode(buffer, 'GBK');
+    // 检查是否有有效字符
+    return decoded && decoded.trim().length > 0 ? decoded : buffer.toString();
+  } else {
+    return buffer;
+  }
+}
+
+// function convert(buffer: any) {
+//   return buffer;
+// }
+
 async function spawn(opts: SpawnOption): Promise<string> {
-  let cmd = "";
+  let cmd = '';
   const log = opts.logger || logger;
   if (opts.cmd instanceof Array) {
     for (const item of opts.cmd) {
       if (cmd) {
-        cmd += " && " + item;
+        cmd += ' && ' + item;
       } else {
         cmd = item;
       }
@@ -70,8 +88,8 @@ async function spawn(opts: SpawnOption): Promise<string> {
     cmd = opts.cmd;
   }
   log.info(`执行命令: ${cmd}`);
-  let stdout = "";
-  let stderr = "";
+  let stdout = '';
+  let stderr = '';
   return safePromise((resolve, reject) => {
     const ls = childProcess.spawn(cmd, {
       shell: true,
@@ -81,21 +99,23 @@ async function spawn(opts: SpawnOption): Promise<string> {
       },
       ...opts.options,
     });
-    ls.stdout.on("data", (data) => {
+    ls.stdout.on('data', data => {
+      data = convert(data);
       log.info(`stdout: ${data}`);
       stdout += data;
     });
 
-    ls.stderr.on("data", (data) => {
-      log.error(`stderr: ${data}`);
+    ls.stderr.on('data', data => {
+      data = convert(data);
+      log.warn(`stderr: ${data}`);
       stderr += data;
     });
-    ls.on("error", (error) => {
+    ls.on('error', error => {
       log.error(`child process error: ${error}`);
       reject(error);
     });
 
-    ls.on("close", (code: number) => {
+    ls.on('close', (code: number) => {
       if (code !== 0) {
         log.error(`child process exited with code ${code}`);
         reject(new Error(stderr));

packages/core/basic/src/utils/util.string.ts

@@ -0,0 +1,8 @@
+export const stringUtils = {
+  maxLength(str?: string, length = 100) {
+    if (str) {
+      return str.length > length ? str.slice(0, length) + '...' : str;
+    }
+    return '';
+  },
+};

packages/core/basic/tsconfig.json

@@ -7,28 +7,27 @@
     "esModuleInterop": true,
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,
-    "inlineSourceMap":true,
     "noImplicitThis": true,
     "noUnusedLocals": true,
     "stripInternal": true,
+    "importHelpers": true,
     "skipLibCheck": true,
     "pretty": true,
     "declaration": true,
     "forceConsistentCasingInFileNames": true,
-    "typeRoots": [ "./typings", "./node_modules/@types"],
     "outDir": "dist",
     "rootDir": "src",
-    "composite": true,
+    "composite": false,
     "useDefineForClassFields": true,
     "strict": true,
-//    "sourceMap": true,
+    "typeRoots": [ "./typings", "./node_modules/@types"],
+    "inlineSourceMap": true,
     "resolveJsonModule": true,
     "isolatedModules": false,
     "lib": ["ESNext", "DOM"],
   },
   "include": [
     "src/**/*.ts",
-    "src/**/*.d.ts",
     "src/**/*.json"
   ],
   "exclude": [

packages/core/pipeline/.npmrc

@@ -1,2 +1,2 @@
-link-workspace-packages=true
+link-workspace-packages=deep
 prefer-workspace-packages=true

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,96 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+### Performance Improvements
+
+* 通知支持自定义webhook、anpush、iyuu、server酱 ([cbccd9e](https://github.com/certd/certd/commit/cbccd9e3d0a4c24aba772af62734666d40b22c57))
+* 通知支持vocechat、bark、telegram、discord、slack ([642f57f](https://github.com/certd/certd/commit/642f57ff6d7152a9e14f59c7fc0e32a6b1751fb7))
+
+## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.27.7](https://github.com/certd/certd/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+### Performance Improvements
+
+* 通知管理 ([d9a00ee](https://github.com/certd/certd/commit/d9a00eeaf72735ced67c59d7983d84e3c730064a))
+* 通知渠道支持测试按钮 ([b54ae27](https://github.com/certd/certd/commit/b54ae272ebc2d31b32b049d44e2299a6be7f153c))
+* 优化插件开发，dnsProvider无需写http logger 变量 ([fcbb5e4](https://github.com/certd/certd/commit/fcbb5e46a112174150a62648319b8224fce3b7ed))
+* 支持企业微信群聊机器人通知 ([b805a29](https://github.com/certd/certd/commit/b805a2925984144a31575b8aaa622f0c30d41b56))
+
+## [1.27.6](https://github.com/certd/certd/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.27.5](https://github.com/certd/certd/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+### Performance Improvements
+
+* 新手导航在非编辑模式下不显示 ([18bfcc2](https://github.com/certd/certd/commit/18bfcc24ad0bde57bb04db8a4209861ec6b8ff1d))
+
+## [1.27.4](https://github.com/certd/certd/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.27.3](https://github.com/certd/certd/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.27.2](https://github.com/certd/certd/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+### Performance Improvements
+
+* 支持公共cname服务 ([3c919ee](https://github.com/certd/certd/commit/3c919ee5d1aef5d26cf3620a7c49d920786bc941))
+
+## [1.27.1](https://github.com/certd/certd/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+### Performance Improvements
+
+* 优化时间选择器，自动填写分钟和秒钟 ([396dc34](https://github.com/certd/certd/commit/396dc34a841c7d016b033736afdba8366fb2d211))
+
+# [1.27.0](https://github.com/certd/certd/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.26.16](https://github.com/certd/certd/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+### Performance Improvements
+
+* 支持白山云cdn部署 ([b1b2cd0](https://github.com/certd/certd/commit/b1b2cd088b684eda764962abd61754c26a204d1c))
+
+## [1.26.15](https://github.com/certd/certd/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+### Performance Improvements
+
+* 默认证书更新时间设置为35天，增加腾讯云删除过期证书插件，可以避免腾讯云过期证书邮件 ([51b6fed](https://github.com/certd/certd/commit/51b6fed468eaa6f28ce4497ce303ace1a52abb96))
+
 ## [1.26.14](https://github.com/certd/certd/compare/v1.26.13...v1.26.14) (2024-10-26)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,9 +1,10 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.26.14",
+  "version": "1.28.2",
   "type": "module",
   "main": "./dist/index.js",
+  "module": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "scripts": {
     "dev": "vite",
@@ -15,20 +16,11 @@
     "test": "mocha   --loader=ts-node/esm"
   },
   "dependencies": {
-    "@certd/basic": "^1.26.14",
-    "@certd/plus-core": "^1.26.14",
-    "axios": "^1.7.2",
+    "@certd/basic": "^1.28.2",
+    "@certd/plus-core": "^1.28.2",
     "dayjs": "^1.11.7",
-    "fix-path": "^4.0.0",
-    "http-proxy-agent": "^7.0.2",
-    "https-proxy-agent": "^7.0.5",
     "lodash-es": "^4.17.21",
-    "lru-cache": "^10.0.0",
-    "nanoid": "^5.0.7",
-    "node-forge": "^1.3.1",
-    "nodemailer": "^6.9.3",
-    "proxy-agent": "^6.4.0",
-    "qs": "^6.11.2"
+    "reflect-metadata": "^0.1.13"
   },
   "devDependencies": {
     "@rollup/plugin-commonjs": "^23.0.4",
@@ -39,32 +31,17 @@
     "@types/chai": "^4.3.10",
     "@types/lodash-es": "^4.17.12",
     "@types/mocha": "^10.0.1",
-    "@types/node-forge": "^1.3.2",
-    "@types/uuid": "^9.0.2",
     "@typescript-eslint/eslint-plugin": "^5.59.7",
     "@typescript-eslint/parser": "^5.59.7",
     "chai": "4.3.10",
-    "dayjs": "^1.11.7",
     "eslint": "^8.41.0",
     "eslint-config-prettier": "^8.8.0",
-    "eslint-plugin-import": "^2.27.5",
-    "eslint-plugin-node": "^11.1.0",
     "eslint-plugin-prettier": "^4.2.1",
-    "iconv-lite": "^0.6.3",
-    "log4js": "^6.9.1",
     "mocha": "^10.2.0",
     "prettier": "^2.8.8",
-    "reflect-metadata": "^0.1.13",
     "rimraf": "^5.0.5",
-    "rollup": "^3.7.4",
-    "rollup-plugin-typescript2": "^0.34.1",
-    "rollup-plugin-visualizer": "^5.8.2",
-    "ts-node": "^10.9.1",
-    "tsc-esm-fix": "^3.0.0",
-    "tslib": "^2.5.2",
-    "typescript": "^5.4.2",
-    "vite": "^4.3.8",
-    "vue-tsc": "^1.6.5"
+    "tslib": "^2.8.1",
+    "typescript": "^5.4.2"
   },
-  "gitHead": "586725a15c561436cda37de830b278907a6fc3f5"
+  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
 }

packages/core/pipeline/src/access/api.ts

@@ -1,8 +1,16 @@
 import { Registrable } from "../registry/index.js";
 import { FormItemProps } from "../dt/index.js";
-import { HttpClient, ILogger, utils } from "../utils/index.js";
-import _ from "lodash-es";
-import { AccessRequestHandleReq } from "../core";
+import { HttpClient, ILogger, utils } from "@certd/basic";
+import * as _ from "lodash-es";
+import { PluginRequestHandleReq } from "../plugin/index.js";
+
+export type AccessRequestHandleReqInput<T = any> = {
+  id?: number;
+  title?: string;
+  access: T;
+};
+
+export type AccessRequestHandleReq<T = any> = PluginRequestHandleReq<AccessRequestHandleReqInput<T>>;
 
 export type AccessInputDefine = FormItemProps & {
   title: string;
@@ -10,6 +18,7 @@ export type AccessInputDefine = FormItemProps & {
   encrypt?: boolean;
 };
 export type AccessDefine = Registrable & {
+  icon?: string;
   input?: {
     [key: string]: AccessInputDefine;
   };
@@ -33,6 +42,10 @@ export type AccessContext = {
 export abstract class BaseAccess implements IAccess {
   ctx!: AccessContext;
 
+  setCtx(ctx: AccessContext) {
+    this.ctx = ctx;
+  }
+
   async onRequest(req: AccessRequestHandleReq) {
     if (!req.action) {
       throw new Error("action is required");

packages/core/pipeline/src/access/decorator.ts

@@ -1,9 +1,9 @@
 // src/decorator/memoryCache.decorator.ts
 import { AccessContext, AccessDefine, AccessInputDefine } from "./api.js";
 import { Decorator } from "../decorator/index.js";
-import _ from "lodash-es";
+import * as _ from "lodash-es";
 import { accessRegistry } from "./registry.js";
-import { http, logger, utils } from "../utils/index.js";
+import { http, logger, utils } from "@certd/basic";
 
 // 提供一个唯一 key
 export const ACCESS_CLASS_KEY = "pipeline:access";
@@ -56,6 +56,6 @@ export function newAccess(type: string, input: any, ctx?: AccessContext) {
       utils,
     };
   }
-  access.ctx = ctx;
+  access.setCtx(ctx);
   return access;
 }

packages/core/pipeline/src/access/registry.ts

@@ -1,4 +1,4 @@
-import { Registry } from "../registry/index.js";
+import { createRegistry } from "../registry/index.js";
 
 // @ts-ignore
-export const accessRegistry = new Registry("access");
+export const accessRegistry = createRegistry("access");

packages/core/pipeline/src/core/exceptions.ts

@@ -0,0 +1,5 @@
+export class CancelError extends Error {
+  constructor(message: string) {
+    super(message);
+  }
+}

packages/core/pipeline/src/core/executor.ts

@@ -3,14 +3,18 @@ import { RunHistory, RunnableCollection } from "./run-history.js";
 import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext, UserInfo } from "../plugin/index.js";
 import { ContextFactory, IContext } from "./context.js";
 import { IStorage } from "./storage.js";
-import { createAxiosService, hashUtils, logger, utils } from "../utils/index.js";
-import { Logger } from "log4js";
+import { createAxiosService, hashUtils, HttpRequestConfig, ILogger, logger, utils } from "@certd/basic";
 import { IAccessService } from "../access/index.js";
 import { RegistryItem } from "../registry/index.js";
 import { Decorator } from "../decorator/index.js";
-import { ICnameProxyService, IEmailService, IPluginConfigService } from "../service/index.js";
+import { ICnameProxyService, IEmailService, IPluginConfigService, IUrlService } from "../service/index.js";
 import { FileStore } from "./file-store.js";
 import { cloneDeep, forEach, merge } from "lodash-es";
+import { INotificationService, NotificationBody, NotificationContext, notificationRegistry } from "../notification/index.js";
+export type SysInfo = {
+  //系统标题
+  title?: string;
+};
 
 export type ExecutorOptions = {
   pipeline: Pipeline;
@@ -18,17 +22,21 @@ export type ExecutorOptions = {
   onChanged: (history: RunHistory) => Promise<void>;
   accessService: IAccessService;
   emailService: IEmailService;
+  notificationService: INotificationService;
   cnameProxyService: ICnameProxyService;
   pluginConfigService: IPluginConfigService;
+  urlService: IUrlService;
   fileRootDir?: string;
   user: UserInfo;
+  baseURL?: string;
+  sysInfo?: SysInfo;
 };
 
 export class Executor {
   pipeline: Pipeline;
   runtime!: RunHistory;
   contextFactory: ContextFactory;
-  logger: Logger;
+  logger: ILogger;
   pipelineContext!: IContext;
   currentStatusMap!: RunnableCollection;
   lastStatusMap!: RunnableCollection;
@@ -135,7 +143,12 @@ export class Executor {
       this.runtime.success(runnable);
       return ResultType.success;
     } catch (e: any) {
-      this.runtime.error(runnable, e);
+      if (e.name === "CancelError" || this.abort.signal.aborted) {
+        this.runtime.cancel(runnable);
+        return ResultType.canceled;
+      } else {
+        this.runtime.error(runnable, e);
+      }
       throw e;
     } finally {
       this.runtime.finally(runnable);
@@ -285,17 +298,29 @@ export class Executor {
     }
 
     const http = createAxiosService({ logger: currentLogger });
+    const download = async (config: HttpRequestConfig, savePath: string) => {
+      await utils.download({
+        http,
+        logger: currentLogger,
+        config,
+        savePath,
+      });
+    };
     const taskCtx: TaskInstanceContext = {
       pipeline: this.pipeline,
+      runtime: this.runtime,
       step,
       lastStatus,
       http,
+      download,
       logger: currentLogger,
       inputChanged,
       accessService: this.options.accessService,
       emailService: this.options.emailService,
       cnameProxyService: this.options.cnameProxyService,
       pluginConfigService: this.options.pluginConfigService,
+      notificationService: this.options.notificationService,
+      urlService: this.options.urlService,
       pipelineContext: this.pipelineContext,
       userContext: this.contextFactory.getContext("user", this.options.user.id),
       fileStore: new FileStore({
@@ -344,20 +369,23 @@ export class Executor {
     if (!this.pipeline.notifications) {
       return;
     }
+    const url = await this.options.urlService.getPipelineDetailUrl(this.pipeline.id, this.runtime.id);
     let subject = "";
     let content = "";
+    const errorMessage = error?.message;
+    const sysTitle = this.options.sysInfo?.title || "Certd";
     if (when === "start") {
-      subject = `【CertD】开始执行，【${this.pipeline.id}】${this.pipeline.title}`;
-      content = `buildId:${this.runtime.id}`;
+      subject = `【${sysTitle}】开始执行，${this.pipeline.title}【${this.pipeline.id}】`;
+      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "success") {
-      subject = `【CertD】执行成功，【${this.pipeline.id}】${this.pipeline.title}`;
-      content = `buildId:${this.runtime.id}`;
+      subject = `【${sysTitle}】执行成功，${this.pipeline.title}【${this.pipeline.id}】`;
+      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "turnToSuccess") {
-      subject = `【CertD】执行成功（错误转成功），【${this.pipeline.id}】${this.pipeline.title}`;
-      content = `buildId:${this.runtime.id}`;
+      subject = `【${sysTitle}】执行成功（失败转成功），${this.pipeline.title}【${this.pipeline.id}】`;
+      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "error") {
-      subject = `【CertD】执行失败，【${this.pipeline.id}】${this.pipeline.title}`;
-      content = `buildId:${this.runtime.id}\nerror:${error.message}`;
+      subject = `【${sysTitle}】执行失败，${this.pipeline.title}【${this.pipeline.id}】`;
+      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n错误详情:${error.message}`;
     } else {
       return;
     }
@@ -366,10 +394,10 @@ export class Executor {
       if (!notification.when.includes(when)) {
         continue;
       }
+
       if (notification.type === "email") {
         try {
           await this.options.emailService?.send({
-            userId: this.pipeline.userId,
             subject,
             content,
             receivers: notification.options.receivers,
@@ -377,6 +405,48 @@ export class Executor {
         } catch (e) {
           logger.error("send email error", e);
         }
+      } else {
+        try {
+          //构建notification插件，发送通知
+          let notifyConfig: any;
+          if (notification.notificationId === 0) {
+            notifyConfig = await this.options.notificationService.getDefault();
+          } else {
+            notifyConfig = await this.options.notificationService.getById(notification.notificationId);
+          }
+          if (notifyConfig == null) {
+            throw new Error(`通知配置<id:${notification.notificationId}>不存在`);
+          }
+
+          const notificationPlugin = notificationRegistry.get(notifyConfig.type);
+          const notificationCls: any = notificationPlugin.target;
+          const notificationSender = new notificationCls();
+          const notificationCtx: NotificationContext = {
+            http: utils.http,
+            logger,
+            utils,
+            emailService: this.options.emailService,
+          };
+          //设置参数
+          merge(notificationSender, notifyConfig.setting);
+          notificationSender.setCtx(notificationCtx);
+          await notificationSender.onInstance();
+          const body: NotificationBody = {
+            title: subject,
+            content,
+            userId: this.pipeline.userId,
+            pipeline: this.pipeline,
+            result: this.lastRuntime.pipeline.status,
+            pipelineId: this.pipeline.id,
+            historyId: this.runtime.id,
+            errorMessage,
+            url,
+          };
+          //发送通知
+          await notificationSender.send(body);
+        } catch (e) {
+          logger.error("send notification error", e);
+        }
       }
     }
   }

packages/core/pipeline/src/core/file-store.ts

@@ -1,8 +1,8 @@
-import { fileUtils } from "../utils/index.js";
+import { fileUtils } from "@certd/basic";
 import dayjs from "dayjs";
 import path from "path";
 import fs from "fs";
-import { logger } from "../utils/index.js";
+import { logger } from "@certd/basic";
 
 export type FileStoreOptions = {
   rootDir?: string;

packages/core/pipeline/src/core/handler.ts

@@ -1,21 +0,0 @@
-import { HttpClient, ILogger, utils } from "../utils/index.js";
-
-export type PluginRequestHandleReq<T = any> = {
-  typeName: string;
-  action: string;
-  input: T;
-  data: any;
-};
-
-export type AccessRequestHandleReqInput<T = any> = {
-  id?: number;
-  title?: string;
-  access: T;
-};
-export type AccessRequestHandleContext = {
-  http: HttpClient;
-  logger: ILogger;
-  utils: typeof utils;
-};
-
-export type AccessRequestHandleReq<T = any> = PluginRequestHandleReq<AccessRequestHandleReqInput<T>>;

packages/core/pipeline/src/core/index.ts

@@ -3,5 +3,4 @@ export * from "./run-history.js";
 export * from "./context.js";
 export * from "./storage.js";
 export * from "./file-store.js";
-export * from "./license.js";
-export * from "./handler.js";
+export * from "./exceptions.js";

packages/core/pipeline/src/core/license.ts

@@ -1,16 +0,0 @@
-import { logger } from "../utils/index.js";
-import { setLogger, isPlus, isComm } from "@certd/plus-core";
-setLogger(logger);
-export * from "@certd/plus-core";
-
-export function checkPlus() {
-  if (!isPlus()) {
-    throw new Error("此为专业版功能，请升级到专业版");
-  }
-}
-
-export function checkComm() {
-  if (!isComm()) {
-    throw new Error("此为商业版功能，请升级到商业版");
-  }
-}

packages/core/pipeline/src/core/run-history.ts

@@ -1,7 +1,6 @@
 import { HistoryResult, Pipeline, ResultType, Runnable, RunnableMap, Stage, Step, Task } from "../dt/index.js";
-import _ from "lodash-es";
-import { buildLogger } from "../utils/index.js";
-import { Logger } from "log4js";
+import * as _ from "lodash-es";
+import { buildLogger, ILogger } from "@certd/basic";
 
 export type HistoryStatus = {
   result: HistoryResult;
@@ -19,13 +18,13 @@ export function NewRunHistory(obj: any) {
   return history;
 }
 export class RunHistory {
-  id!: string;
+  id!: any;
   pipeline!: Pipeline;
   logs: {
     [runnableId: string]: string[];
   } = {};
   _loggers: {
-    [runnableId: string]: Logger;
+    [runnableId: string]: ILogger;
   } = {};
   trigger!: RunTrigger;
 
@@ -117,9 +116,14 @@ export class RunHistory {
   }
 
   logError(runnable: Runnable, e: Error) {
-    // @ts-ignore
-    const errorInfo = runnable.runnableType === "step" ? e : e.message;
-    this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, errorInfo);
+    const { cause, stack } = e;
+    delete e.stack;
+    delete e.cause;
+    if (runnable.runnableType === "step") {
+      this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, e, stack, cause);
+    } else {
+      this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, e.message);
+    }
   }
 
   finally(runnable: Runnable) {

packages/core/pipeline/src/core/storage.ts

@@ -1,6 +1,6 @@
 import fs from "fs";
 import path from "path";
-import { fileUtils } from "../utils/index.js";
+import { fileUtils } from "@certd/basic";
 
 export interface IStorage {
   get(scope: string, namespace: string, version: string, key: string): Promise<string | null>;

packages/core/pipeline/src/d.ts/fast-crud.ts

@@ -1,115 +0,0 @@
-/**
- * [x]-col的配置
- */
-export type ColProps = {
-  span?: number;
-  [props: string]: any;
-};
-
-export type FormItemProps = {
-  /**
-   * 字段label
-   */
-  title?: string;
-  /**
-   * 表单字段组件配置
-   */
-  component?: ComponentProps;
-  /**
-   * 表单字段 [a|el|n]-col的配置
-   * 一般用来配置跨列：{span:24} 占满一行
-   */
-  col?: ColProps;
-  /**
-   * 默认值
-   */
-  value?: any;
-  /**
-   * 帮助提示配置
-   */
-  helper?: string | FormItemHelperProps;
-  /**
-   * 排序号
-   */
-  order?: number;
-  /**
-   * 是否显示此字段
-   */
-  show?: boolean;
-  /**
-   * 是否是空白占位栏
-   */
-  blank?: boolean;
-
-  [key: string]: any;
-};
-
-/**
- * 表单字段帮助说明配置
- */
-export type FormItemHelperProps = {
-  /**
-   * 自定义渲染帮助说明
-   * @param scope
-   */
-  render?: (scope: any) => any;
-  /**
-   * 帮助文本
-   */
-  text?: string;
-  /**
-   * 帮助说明所在的位置，[ undefined | label]
-   */
-  position?: string;
-  /**
-   * [a|el|n]-tooltip配置
-   */
-  tooltip?: object;
-
-  [key: string]: any;
-};
-
-/**
- * 组件配置
- */
-export type ComponentProps = {
-  /**
-   * 组件的名称
-   */
-  name?: string | object;
-  /**
-   * vmodel绑定的目标属性名
-   */
-  vModel?: string;
-
-  /**
-   * 当原始组件名的参数被以上属性名占用时，可以配置在这里
-   * 例如:原始组件有一个叫name的属性，你想要配置它，则可以按如下配置
-   * ```
-   * component:{
-   *   name:"组件的名称"
-   *   props:{
-   *     name:"组件的name属性"  <-----------
-   *   }
-   * }
-   * ```
-   */
-  props?: {
-    [key: string]: any;
-  };
-
-  /**
-   * 组件事件监听
-   */
-  on?: {
-    [key: string]: (context?: any) => void;
-  };
-
-  /**
-   * 组件其他参数
-   * 事件：onXxx:(event)=>void 组件原始事件监听
-   *      on.onXxx:(context)=>void 组件事件监听(对原始事件包装)
-   * 样式：style、class等
-   */
-  [key: string]: any;
-};

packages/core/pipeline/src/d.ts/index.ts

@@ -1,2 +0,0 @@
-export * from "./pipeline";
-export * from "./fast-crud";

packages/core/pipeline/src/d.ts/pipeline.ts

@@ -1,140 +0,0 @@
-export enum RunStrategy {
-  AlwaysRun,
-  SkipWhenSucceed,
-}
-
-export enum ConcurrencyStrategy {
-  Serial,
-  Parallel,
-}
-
-export enum NextStrategy {
-  AllSuccess,
-  OneSuccess,
-}
-
-export enum HandlerType {
-  //清空后续任务的状态
-  ClearFollowStatus,
-  SendEmail,
-}
-
-export type EventHandler = {
-  type: HandlerType;
-  params: {
-    [key: string]: any;
-  };
-};
-
-export type RunnableStrategy = {
-  runStrategy?: RunStrategy;
-  onSuccess?: EventHandler[];
-  onError?: EventHandler[];
-};
-
-export type Step = Runnable & {
-  type: string; //插件类型
-  input: {
-    [key: string]: any;
-  };
-};
-export type Task = Runnable & {
-  steps: Step[];
-};
-
-export type Stage = Runnable & {
-  tasks: Task[];
-  concurrency: ConcurrencyStrategy;
-  next: NextStrategy;
-};
-
-export type Trigger = {
-  id: string;
-  title: string;
-  cron: string;
-  type: string;
-};
-
-export type FileItem = {
-  id: string;
-  filename: string;
-  path: string;
-};
-export type Runnable = {
-  id: string;
-  title: string;
-  strategy?: RunnableStrategy;
-  runnableType?: string; // pipeline, stage, task , step
-  status?: HistoryResult;
-  timeout?: number;
-  default?: {
-    [key: string]: any;
-  };
-  context?: Context;
-};
-
-export type EmailOptions = {
-  receivers: string[];
-};
-export type NotificationWhen = "error" | "success" | "turnToSuccess" | "start";
-export type NotificationType = "email" | "url";
-export type Notification = {
-  type: NotificationType;
-  when: NotificationWhen[];
-  options: EmailOptions;
-};
-
-export type Pipeline = Runnable & {
-  version?: number;
-  userId: any;
-  stages: Stage[];
-  triggers: Trigger[];
-  notifications?: Notification[];
-};
-
-export type Context = {
-  [key: string]: any;
-};
-
-export type Log = {
-  title: string;
-  time: number;
-  level: string;
-  text: string;
-};
-
-export enum ResultType {
-  start = "start",
-  success = "success",
-  error = "error",
-  canceled = "canceled",
-  skip = "skip",
-  none = "none",
-}
-
-export type HistoryResultGroup = {
-  [key: string]: {
-    runnable: Runnable;
-    res: HistoryResult;
-  };
-};
-export type HistoryResult = {
-  input: any;
-  output: any;
-  files?: FileItem[];
-  /**
-   * 任务状态
-   */
-  status: ResultType;
-  startTime: number;
-  endTime?: number;
-  /**
-   * 处理结果
-   */
-  result?: ResultType; //success, error,skip
-  message?: string;
-};
-
-export type RunnableMap = {
-  [id: string]: Runnable;
-};

packages/core/pipeline/src/decorator/utils.ts

@@ -1,4 +1,4 @@
-import _ from "lodash-es";
+import * as _ from "lodash-es";
 
 const propertyMap: any = {};
 function attachProperty(target: any, propertyKey: string | symbol) {

packages/core/pipeline/src/dt/pipeline.ts

@@ -62,7 +62,7 @@ export type FileItem = {
   path: string;
 };
 export type Runnable = {
-  id: string;
+  id: any;
   title: string;
   strategy?: RunnableStrategy;
   runnableType?: string; // pipeline, stage, task , step
@@ -83,6 +83,9 @@ export type Notification = {
   type: NotificationType;
   when: NotificationWhen[];
   options: EmailOptions;
+  notificationId: number;
+  title: string;
+  subType: string;
 };
 
 export type Pipeline = Runnable & {