v1.36.2

# Conflicts:
#	README.md

.gitignore

@@ -17,6 +17,7 @@ gen
 /test/*.private.*
 
 /*.log
+nohup.out
 
 /packages/ui/*/.idea
 /packages/ui/*/node_modules

CHANGELOG.md

@@ -3,6 +3,250 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+### Bug Fixes
+
+* 修复notification编辑按钮无法打开对话框的bug ([0cea26c](https://github.com/certd/certd/commit/0cea26c6287f52adf273b4a525c37bea8555c68c))
+* 优化更新飞牛os证书有效期，修复某些情况下部署证书后飞牛无法访问https的bug ([610c919](https://github.com/certd/certd/commit/610c919c72037becc0ed326f5d5b18c963dfcb3a))
+
+### Performance Improvements
+
+* 证书检查支持自定义dns服务器 ([c53bb7c](https://github.com/certd/certd/commit/c53bb7cf677faa32729709ae0c10359db5194d7a))
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+### Bug Fixes
+
+* 修复通知和触发器无法编辑的bug ([a2e0951](https://github.com/certd/certd/commit/a2e09510426680eb425c0d7ad337f39d3f052054))
+
+### Performance Improvements
+
+* 支持部署到七牛云DCDN ([bde601b](https://github.com/certd/certd/commit/bde601bfffb4f7345d97e1e3b064520816d31555))
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+### Bug Fixes
+
+* 支持自定义证书生成插件 ([481cc02](https://github.com/certd/certd/commit/481cc029fafaf280aa844cd3ca30f4653ec35d55))
+
+### Features
+
+* 支持模版创建流水线 ([2559f0e](https://github.com/certd/certd/commit/2559f0e822db095d1d26a7f1d517622dce22a5c2))
+
+### Performance Improvements
+
+* 阿里云waf cname站点选择支持翻页及域名查询 ([4cf9858](https://github.com/certd/certd/commit/4cf98584dacc5999752732f136246647a2f1f07d))
+* 部署到ssh主机命令支持前置命令 ([991b741](https://github.com/certd/certd/commit/991b741cbe223b342f534157da63b71e81661f8e))
+* 模版导入流水线 ([dcc8c56](https://github.com/certd/certd/commit/dcc8c569693432579709ce63656665a76bcf9a44))
+* 添加用户资料编辑功能 ([7c0f43c](https://github.com/certd/certd/commit/7c0f43c8a3052f73afee3e93c9fcbc43c44ab690))
+* 优化阿里云waf的日志信息 ([821c6d8](https://github.com/certd/certd/commit/821c6d807d4b3cc5092d09a6282b8cbafb9e7c9f))
+* 优化中英文翻译与切换 ([acaa8b1](https://github.com/certd/certd/commit/acaa8b173183b4423584ee070e6e332e0ac0eb2d))
+* 站点IP监控前先同步一下IP ([a080b60](https://github.com/certd/certd/commit/a080b606ab6e289d96b17ef7d2879b4603f889ba))
+* 支持选择运行策略设置 ([60f055f](https://github.com/certd/certd/commit/60f055f293ce237c21cd9050333dad9609eceac1))
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+### Bug Fixes
+
+* 腾讯云授权支持设置是否国际站，部署到EO插件支持国际站 ([5cd3968](https://github.com/certd/certd/commit/5cd3968929acef333cf30d3b20cf21cea6c82c5f))
+* 修复邮箱包含.号校验失败的bug ([65dcae7](https://github.com/certd/certd/commit/65dcae79f8faa7a6cb425e10a0fdb6758b0719f3))
+
+### Performance Improvements
+
+* 首次打开任务日志查看页面，自动滚动到底部 ([43fee42](https://github.com/certd/certd/commit/43fee42198e8697185b427b1fa3eb79409603393))
+* 支持批量修改通知和定时 ([e11b3be](https://github.com/certd/certd/commit/e11b3becfd4abe6547e84d09adc38ebd6e1c4b87))
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+### Bug Fixes
+
+* 修复消息内容存在()<>等括号情况下无法发送tg通知的bug ([c937583](https://github.com/certd/certd/commit/c937583a50d8513d76adead3648f83eee2fcc6f9))
+* 修复重试次数设置无效的bug ([e2099ac](https://github.com/certd/certd/commit/e2099ac9ca344bc70bfa4219002e9138708973ae))
+
+### Performance Improvements
+
+* 授权列表类型颜色优化 ([1e86338](https://github.com/certd/certd/commit/1e863382d3d1a8cc95a1abf51e75bf6eaea3244f))
+* 支持雨云dns解析 ([8354348](https://github.com/certd/certd/commit/83543487e7418683bd79cfe3b9e0d792bdb977f7))
+* 支持雨云dns解析以及雨云证书更新 ([43c7a19](https://github.com/certd/certd/commit/43c7a1984926f5d4647760cc134bb0aede3a7b7a))
+* github 版本检查支持执行脚本 ([bad3504](https://github.com/certd/certd/commit/bad3504d4a15e6989b967b66aa9da8c6981f25bf))
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([c1fbc8c](https://github.com/certd/certd/commit/c1fbc8cd68ae020ef342e4e92f4d9b4869ca1ead))
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+* 修复检查github release 插件无法保存最后版本的bug ([a92107c](https://github.com/certd/certd/commit/a92107cc47133883b099d5228b06373e84c8bb50))
+* 修复站点监控定时器多次添加的bug ([9361679](https://github.com/certd/certd/commit/936167972fe83e519bc01a0dd961d9c0635d24ab))
+
+### Performance Improvements
+
+* 阿里云dns操作增加重试机制 ([424fd96](https://github.com/certd/certd/commit/424fd96615c05e949af8c837c261c1400bdffba2))
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+* 子域名托管帮助链接优化为打开新窗口 ([7c0cdd1](https://github.com/certd/certd/commit/7c0cdd169e2f943e703e433677f2f437d4aa02ee))
+* history增加触发类型显示 ([7f6070c](https://github.com/certd/certd/commit/7f6070c960ed7bf02add5ab36436de6573f2f1fa))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+* 修复站点监控通知渠道设置无效的bug ([a00453c](https://github.com/certd/certd/commit/a00453c83a58114ce2873dd6e6aaf313f1ce0f87))
+
+### Performance Improvements
+
+* 修改 HTTPS 服务器监听地址 ([e1cf64a](https://github.com/certd/certd/commit/e1cf64ae16d4abfe4299ff16d5088c30cf3c6365))
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Bug Fixes
+
+* **flexcdn:** fix cert upload and skipSslVerify required ([c48da5d](https://github.com/certd/certd/commit/c48da5dea7f0f0cdeae643b106b4a678acc3b14b))
+
+### Performance Improvements
+
+* 阿里云CLB支持部署到扩展域名 ([0e8339c](https://github.com/certd/certd/commit/0e8339c70190890d449099e1d26e5ed06ff135fb))
+* 优化流水线名称过长时的显示 ([6a0cc1b](https://github.com/certd/certd/commit/6a0cc1b1f3ad508f9e4093b3b682b163f12389eb))
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Bug Fixes
+
+* 修复Farcdn证书有效期错误的问题 ([1fe4c36](https://github.com/certd/certd/commit/1fe4c367f7128de9ba5e3395ae06bc81e63a7d5a))
+
+### Performance Improvements
+
+* 不止证书自动化，插件解锁无限可能 ([a9b302e](https://github.com/certd/certd/commit/a9b302e38d3328d75df8b2da3d8b914851e55e9c))
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+* 支持github 新版本检查并发布通知 ([356703c](https://github.com/certd/certd/commit/356703c83ea18c6efb8931402e181280d7b7e696))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 更新 1panel API 版本支持v1/v2设置 ([e6195ad](https://github.com/certd/certd/commit/e6195ade3ec54b138825b8d6738f86eb8afdd720))
+* 同步更新namesilo接口，修复无法创建和删除dns记录的问题 ([36b02c2](https://github.com/certd/certd/commit/36b02c2cec145c13d4ef29d49aba5b6b4f697df2))
+* 修复阿里云 esa 证书获取站点列表错误的问题 ([0c2ea5d](https://github.com/certd/certd/commit/0c2ea5da4c836f8a0df132a3f22d399bd9ee1de9))
+* 修复部署到华为cdn，子账号ak查询不到域名的bug ([ebb292a](https://github.com/certd/certd/commit/ebb292a2f7a425c1bc810f59468beb3f1d5bc3f0))
+* 修复证书申请任务无法修改dns提供商类型的bug ([8802274](https://github.com/certd/certd/commit/88022747bebe2054223e0241d68d410771405e68))
+
+### Performance Improvements
+
+* 关闭腾讯云证书通知提醒 ([231a875](https://github.com/certd/certd/commit/231a875bb481420c39bf76ec9ff4e50954ab9fe4))
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+* 优化站点ip检查 ([a463711](https://github.com/certd/certd/commit/a463711b03a20120f2a298be15d71ca152d27f21))
+* 站点监控支持监控IP ([9cc4c01](https://github.com/certd/certd/commit/9cc4c017ae646a18284e732769b82636feda01d3))
+* 支持批量重新运行 ([8189982](https://github.com/certd/certd/commit/818998259ddc75e722196ac5c365038818539b9b))
+* farcdn优化 ([a06ef07](https://github.com/certd/certd/commit/a06ef07178ed73c537e21c7d57e5e5144d2c056d))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+### Performance Improvements
+
+* 优化阿里云DCDN插件，支持多选 ([b091657](https://github.com/certd/certd/commit/b091657b5c537acf2442a2bfc345d0a77f5e2c50))
+* 支持部署到farcdn ([e08cf57](https://github.com/certd/certd/commit/e08cf57b72128998f487ab6469868052fbce0dba))
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复又拍云 CDN 设置证书参数和强制 HTTPS 配置报错的bug ([7984b62](https://github.com/certd/certd/commit/7984b625ba6727132f205db8e25f790bce27b2f7))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 二次认证页面中，添加动态验证码输入框的焦点控制，提升用户体验 ([bb22f06](https://github.com/certd/certd/commit/bb22f062ed4ab4b5b71938270fe4cc666af6b8e7))
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 1panel增加授权测试按钮 ([566b12f](https://github.com/certd/certd/commit/566b12f5d14ce10e8f5cf1807c58f7bf27f0d199))
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复部署flexcdn问题 ([76b19a4](https://github.com/certd/certd/commit/76b19a4980f8edba5238543b82a7811e1003746c))
+* 修复插件导入的bug ([677fec0](https://github.com/certd/certd/commit/677fec0a0b6fceb4966705e471bbfeeda91610c7))
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+* 修复自建插件保存丢失部署策略的bug ([863e74d](https://github.com/certd/certd/commit/863e74dd2e3912f950ff5025b5ed0070aeb37035))
+
+### Performance Improvements
+
+* 调整小助手，仅在登录之后显示 ([aebb07c](https://github.com/certd/certd/commit/aebb07c5cc8b1f233b9d203ff017ac60e6971a85))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+### Performance Improvements
+
+* 宝塔插件、1panel 改成完全免费版 ([a53b6cd](https://github.com/certd/certd/commit/a53b6cd28ff2ce5662ada82379ea44a06b179b81))
+* 添加 FlexCDN 更新证书插件 ([bf040d4](https://github.com/certd/certd/commit/bf040d4c428d29c06fbaca5e29100e0c583b2b0b))
+* 小助手可以关闭 ([3e2101a](https://github.com/certd/certd/commit/3e2101aa5b56548614102e900d59819ce8c7e97c))
+* 支持部署到maoyun cdn ([68f333f](https://github.com/certd/certd/commit/68f333fb87ce85eed27436ecb0f76351c0ccb0d1))
+* 支持AI分析报错 ([aa96859](https://github.com/certd/certd/commit/aa96859798166426e485947a6590464de189de05))
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Bug Fixes
+
+* 修复部署到又拍云强制https无效的bug ([2397097](https://github.com/certd/certd/commit/2397097e4ddcb6f593210598e8779ffd44ac3f8f))
+* 修复刷新流水线页面后，日志不自动更新的bug ([0b2e28b](https://github.com/certd/certd/commit/0b2e28b62dd5eb6804c602083e65c87a9d1d72d2))
+
+### Performance Improvements
+
+* 集成智能问答机器人 ([9dd4905](https://github.com/certd/certd/commit/9dd49054d18ec436a5029444ca55a38adc682933))
+* 支持设置网安备案号 ([d18e431](https://github.com/certd/certd/commit/d18e431e2f08e6b37704032c4ea6fbdd8e971442))
+* http方式支持校验443端口 ([d75fcb7](https://github.com/certd/certd/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 ### Bug Fixes

README.md

@@ -1,33 +1,42 @@
 # Certd
 
-Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系统。       
-后缀d取自linux守护进程的命名风格，意为证书守护进程。    
+[English](./README_en.md) | [中文](./README.md)
+
+Certd® 是一个免费的全自动证书管理系统，让你的网站证书永不过期。   
+后缀d取自linux守护进程的命名风格，意为证书守护进程
+   
+
+>首创流水线申请部署证书模式，已被多个项目“借鉴”，被抄也是一种成功。
+
+> 关于证书续期：
+>* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
+>* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
+>* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
+
+
+> 流水线数量现已调整为无限制，欢迎大家使用
 
-关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
-* 全自动申请证书（支持所有注册商注册的域名）
+* 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
 * 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
-* 支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
-* 邮件通知、webhook通知
-* 私有化部署，数据保存本地，授权信息加密存储，镜像由Github Actions构建，过程公开透明
-* 支持SQLite，PostgreSQL、MySQL数据库
+* 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
+* 私有化部署，数据保存本地，安装简单快捷，镜像由Github Actions构建，过程公开透明
+* 授权加密，站点隐藏，2FA，密码防爆破等多重安全保障
+* 支持SQLite，PostgreSQL、MySQL多种数据库
+* 开放接口支持
+* 站点证书监控
+* 多用户管理
+* 多语言支持（中英双语切换）
+* 各版本向下兼容，一键无忧升级
 
 
   ![](./docs/images/intro/intro.svg)
 
->
-> 流水线数量现已调整为无限制，欢迎大家使用
->
 
-> 关于证书续期：
- >* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
- >* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
- >* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
- 
 ## 二、在线体验
 
 官方Demo地址，自助注册后体验    
@@ -75,10 +84,12 @@ https://certd.handfree.work/
 
 您可以根据实际情况从如下方式中选择一种方式进行私有化部署：
 
-1. [宝塔面板方式部署 推荐](https://certd.docmirror.cn/guide/install/docker/)
-2. [1Panel面板方式部署 推荐](https://certd.docmirror.cn/guide/install/1panel/)
-3. [Docker方式部署 推荐](https://certd.docmirror.cn/guide/install/docker/)
-4. [源码方式部署 不建议](https://certd.docmirror.cn/guide/install/source/)
+1. 【推荐】[Docker方式部署 ](https://certd.docmirror.cn/guide/install/docker/)
+2. 【推荐】[宝塔面板方式部署 ](https://certd.docmirror.cn/guide/install/docker/)
+3. 【推荐】[1Panel面板方式部署](https://certd.docmirror.cn/guide/install/1panel/)
+4. 【推荐】[雨云一键部署](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2_) ： 首充翻倍，每月仅需2.2元    
+[<img src="https://rainyun-apps.cn-nb1.rains3.com/materials/deploy-on-rainyun-cn.svg">](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2_)
+5. 【不推荐】[源码方式部署 ](https://certd.docmirror.cn/guide/install/source/)
 
 #### Docker镜像说明：
 * 国内镜像地址:
@@ -103,11 +114,20 @@ https://certd.handfree.work/
 > * 请务必使用web应用防火墙防护本应用，防止XSS、SQL注入等攻击
 > * 请务必做好服务器本身的安全防护，防止数据库泄露
 > * 请务必做好数据备份，避免数据丢失
+> * [更多安全生产建议点我](https://certd.docmirror.cn/guide/feature/safe/)
 
 
+## 五、生态
+ 
+###  1.  客户端工具 SSL-Assistant
+`SSL Assistant` 是一个运行于主机上的证书部署管理助手客户端。    
+支持自动扫描主机`Nginx`配置，然后从`Certd`拉取证书并部署。     
+在不想暴露ssh主机密码情况下，该工具非常好用。
+
+开源地址： https://github.com/Youngxj/SSL-Assistant
 
 
-## 五、更多帮助
+## 六、更多帮助
 请访问官方文档：[https://certd.docmirror.cn/](https://certd.docmirror.cn/guide/)
 
 * 升级方法：[升级方法](https://certd.docmirror.cn/guide/install/upgrade/)
@@ -117,7 +137,7 @@ https://certd.handfree.work/
 * 更新日志：[CHANGELOG](./CHANGELOG.md)
 
 
-## 六、联系作者
+## 七、联系作者
 如有疑问，欢迎加入群聊（请备注certd）
 
 | 加群 | 微信群 | QQ群 |
@@ -131,7 +151,7 @@ https://certd.handfree.work/
 | 二维码 | <img height="230" src="./docs/guide/contact/images/me.png"> |
 
 
-## 七、捐赠
+## 八、捐赠
 ************************
 支持开源，为爱发电，我已入驻爱发电   
 https://afdian.com/a/greper
@@ -143,38 +163,41 @@ https://afdian.com/a/greper
 
 专业版特权对比
 
-| 功能      | 免费版                | 专业版                         |
-|---------|--------------------|-----------------------------|
-| 免费证书申请  | 免费无限制              | 免费无限制                       |
-| 域名数量 | 无限制         | 无限制               |
-| 证书流水线条数 | 无限制         | 无限制               |
-| 站点证书监控  | 限制1条               | 无限制                         |
-| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中       |
-| 通知      | 邮件通知、自定义webhook        | 邮件免配置、企微、飞书、anpush、server酱等 |
+| 功能      | 免费版                                   | 专业版                            |
+|---------|---------------------------------------|--------------------------------|
+| 免费证书申请  | 免费无限制                                 | 免费无限制                          |
+| 域名数量 | 无限制                                   | 无限制                            |
+| 证书流水线条数 | 无限制                                   | 无限制                            |
+| 站点证书监控  | 限制1条                                  | 无限制                            |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖                             |
+| 通知      | 邮件通知、自定义webhook                       | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
 
 
 ************************
 
-## 八、贡献代码
+## 九、贡献代码
 
 1. 本地开发请参考 [贡献插件向导](https://certd.docmirror.cn/guide/development/)
 2. 作为贡献者，代表您同意您贡献的代码如下许可：
    1. 可以调整开源协议以使其更严格或更宽松。
    2. 可以用于商业用途。
 
+感谢以下贡献者做出的贡献。
 
+<a href="https://github.com/certd/certd/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=certd/certd" />
+</a>
 
-## 九、 开源许可
+## 十、 开源许可
 * 本项目遵循 GNU Affero General Public License（AGPL）开源协议。   
 * 允许个人和公司内部自由使用、复制、修改和分发本项目，未获得商业授权情况下禁止任何形式的商业用途 
 * 未获得商业授权情况下，禁止任何对logo、版权信息及授权许可相关代码的修改。
 * 如需商业授权，请联系作者。
 
 
-## 十、我的其他项目（求Star）
+## 十一、我的其他项目（求Star）
 
-| 项目名称                                                    | stars                                                                                                 | 项目描述                              | 
-|---------------------------------------------------------|-------------------------------------------------------------------------------------------------------|-----------------------------------|
-| [袖手AI](https://ai.handsfree.work/)                    |                                                                                                       | 袖手GPT，国内可用，无需FQ，每日免费额度            | 
+| 项目名称 | stars  | 项目描述  | 
+| --------- |--------- |----------- |
 | [fast-crud](https://gitee.com/fast-crud/fast-crud/)     | <img alt="GitHub stars" src="https://img.shields.io/github/stars/fast-crud/fast-crud?logo=github"/>   | 基于vue3的crud快速开发框架                 |  
-| [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | 直连访问github工具，无需FQ，解决github无法访问的问题 |                       
+| [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | 直连访问github工具，无需FQ，解决github无法访问的问题 |

README_en.md

@@ -0,0 +1,183 @@
+# Certd
+
+[English](./README_en.md) | [中文](./README.md)
+
+Certd® is a free, fully automated certificate management system that ensures your website certificates never expire. The suffix 'd' is inspired by the naming convention of Linux daemons, representing a certificate daemon.
+
+> We pioneered the pipeline-based certificate application and deployment model, which has been "referenced" by multiple projects. Being copied is also a form of success.
+
+> Regarding certificate renewal:
+>* In fact, it's impossible to renew or reissue a certificate without modifying the certificate file itself.
+>* What we refer to as renewal is essentially applying for a new certificate following the full process and redeploying it.
+>* Free certificates expire in 90 days, which may be shortened in the future. Therefore, automated deployment is essential.
+
+> The number of pipelines is now unlimited. Welcome to use it.
+
+## 1. Features
+This project not only supports automated certificate application but also automated certificate deployment and updates, ensuring your certificates never expire.
+
+* Fully automated certificate application (supports domains registered with all registrars and multiple domain verification methods such as DNS-01, HTTP-01, and CNAME proxy).
+* Fully automated certificate deployment and updates (currently supports deployment to over 70 plugins, including hosts, Alibaba Cloud, Tencent Cloud, etc.).
+* Supports wildcard domains/pan-domains, allows multiple domains in a single certificate, and supports various certificate formats such as pem, pfx, der, and jks.
+* Multiple notification methods, including email, webhook, WeChat Work, DingTalk, Lark, and anpush.
+* On-premises deployment, local data storage, simple and quick installation. Images are built by Github Actions, with a transparent process.
+* Multiple security measures, including authorization encryption, site hiding, 2FA, and password brute-force protection.
+* Supports multiple databases such as SQLite, PostgreSQL, and MySQL.
+* Open API support.
+* Site certificate monitoring.
+* Multi-user management.
+* Multi-language support (Chinese and English switching).
+* Downward compatibility across all versions, with one-click worry-free upgrades.
+
+  ![](./docs/images/intro/intro.svg)
+
+## 2. Online Experience
+Visit the official demo site and register to experience it.
+
+https://certd.handfree.work/
+
+> Note: Data will be cleaned up irregularly, and scheduled tasks may be stopped. For production use, please deploy it yourself.
+> The content contains sensitive information. Make sure to deploy it locally for production use.
+
+![Home Page](./docs/images/start/home.png)
+
+## 3. Usage Tutorial
+Just 3 steps to ensure your certificates never expire.
+
+### 1. Create a Certificate Pipeline
+![Demonstration](packages/ui/certd-client/public/static/doc/images/1-add.png)
+
+> After successful addition, you can directly run the pipeline to apply for a certificate.
+
+### 2. Add a Deployment Task
+Normally, we need to deploy certificates to applications. Certd supports a wide range of deployment plugins. You can choose based on your needs, such as deploying to Nginx, Alibaba Cloud, Tencent Cloud, K8S, CDN, Baota, 1Panel, etc.
+
+Here's a demonstration of deploying certificates to a host's Nginx:
+![Demonstration](packages/ui/certd-client/public/static/doc/images/5-1-add-host.png)
+
+If the current deployment plugins don't meet your needs, you can also download them manually and deploy them yourself.
+![Demonstration](packages/ui/certd-client/public/static/doc/images/13-3-download.png)
+
+### 3. Run Scheduled Tasks
+![Demonstration](packages/ui/certd-client/public/static/doc/images/12-1-log-success.png)
+
+↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓
+-------> [Click here to view detailed usage steps](./step.md) <--------
+↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑
+
+For more tutorials, please visit the official documentation [certd.docmirror.cn](https://certd.docmirror.cn/guide/).
+
+## 4. On-Premises Deployment
+Since certificates, authorization information, and other data are highly sensitive, please make sure to deploy them on-premises to ensure data security.
+
+You can choose one of the following deployment methods based on your needs:
+
+1. 【Recommended】[Docker Deployment](https://certd.docmirror.cn/guide/install/docker/)
+2. 【Recommended】[BT Panel Deployment](https://certd.docmirror.cn/guide/install/docker/)
+3. 【Recommended】[1Panel Deployment](https://certd.docmirror.cn/guide/install/1panel/)
+4. 【Recommended】[Rainyun One-Click Deployment](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2_): Double your first recharge, only $2.2 per month.
+[<img src="https://rainyun-apps.cn-nb1.rains3.com/materials/deploy-on-rainyun-cn.svg">](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2_)
+5. 【Not Recommended】[Source Code Deployment](https://certd.docmirror.cn/guide/install/source/)
+
+#### Docker Image Information:
+* Domestic Image Addresses:
+  * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest`
+  * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7`, `[version]-armv7`
+* DockerHub Addresses:
+  * `https://hub.docker.com/r/greper/certd`
+  * `greper/certd:latest`
+  * `greper/certd:armv7`, `greper/certd:[version]-armv7`
+* GitHub Packages Addresses:
+  * `ghcr.io/certd/certd:latest`
+  * `ghcr.io/certd/certd:armv7`, `ghcr.io/certd/certd:[version]-armv7`
+
+* Images are built automatically by `Actions`, with a transparent process. Please use them with confidence.
+  * [Click here to view image build logs](https://github.com/certd/certd/actions/workflows/build-image.yml)
+
+![](./docs/images/action/action-build.jpg)
+
+> Note:
+> * The certificates, authorization information, and other data stored in this application are highly sensitive. Please take appropriate security measures.
+> * Make sure to use the HTTPS protocol to access this application to avoid man-in-the-middle attacks.
+> * Make sure to use a web application firewall to protect this application from attacks such as XSS and SQL injection.
+> * Make sure to secure the server itself to prevent database leakage.
+> * Make sure to back up your data to avoid data loss.
+> * [Click here for more production safety suggestions](https://certd.docmirror.cn/guide/feature/safe/)
+
+## 5. Ecosystem
+
+### 1. Client Tool: SSL-Assistant
+`SSL Assistant` is a certificate deployment and management assistant client that runs on hosts. It supports automatic scanning of the host's `Nginx` configuration and pulling certificates from `Certd` for deployment. This tool is very useful when you don't want to expose your SSH host password.
+
+Open-source Address: https://github.com/Youngxj/SSL-Assistant
+
+## 6. More Help
+Please visit the official documentation: [https://certd.docmirror.cn/](https://certd.docmirror.cn/guide/).
+
+* Upgrade Method: [Upgrade Guide](https://certd.docmirror.cn/guide/install/upgrade/)
+* Common Issues: [Forgot Password](https://certd.docmirror.cn/guide/use/forgotpasswd/)
+* Multi-Database: [Multi-Database Configuration](https://certd.docmirror.cn/guide/install/database/)
+* Site Security: [Site Security Features](https://certd.docmirror.cn/guide/feature/safe/)
+* Changelog: [CHANGELOG](./CHANGELOG.md)
+
+## 7. Contact the Author
+If you have any questions, feel free to join the group chat (please mention 'certd' in your message).
+
+| Join Group | WeChat Group | QQ Group |
+|---------|-------|-------|
+| QR Code | <img height="230" src="./docs/guide/contact/images/wx.png"> | <img height="230" src="./docs/guide/contact/images/qq.png"> |
+
+You can also add the author as a friend.
+
+| Add Author as Friend | WeChat QQ |
+|---------|-------|-------|
+| QR Code | <img height="230" src="./docs/guide/contact/images/me.png"> |
+
+## 8. Donation
+************************
+Support open-source projects and contribute with love. I've joined Afdian.
+https://afdian.com/a/greper
+
+Benefits of Contribution:
+1. Join the exclusive contributor group and get one-on-one technical support from the author.
+2. Your requests will be prioritized and implemented as professional edition features.
+3. Receive a one-year professional edition activation code.
+
+Comparison of Professional Edition Privileges:
+
+| Feature | Free Edition | Professional Edition |
+|---------|---------------------------------------|--------------------------------|
+| Free Certificate Application | Unlimited for free | Unlimited for free |
+| Number of Domains | Unlimited | Unlimited |
+| Number of Certificate Pipelines | Unlimited | Unlimited |
+| Site Certificate Monitoring | Limited to 1 | Unlimited |
+| Automatic Deployment Plugins | Most plugins such as Alibaba Cloud CDN, Tencent Cloud, QiNiu CDN, Host Deployment, Baota, 1Panel | Synology |
+| Notifications | Email, Custom Webhook | Email without configuration, WeChat Work, DingTalk, Lark, anpush, ServerChan, etc. |
+
+************************
+
+## 9. Contribute Code
+
+1. For local development, please refer to the [Plugin Contribution Guide](https://certd.docmirror.cn/guide/development/).
+2. As a contributor, you agree that your contributed code is subject to the following license:
+   1. The open-source license can be adjusted to be more or less restrictive.
+   2. It can be used for commercial purposes.
+
+Thank you to the following contributors.
+
+<a href="https://github.com/certd/certd/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=certd/certd" />
+</a>
+
+## 10. Open-Source License
+* This project follows the GNU Affero General Public License (AGPL).
+* Individuals and companies are allowed to use, copy, modify, and distribute this project freely for internal use. Any form of commercial use is prohibited without obtaining commercial authorization.
+* Without commercial authorization, any modification of the logo, copyright information, and license-related code is prohibited.
+* For commercial authorization, please contact the author.
+
+## 11. My Other Projects (Please Star)
+
+| Project Name | Stars | Project Description |
+|----------------|---------------|--------------|
+| [fast-crud](https://gitee.com/fast-crud/fast-crud/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/fast-crud/fast-crud?logo=github"/> | A fast CRUD development framework based on Vue3. |
+| [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | A tool to access GitHub directly without a VPN, solving the problem of inaccessible GitHub. |

build.trigger

@@ -1 +1 @@
-17:28
+23:01

docker/run/docker-compose.yaml

@@ -3,6 +3,8 @@ services:
   certd:
     # 镜像                                                  #  ↓↓↓↓↓ ---- 镜像版本号，建议改成固定版本号,例如：certd:1.29.0
     image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
+    # image: ghcr.io/certd/certd:latest                    #   --------- 如果 报镜像not found，可以尝试其他镜像源
+    # image: greper/certd:latest
     container_name: certd # 容器名
     restart: unless-stopped # 自动重启
     volumes:
@@ -14,7 +16,7 @@ services:
       - "7001:7001"
       #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露该端口
       - "7002:7002"
-    #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND错误，可以尝试设置dns
+    #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo EAI_AGAIN 或 getaddrinfo ENOTFOUND 错误，可以尝试设置dns
 #    dns:
 #      - 223.5.5.5      # 阿里云公共dns
 #      - 223.6.6.6
@@ -35,6 +37,8 @@ services:
 #    networks:
 #      - ip6net
     environment:
+#             ↓↓↓↓ ----------------------------------------------------- 使用上海东八时区
+#      - TZ=Asia/Shanghai
 #     设置环境变量即可自定义certd配置
 #     配置项见： packages/ui/certd-server/src/config/config.default.ts
 #     配置规则： certd_ + 配置项, 点号用_代替

docs/.vitepress/config.ts

@@ -88,22 +88,26 @@ export default defineConfig({
                     text: "特性",
                     items: [
                         {text: "CNAME代理校验", link: "/guide/feature/cname/index.md"},
-                        {text: "插件列表", link: "/guide/plugins.md"},
                         {text: "多数据库支持", link: "/guide/install/database.md"},
                         {text: "开放接口", link: "/guide/open/index.md"},
                         {
-                            text: "站点安全", items: [
-                                {text: "安全特性", link: "/guide/feature/safe"},
-                                {text: "站点隐藏", link: "/guide/feature/safe/hidden"},
-                                {text: "安全生产建议", link: "/guide/feature/safe/suggest"},
+                            text: "站点安全",  link: "/guide/feature/safe/"
+                        },
+                        {
+                            text: "插件列表", items: [
+                                {text: "授权提供商", link: "/guide/plugins/access.md"},
+                                {text: "DNS提供商", link: "/guide/plugins/dns-provider.md"},
+                                {text: "任务插件", link: "/guide/plugins/deploy.md"},
+                                {text: "通知插件", link: "/guide/plugins/notification.md"},
                             ]
                         },
-
                     ]
                 },
                 {
                     text: "常见问题",
                     items: [
+                        {text: "QA", link: "/guide/qa/use.md"},
+                        {text: "常见报错处理", link: "/guide/qa/"},
                         {text: "群晖证书部署", link: "/guide/use/synology/"},
                         {text: "腾讯云密钥获取", link: "/guide/use/tencent/"},
                         {text: "连接windows主机", link: "/guide/use/host/windows.md"},
@@ -115,8 +119,14 @@ export default defineConfig({
                         {text: "js脚本插件使用", link: "/guide/use/custom-script/index.md"},
                         {text: "邮箱配置", link: "/guide/use/email/index.md"},
                         {text: "IPv6支持", link: "/guide/use/setting/ipv6.md"},
-                        {text: "其他插件使用", link: "/deploy/"},
-                        {text: "商业版说明", link: "/comm/"},
+                        {text: "ESXi", link: "/guide/use/ESXi/index.md"},
+                    ]
+                },
+                {
+                    text: "商业版配置", link: "/guide/use/comm/", items: [
+                        {text: "支付宝配置", link: "/guide/use/comm/payments/alipay.md"},
+                        {text: "微信支付配置", link: "/guide/use/comm/payments/wxpay.md"},
+                        {text: "彩虹易支付配置", link: "/guide/use/comm/payments/yizhifu.md"},
                     ]
                 },
                 {
@@ -129,30 +139,9 @@ export default defineConfig({
                         {text: "捐赠", link: "/guide/donate/"},
                         {text: "开源协议", link: "/guide/license/"},
                         {text: "我的其他开源项目", link: "/guide/link/"},
-
                     ]
                 }
             ],
-            "/deploy/": [
-                {
-                    text: "部署证书插件",
-                    items: [
-                        {text: "插件说明", link: "/deploy/index.md"},
-                        {text: "部署到ESXi", link: "/deploy/ESXi/index.md"},
-                    ]
-                }
-            ],
-            "/comm/": [
-                {
-                    text: "商业版",
-                    items: [
-                        {text: "支付宝配置", link: "/comm/payments/alipay.md"},
-                        {text: "微信支付配置", link: "/comm/payments/wxpay.md"},
-                        {text: "彩虹易支付配置", link: "/comm/payments/yizhifu.md"},
-                    ]
-                }
-            ]
-            ,
         },
 
         socialLinks: [

docs/deploy/index.md

@@ -1,4 +0,0 @@
-# 部署插件说明
-
-## 待完善
-

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,251 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+### Bug Fixes
+
+* 修复通知和触发器无法编辑的bug ([a2e0951](https://github.com/certd/certd/commit/a2e09510426680eb425c0d7ad337f39d3f052054))
+
+### Performance Improvements
+
+* 支持部署到七牛云DCDN ([bde601b](https://github.com/certd/certd/commit/bde601bfffb4f7345d97e1e3b064520816d31555))
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+### Bug Fixes
+
+* 支持自定义证书生成插件 ([481cc02](https://github.com/certd/certd/commit/481cc029fafaf280aa844cd3ca30f4653ec35d55))
+
+### Features
+
+* 支持模版创建流水线 ([2559f0e](https://github.com/certd/certd/commit/2559f0e822db095d1d26a7f1d517622dce22a5c2))
+
+### Performance Improvements
+
+* 阿里云waf cname站点选择支持翻页及域名查询 ([4cf9858](https://github.com/certd/certd/commit/4cf98584dacc5999752732f136246647a2f1f07d))
+* 部署到ssh主机命令支持前置命令 ([991b741](https://github.com/certd/certd/commit/991b741cbe223b342f534157da63b71e81661f8e))
+* 模版导入流水线 ([dcc8c56](https://github.com/certd/certd/commit/dcc8c569693432579709ce63656665a76bcf9a44))
+* 添加用户资料编辑功能 ([7c0f43c](https://github.com/certd/certd/commit/7c0f43c8a3052f73afee3e93c9fcbc43c44ab690))
+* 优化阿里云waf的日志信息 ([821c6d8](https://github.com/certd/certd/commit/821c6d807d4b3cc5092d09a6282b8cbafb9e7c9f))
+* 优化中英文翻译与切换 ([acaa8b1](https://github.com/certd/certd/commit/acaa8b173183b4423584ee070e6e332e0ac0eb2d))
+* 站点IP监控前先同步一下IP ([a080b60](https://github.com/certd/certd/commit/a080b606ab6e289d96b17ef7d2879b4603f889ba))
+* 支持选择运行策略设置 ([60f055f](https://github.com/certd/certd/commit/60f055f293ce237c21cd9050333dad9609eceac1))
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+### Bug Fixes
+
+* 腾讯云授权支持设置是否国际站，部署到EO插件支持国际站 ([5cd3968](https://github.com/certd/certd/commit/5cd3968929acef333cf30d3b20cf21cea6c82c5f))
+* 修复邮箱包含.号校验失败的bug ([65dcae7](https://github.com/certd/certd/commit/65dcae79f8faa7a6cb425e10a0fdb6758b0719f3))
+
+### Performance Improvements
+
+* 首次打开任务日志查看页面，自动滚动到底部 ([43fee42](https://github.com/certd/certd/commit/43fee42198e8697185b427b1fa3eb79409603393))
+* 支持批量修改通知和定时 ([e11b3be](https://github.com/certd/certd/commit/e11b3becfd4abe6547e84d09adc38ebd6e1c4b87))
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+### Bug Fixes
+
+* 修复消息内容存在()<>等括号情况下无法发送tg通知的bug ([c937583](https://github.com/certd/certd/commit/c937583a50d8513d76adead3648f83eee2fcc6f9))
+* 修复重试次数设置无效的bug ([e2099ac](https://github.com/certd/certd/commit/e2099ac9ca344bc70bfa4219002e9138708973ae))
+
+### Performance Improvements
+
+* 授权列表类型颜色优化 ([1e86338](https://github.com/certd/certd/commit/1e863382d3d1a8cc95a1abf51e75bf6eaea3244f))
+* 支持雨云dns解析 ([8354348](https://github.com/certd/certd/commit/83543487e7418683bd79cfe3b9e0d792bdb977f7))
+* 支持雨云dns解析以及雨云证书更新 ([43c7a19](https://github.com/certd/certd/commit/43c7a1984926f5d4647760cc134bb0aede3a7b7a))
+* github 版本检查支持执行脚本 ([bad3504](https://github.com/certd/certd/commit/bad3504d4a15e6989b967b66aa9da8c6981f25bf))
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([c1fbc8c](https://github.com/certd/certd/commit/c1fbc8cd68ae020ef342e4e92f4d9b4869ca1ead))
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+* 修复检查github release 插件无法保存最后版本的bug ([a92107c](https://github.com/certd/certd/commit/a92107cc47133883b099d5228b06373e84c8bb50))
+* 修复站点监控定时器多次添加的bug ([9361679](https://github.com/certd/certd/commit/936167972fe83e519bc01a0dd961d9c0635d24ab))
+
+### Performance Improvements
+
+* 阿里云dns操作增加重试机制 ([424fd96](https://github.com/certd/certd/commit/424fd96615c05e949af8c837c261c1400bdffba2))
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+* 子域名托管帮助链接优化为打开新窗口 ([7c0cdd1](https://github.com/certd/certd/commit/7c0cdd169e2f943e703e433677f2f437d4aa02ee))
+* history增加触发类型显示 ([7f6070c](https://github.com/certd/certd/commit/7f6070c960ed7bf02add5ab36436de6573f2f1fa))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+* 修复站点监控通知渠道设置无效的bug ([a00453c](https://github.com/certd/certd/commit/a00453c83a58114ce2873dd6e6aaf313f1ce0f87))
+
+### Performance Improvements
+
+* 修改 HTTPS 服务器监听地址 ([e1cf64a](https://github.com/certd/certd/commit/e1cf64ae16d4abfe4299ff16d5088c30cf3c6365))
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Bug Fixes
+
+* **flexcdn:** fix cert upload and skipSslVerify required ([c48da5d](https://github.com/certd/certd/commit/c48da5dea7f0f0cdeae643b106b4a678acc3b14b))
+
+### Performance Improvements
+
+* 阿里云CLB支持部署到扩展域名 ([0e8339c](https://github.com/certd/certd/commit/0e8339c70190890d449099e1d26e5ed06ff135fb))
+* 优化流水线名称过长时的显示 ([6a0cc1b](https://github.com/certd/certd/commit/6a0cc1b1f3ad508f9e4093b3b682b163f12389eb))
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Bug Fixes
+
+* 修复Farcdn证书有效期错误的问题 ([1fe4c36](https://github.com/certd/certd/commit/1fe4c367f7128de9ba5e3395ae06bc81e63a7d5a))
+
+### Performance Improvements
+
+* 不止证书自动化，插件解锁无限可能 ([a9b302e](https://github.com/certd/certd/commit/a9b302e38d3328d75df8b2da3d8b914851e55e9c))
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+* 支持github 新版本检查并发布通知 ([356703c](https://github.com/certd/certd/commit/356703c83ea18c6efb8931402e181280d7b7e696))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 更新 1panel API 版本支持v1/v2设置 ([e6195ad](https://github.com/certd/certd/commit/e6195ade3ec54b138825b8d6738f86eb8afdd720))
+* 同步更新namesilo接口，修复无法创建和删除dns记录的问题 ([36b02c2](https://github.com/certd/certd/commit/36b02c2cec145c13d4ef29d49aba5b6b4f697df2))
+* 修复阿里云 esa 证书获取站点列表错误的问题 ([0c2ea5d](https://github.com/certd/certd/commit/0c2ea5da4c836f8a0df132a3f22d399bd9ee1de9))
+* 修复部署到华为cdn，子账号ak查询不到域名的bug ([ebb292a](https://github.com/certd/certd/commit/ebb292a2f7a425c1bc810f59468beb3f1d5bc3f0))
+* 修复证书申请任务无法修改dns提供商类型的bug ([8802274](https://github.com/certd/certd/commit/88022747bebe2054223e0241d68d410771405e68))
+
+### Performance Improvements
+
+* 关闭腾讯云证书通知提醒 ([231a875](https://github.com/certd/certd/commit/231a875bb481420c39bf76ec9ff4e50954ab9fe4))
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+* 优化站点ip检查 ([a463711](https://github.com/certd/certd/commit/a463711b03a20120f2a298be15d71ca152d27f21))
+* 站点监控支持监控IP ([9cc4c01](https://github.com/certd/certd/commit/9cc4c017ae646a18284e732769b82636feda01d3))
+* 支持批量重新运行 ([8189982](https://github.com/certd/certd/commit/818998259ddc75e722196ac5c365038818539b9b))
+* farcdn优化 ([a06ef07](https://github.com/certd/certd/commit/a06ef07178ed73c537e21c7d57e5e5144d2c056d))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+### Performance Improvements
+
+* 优化阿里云DCDN插件，支持多选 ([b091657](https://github.com/certd/certd/commit/b091657b5c537acf2442a2bfc345d0a77f5e2c50))
+* 支持部署到farcdn ([e08cf57](https://github.com/certd/certd/commit/e08cf57b72128998f487ab6469868052fbce0dba))
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复又拍云 CDN 设置证书参数和强制 HTTPS 配置报错的bug ([7984b62](https://github.com/certd/certd/commit/7984b625ba6727132f205db8e25f790bce27b2f7))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 二次认证页面中，添加动态验证码输入框的焦点控制，提升用户体验 ([bb22f06](https://github.com/certd/certd/commit/bb22f062ed4ab4b5b71938270fe4cc666af6b8e7))
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 1panel增加授权测试按钮 ([566b12f](https://github.com/certd/certd/commit/566b12f5d14ce10e8f5cf1807c58f7bf27f0d199))
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复部署flexcdn问题 ([76b19a4](https://github.com/certd/certd/commit/76b19a4980f8edba5238543b82a7811e1003746c))
+* 修复插件导入的bug ([677fec0](https://github.com/certd/certd/commit/677fec0a0b6fceb4966705e471bbfeeda91610c7))
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+* 修复自建插件保存丢失部署策略的bug ([863e74d](https://github.com/certd/certd/commit/863e74dd2e3912f950ff5025b5ed0070aeb37035))
+
+### Performance Improvements
+
+* 调整小助手，仅在登录之后显示 ([aebb07c](https://github.com/certd/certd/commit/aebb07c5cc8b1f233b9d203ff017ac60e6971a85))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+### Performance Improvements
+
+* 宝塔插件、1panel 改成完全免费版 ([a53b6cd](https://github.com/certd/certd/commit/a53b6cd28ff2ce5662ada82379ea44a06b179b81))
+* 添加 FlexCDN 更新证书插件 ([bf040d4](https://github.com/certd/certd/commit/bf040d4c428d29c06fbaca5e29100e0c583b2b0b))
+* 小助手可以关闭 ([3e2101a](https://github.com/certd/certd/commit/3e2101aa5b56548614102e900d59819ce8c7e97c))
+* 支持部署到maoyun cdn ([68f333f](https://github.com/certd/certd/commit/68f333fb87ce85eed27436ecb0f76351c0ccb0d1))
+* 支持AI分析报错 ([aa96859](https://github.com/certd/certd/commit/aa96859798166426e485947a6590464de189de05))
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Bug Fixes
+
+* 修复部署到又拍云强制https无效的bug ([2397097](https://github.com/certd/certd/commit/2397097e4ddcb6f593210598e8779ffd44ac3f8f))
+* 修复刷新流水线页面后，日志不自动更新的bug ([0b2e28b](https://github.com/certd/certd/commit/0b2e28b62dd5eb6804c602083e65c87a9d1d72d2))
+
+### Performance Improvements
+
+* 集成智能问答机器人 ([9dd4905](https://github.com/certd/certd/commit/9dd49054d18ec436a5029444ca55a38adc682933))
+* 支持设置网安备案号 ([d18e431](https://github.com/certd/certd/commit/d18e431e2f08e6b37704032c4ea6fbdd8e971442))
+* http方式支持校验443端口 ([d75fcb7](https://github.com/certd/certd/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+### Bug Fixes
+
+* 根据SOA记录判断子域名托管有缺陷，改回手动配置子域名托管记录的方式 ([1b280a2](https://github.com/certd/certd/commit/1b280a2940f9e2d919b0bf23b89cc185be1fa498))
+* 修复宝塔授权测试按钮显示错误的bug ([048696e](https://github.com/certd/certd/commit/048696ee9386491bb68592fb3a47d1c900bb68bf))
+
+### Performance Improvements
+
+* 支持部署证书到火山dcdn ([5f85219](https://github.com/certd/certd/commit/5f852194953dc1b4e6336770f417507b8f5a33ad))
+* 支持部署证书到unicloud ([a63d687](https://github.com/certd/certd/commit/a63d687f1c573159f0857693f37602b0e1e44072))
+
 # [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
 
 ### Bug Fixes

docs/guide/development/demo/access.md

@@ -0,0 +1,88 @@
+
+# 授权插件Demo
+
+```ts
+import { AccessInput, BaseAccess, IsAccess } from '@certd/pipeline';
+import { isDev } from '../../utils/env.js';
+
+/**
+ * 这个注解将注册一个授权配置
+ * 在certd的后台管理系统中，用户可以选择添加此类型的授权
+ */
+@IsAccess({
+  name: 'demo',
+  title: '授权插件示例',
+  icon: 'clarity:plugin-line',
+  desc: '',
+})
+export class DemoAccess extends BaseAccess {
+  /**
+   * 授权属性配置
+   */
+  @AccessInput({
+    title: '密钥Id',
+    component: {
+      placeholder: 'demoKeyId',
+    },
+    required: true,
+  })
+  demoKeyId = '';
+
+  /**
+   * 授权属性配置
+   */
+  @AccessInput({
+    //标题
+    title: '密钥串',
+    component: {
+      //input组件的placeholder
+      placeholder: 'demoKeySecret',
+    },
+    //是否必填
+    required: true,
+    //改属性是否需要加密
+    encrypt: true,
+  })
+  //属性名称
+  demoKeySecret = '';
+}
+new DemoAccess();
+```
+
+
+# 阿里云授权
+```ts
+
+import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
+
+@IsAccess({
+  name: "aliyun",
+  title: "阿里云授权",
+  desc: "",
+  icon: "ant-design:aliyun-outlined",
+  order: 0,
+})
+export class AliyunAccess extends BaseAccess {
+  @AccessInput({
+    title: "accessKeyId",
+    component: {
+      placeholder: "accessKeyId",
+    },
+    helper: "登录阿里云控制台->AccessKey管理页面获取。",
+    required: true,
+  })
+  accessKeyId = "";
+  @AccessInput({
+    title: "accessKeySecret",
+    component: {
+      placeholder: "accessKeySecret",
+    },
+    required: true,
+    encrypt: true,
+    helper: "注意：证书申请需要dns解析权限；其他阿里云插件，需要对应的权限，比如证书上传需要证书管理权限；嫌麻烦就用主账号的全量权限的accessKey",
+  })
+  accessKeySecret = "";
+}
+
+new AliyunAccess();
+```

docs/guide/feature/safe/hidden/index.md

@@ -22,4 +22,6 @@
 ![](./images/hidden2.png)
 
 ## 3、忘记解除地址和解除密码怎么办
-登录服务器，在数据库平级的目录下创建`.unhidden`文件即可`临时解除`站点隐藏
+登录服务器，在数据库平级的目录下创建`.unhidden`命名的空白文件，即可临时解除站点隐藏       
+临时解除后会自动删除`.unhidden`文件，请尽快设置好新的`解除地址`和`解除密码`，并记住    
+

docs/guide/feature/safe/index.md

@@ -1,36 +1,49 @@
-# 站点安全特性
+# 安全特性
 
-Certd 存储了证书以及授权等敏感数据，所以需要严格保障安全。
-我们非常重视您的数据安全，提供了以下安全特性
+Certd 存储了证书以及授权等敏感数据，所以需要严格保障安全。      
+我们提供了以下安全特性，以及安全生产建议（请遵照建议进行生产部署以保障数据安全）
 
-## 1、 授权数据加密存储【默认开启】
+## 一、站点安全特性
+
+### 1、 授权数据加密存储【默认开启】
 * 所有的授权敏感字段会加密后存储
 * 每个用户独立维护授权数据，连管理员都无权查看
 
 ![星号部分为加密数据](./images/access.png)
 星号部分为加密数据
 
-## 2、 密码防爆破【默认开启】
+### 2、 密码防爆破【默认开启】
 * 登录失败次数过多，账号将被锁定，最高24小时(重启服务可解除锁定)
 * 用户登录密码加密hash后存储，无法计算出密码明文
   ![](./images/login.png)
 
-## 3、站点隐藏【建议开启】
+### 3、站点隐藏【建议开启】
 * 一般来说Certd设置好之后，后续很少需要访问修改。
 * 所以我们平时可以把站点访问关闭，需要的时候再打开，减少站点被攻击的风险    
 * 请前往 `系统管理->系统设置->安全设置->开启站点隐藏`
-* [站点隐藏设置说明](./hidden/)
   ![](./images/hidden.png)
 
-## 4、登录双重验证
+点击查看 [站点隐藏功能详细使用说明](./hidden/)
+
+
+### 4、登录双重验证
 
 支持2FA双重认证
 
 ![](./images/2fa.png)
 
-## 5、数据库自动备份【建议开启】
+### 5、数据库自动备份【建议开启】
 * [自动备份设置说明](../../use/backup/)
 
 
-## 更多安全生产建议
-[安全生产建议](./suggest.md)
+## 二、安全生产建议
+
+尽管`Cert`本身实现了很多安全特性，但`外部环境的安全`仍需要您来确保。    
+请`务必`遵循如下建议做好安全防护
+
+* 请`务必`使用`HTTPS协议`访问本应用，避免被中间人攻击
+* 请`务必`使用`web应用防火墙`防护本应用，防止XSS、SQL注入等攻击
+* 请`务必`做好`服务器本身`的安全防护，防止数据库泄露
+* 请`务必`做好[`数据备份`](../../use/backup/)，避免数据丢失
+* 请`务必`修改管理员账号用户名，且建议将admin注册为普通用户，且设置为禁用。
+* 建议开启[`站点隐藏`](./hidden/)功能

docs/guide/feature/safe/suggest.md

@@ -1,10 +0,0 @@
-# 安全生产建议
-
-尽管`Cert`本身实现了很多安全特性，但`外部环境的安全`仍需要您来确保。    
-请`务必`遵循如下建议做好安全防护
-
-* 请`务必`使用`HTTPS协议`访问本应用，避免被中间人攻击
-* 请`务必`使用`web应用防火墙`防护本应用，防止XSS、SQL注入等攻击
-* 请`务必`做好`服务器本身`的安全防护，防止数据库泄露
-* 请`务必`做好[`数据备份`](../../use/backup/)，避免数据丢失
-* 建议开启[`站点隐藏`](./hidden/)功能

docs/guide/index.md

@@ -5,32 +5,28 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 
+## 1、关于证书续期
+>* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
+>* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
+>* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
 
-## 一、特性
+
+## 2、项目特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。
 
-* 全自动申请证书（支持所有注册商注册的域名）
-* 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持60+部署插件）
-* 支持通配符域名/泛域名，支持多个域名打到一个证书上
-* 邮件通知
-* 私有化部署，保障数据安全
-* 支持SQLite、Postgresql、MySQL数据库
+* 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
+* 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
+* 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
+* 私有化部署，数据保存本地，安装升级非常简单快捷
+* 镜像由Github Actions构建，过程公开透明
+* 授权加密，站点隐藏，2FA，密码防爆破等多重安全保障
+* 支持SQLite，PostgreSQL、MySQL多种数据库
+* 开放接口支持
+* 站点证书监控
+* 多用户管理
 
 
   ![](../images/intro/intro.svg)
 
-## 二、一些说明
-* 本项目申请证书过程遵循acme协议
-* 需要验证域名所有权，一般有两种方式
-    * http-01： 在网站根目录下放置一份txt文件
-    * dns-01： 需要给域名添加txt解析记录，通配符域名只能用这种方式（本项目仅支持dns-01）
-* 证书续期：
-    * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
-    * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
-* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
-* 设置每天自动运行，当证书过期前35天，会自动重新申请证书并部署
 
-## 三、证书颁发机构对比
-* Let's Encrypt：申请最简单。
-* Google: 大厂光环，兼容性好，首次需要翻墙获取EAB。
-* ZeroSSL： 需要EAB，获取EAB无需翻墙。

docs/guide/install/baota/index.md

@@ -10,15 +10,15 @@
 * 登录宝塔面板，在菜单栏中点击 Docker，首次进入会提示安装Docker服务，点击立即安装，按提示完成安装
 
 ### 2、部署certd
-
-#### 2.1 应用商店一键部署【推荐】
+以下两种方式人选一种：
+#### 2.1 应用商店方式一键部署【推荐】
 
 * 在宝塔Docker应用商店中找到`certd`（要先点右上角更新应用）
 * 点击安装，配置域名等基本信息即可完成安装
 
 > 需要宝塔9.2.0及以上版本才支持
 
-#### 2.2 容器编排部署
+#### 2.2 容器编排方式部署
 
 1. 打开`docker-compose.yaml`,整个内容复制下来    
    https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
@@ -43,12 +43,15 @@ admin/123456
 ## 三、如何升级
 宝塔升级certd非常简单
 
-`docker`->`容器编排`->`左侧选择Certd`->`更新镜像`
+打开容器页面： `docker`->`容器编排`->`左侧选择Certd`->`更新镜像`     
+
 ![img.png](./images/upgrade.png)
 
 
 ## 四、数据备份
 
+部署方式不同，数据保存位置不同
+
 ### 4.1 应用商店部署方式
 点击进入安装路径，数据保存在`./data`目录下，可以手动备份
 
@@ -62,7 +65,6 @@ admin/123456
 数据默认保存在`/data/certd`目录下，可以手动备份
 
 
-
 ### 4.3 自动备份
 
 > 建议配置一条 [数据库备份流水线](../../use/backup/)，自动备份

docs/guide/install/source/index.md

@@ -1,5 +1,6 @@
 # 源码部署
-如果没有`git`和`nodejs`基础，则不推荐
+如果没有开发基础、没有运维基础、没有`git`和`nodejs`基础，强烈不推荐此方式
+
 ## 一、源码安装
 
 ### 环境要求
@@ -42,8 +43,8 @@ git pull
 kill -9 $(lsof -t -i:7001)
 # 重新编译启动
 ./start.sh
-```
 
+```
 ::: warning   
 升级certd版本前，切记切记先备份一下数据    
 :::

docs/guide/open/index.md

@@ -18,4 +18,13 @@ header中传入x-certd-token即可调用开放接口
 4、然后将content和sign分别base64后用.号连接： x-certd-token = base64(content) +"."+base64(sign)   
 
 ## SDK
-待开发
+待开发
+
+## 客户端工具
+
+### SSL-Assistant
+`SSL Assistant` 是一个基于 Go 语言开发的跨平台证书部署管理助手。    
+支持自动扫描主机`Nginx`配置，然后从Certd拉取证书并部署。     
+在不想暴露ssh主机密码情况下，该工具非常好用。
+
+开源地址： https://github.com/Youngxj/SSL-Assistant

docs/guide/plugins.md

@@ -1,5 +0,0 @@
-# 插件列表
-
-![img_1.png](../images/plugins/list.png)
-
-

docs/guide/plugins/access.md

@@ -0,0 +1,58 @@
+# 授权列表
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **阿里云授权** |  | 
+| 2.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 3.| **google cloud** | 谷歌云授权 | 
+| 4.| **主机登录授权** |  | 
+| 5.| **SFTP授权** |  | 
+| 6.| **阿里云OSS授权** | 包含地域和Bucket | 
+| 7.| **FTP授权** |  | 
+| 8.| **腾讯云** |  | 
+| 9.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 10.| **七牛云授权** |  | 
+| 11.| **七牛OSS授权** |  | 
+| 12.| **天翼云授权** |  | 
+| 13.| **s3/minio授权** | S3/minio oss授权 | 
+| 14.| **baota授权** |  | 
+| 15.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 16.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 17.| **易发云短信** | sms.yfyidc.cn/ | 
+| 18.| **cdnfly授权** |  | 
+| 19.| **群晖登录授权** |  | 
+| 20.| **k8s授权** |  | 
+| 21.| **1panel授权** | 账号和密码 | 
+| 22.| **百度云授权** |  | 
+| 23.| **LeCDN授权** |  | 
+| 24.| **白山云授权** |  | 
+| 25.| **plesk授权** |  | 
+| 26.| **易支付** |  | 
+| 27.| **支付宝** |  | 
+| 28.| **微信支付** |  | 
+| 29.| **长亭雷池授权** |  | 
+| 30.| **lucky** |  | 
+| 31.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 32.| **uniCloud** | unicloud授权 | 
+| 33.| **华为云授权** |  | 
+| 34.| **西部数码授权** |  | 
+| 35.| **多吉云** |  | 
+| 36.| **我爱云授权** | 我爱云CDN | 
+| 37.| **CacheFly** | CacheFly | 
+| 38.| **Gcore** | Gcore | 
+| 39.| **亚马逊云aws授权** |  | 
+| 40.| **dns.la授权** |  | 
+| 41.| **又拍云** |  | 
+| 42.| **火山引擎** |  | 
+| 43.| **京东云** |  | 
+| 44.| **51dns授权** |  | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/plugins/deploy.md

@@ -0,0 +1,130 @@
+# 任务插件
+共 `70` 款任务插件    
+## 1. 证书申请
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **证书申请（JS版）** | 免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
+| 2.| **证书申请（Lego）** | 支持海量DNS解析提供商，推荐使用，一样的免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
+| 3.| **商用证书托管** | 手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次） | 
+## 2. 主机
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **FTP-上传证书到FTP** | 将证书上传到FTP服务器 | 
+| 2.| **IIS-部署到IIS站点** |  | 
+| 3.| **主机-执行远程主机脚本命令** | 可以执行重启nginx等操作让证书生效 | 
+| 4.| **主机-部署证书到SSH主机** | SFTP上传证书到主机，然后SSH执行部署脚本命令 | 
+## 3. CDN
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **易盾-部署到易盾DCDN** | 主要是防御，http://user.yiduncdn.com/ | 
+| 2.| **易盾-部署到易盾RCDN** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 3.| **cdnfly-部署证书到cdnfly** | cdnfly | 
+| 4.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
+| 5.| **LeCDN-更新证书** |  | 
+| 6.| **LeCDN-更新证书V2** | 支持新版本LeCDN | 
+| 7.| **白山云-更新证书** |  | 
+| 8.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
+| 9.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 10.| **多吉云-部署到多吉云CDN** |  | 
+| 11.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
+| 12.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
+| 13.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
+| 14.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
+| 15.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
+## 4. 面板
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
+| 2.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持网站站点、docker站点等 | 
+| 3.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
+| 4.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
+| 5.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
+| 6.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
+| 7.| **Plesk-部署Plesk网站证书** |  | 
+| 8.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 9.| **lucky-更新Lucky证书** |  | 
+| 10.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 11.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+## 5. 阿里云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **阿里云-部署到Ack** | 部署到阿里云Ack集群Ingress等通过Secret管理证书的应用 | 
+| 2.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
+| 3.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
+| 4.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
+| 5.| **阿里云-部署证书至OSS** | 自动部署域名证书至阿里云OSS | 
+| 6.| **阿里云-上传证书到阿里云** | 如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 7.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
+| 8.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
+| 9.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
+| 10.| **阿里云-部署至SLB(传统负载均衡)** | 部署证书到阿里云SLB(传统负载均衡) | 
+| 11.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0）,【注意】证书的加密算法必须选择【pkcs1旧版】 | 
+## 6. 华为云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **华为云-部署证书至CDN** |  | 
+## 7. 腾讯云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **腾讯云-部署证书到任意云资源** | 支持负载均衡、CDN、DDoS、直播、点播、Web应用防火墙、API网关、TEO、容器服务、对象存储、轻应用服务器、云原生微服务、云开发 | 
+| 2.| **腾讯云-部署到CLB** | 暂时只支持单向认证证书，暂时只支持通用负载均衡 | 
+| 3.| **腾讯云-部署到CDN（废弃）** | 已废弃，请使用v2版 | 
+| 4.| **腾讯云-部署到CDN-v2** | 推荐使用 | 
+| 5.| **腾讯云-上传证书到腾讯云** | 上传成功后输出：tencentCertId | 
+| 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
+| 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EO，必须配置上传证书到腾讯云任务 | 
+| 8.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
+| 9.| **腾讯云-部署到TKE-ingress** | serverless集群请使用K8S部署插件；Qcloud类型需要【上传到腾讯云】作为前置任务；ApiServer未开启外网访问则需要做域名的内网IP映射 | 
+## 8. 火山引擎
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **火山引擎-部署证书至CDN** | 支持网页，文件下载，音视频点播 | 
+| 2.| **火山引擎-部署证书至CLB** | 部署至火山引擎负载均衡 | 
+| 3.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
+| 4.| **火山引擎-部署证书至ALB** | 部署至火山引擎应用负载均衡 | 
+| 5.| **火山引擎-部署证书至Live** | 部署至火山引擎视频直播 | 
+## 9. 京东云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **京东云-部署证书至CDN** | 京东云内容分发网络 | 
+| 2.| **京东云-更新已有证书** | 更新SSL数字证书中的证书 | 
+| 3.| **京东云-上传新证书** | 上传证书到SSL数字证书中心 | 
+## 10. 七牛云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **七牛云-部署证书至OSS** | 自动部署域名证书至七牛云KODO，注意是自定义源站域名，不是CDN域名 | 
+| 2.| **七牛云-部署证书至CDN** | 自动部署域名证书至七牛云CDN | 
+## 11. 亚马逊云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **AWS-部署证书到CloudFront** | 部署证书到 AWS CloudFront | 
+## 12. 其他
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **Demo-测试插件** |  | 
+| 2.| **重启 Certd** | 【仅管理员可用】 重启 certd的https服务，用于更新 Certd 的 ssl 证书 | 
+| 3.| **自定义js脚本** | 【仅管理员】运行自定义js脚本执行 | 
+| 4.| **等待** | 等待一段时间 | 
+| 5.| **数据库备份** | 仅支持备份SQLite数据库 | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/plugins/dns-provider.md

@@ -0,0 +1,22 @@
+# DNS提供商
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **阿里云** | 阿里云DNS解析提供商 | 
+| 2.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 3.| **华为云** | 华为云DNS解析提供商 | 
+| 4.| **西部数码** | west dns provider | 
+| 5.| **dns.la** | dns.la | 
+| 6.| **火山引擎** | 火山引擎DNS解析提供商 | 
+| 7.| **京东云** | 京东云DNS解析提供商 | 
+| 8.| **51dns** | 51DNS | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/plugins/notification.md

@@ -0,0 +1,26 @@
+# 通知插件
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **企业微信通知** | 企业微信群聊机器人通知 | 
+| 2.| **电子邮件** | 电子邮件通知 | 
+| 3.| **爱语飞飞微信通知(iyuu)** | https://iyuu.cn/ | 
+| 4.| **自定义webhook** | 根据模版自定义http请求 | 
+| 5.| **Server酱ᵀ** | https://sct.ftqq.com/ | 
+| 6.| **Server酱³** | https://doc.sc3.ft07.com/serverchan3 | 
+| 7.| **AnPush** | https://anpush.com | 
+| 8.| **Telegram通知** | Telegram Bot推送通知 | 
+| 9.| **Discord 通知** | Discord 机器人通知 | 
+| 10.| **Slack通知** | Slack消息推送通知 | 
+| 11.| **Bark 通知** | Bark 推送通知插件 | 
+| 12.| **飞书通知** | 飞书群聊webhook通知 | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/qa/index.md

@@ -0,0 +1,73 @@
+# 常见报错解决
+
+## 1. getaddrinfo ENOTFOUND错误
+如果出现`getaddrinfo ENOTFOUND`/`getaddrinfo EAI_AGAIN`错误，可以尝试在`docker-compose.yaml`中设置dns
+```yaml
+version: '3.3' # 兼容旧版docker-compose
+services:
+  certd:
+    #↓↓↓↓ ------------ # 如果出现getaddrinfo ENOTFOUND 或 EAI_AGAIN错误，可以尝试设置dns
+    dns:
+      - 223.5.5.5      # 阿里云公共dns
+      - 223.6.6.6
+#       # ↓↓↓↓ ------- # 如果你服务器在腾讯云，可以用这个替换上面阿里云的公共dns
+#      - 119.29.29.29  # 腾讯云公共dns
+#      - 182.254.116.116
+#       # ↓↓↓↓ ------- # 如果你服务器部署在国外，可以用这个替换上面阿里云的公共dns
+#      - 8.8.8.8       # 谷歌公共dns
+#      - 8.8.4.4
+```
+
+如果仍然有问题,按如下步骤检查是否能够ping通域名
+```shell
+docker exec -it certd /bin/sh
+ping www.baidu.com
+ping gg.px.certd.handfree.work
+ping app.handfree.work
+```
+
+如果您是宝塔部署的
+可以试试将容器网络加入brige网络，看是否解决问题
+![img.png](images/baota-net.png)
+
+如果还是不行，请联系我们
+
+
+## 2. 连接IPv6超时
+docker-compose 需要放开IPv6网络的配置
+```yaml
+services:
+  certd:
+    networks:
+      - ip6net
+#    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把上面networks的注释放开
+networks:
+  ip6net:
+    enable_ipv6: true
+    ipam:
+      config:
+        - subnet: 2001:db8::/64
+
+```
+
+## 3. SSL_CERT_NOT_MATCH_DOMAIN_ERROR
+部署证书任务报类似 `SSL_CERT_NOT_MATCH_DOMAIN_ERROR`错误
+这是由于当前流水线的证书域名与要部署的目标站点的域名不匹配导致的，在申请证书任务中，增加目标站点域名，重新运行流水线即可
+
+
+## 4. 没有服务器配置文件，请检查是否开启了外网映射！
+宝塔网站证书部署报错：`Error: 没有服务器配置文件，请检查是否开启了外网映射！`    
+解决方案：先手动在宝塔网站中设置一次证书    
+
+
+## 5. 如何查看容器日志
+```shell
+docker logs -f --tail 200 certd
+```
+
+
+
+
+
+
+

docs/guide/qa/use.md

@@ -0,0 +1,14 @@
+# 使用问题
+
+
+## 1. 是否支持IP证书
+
+因为ACME协议不支持IP证书，所以certd目前也不支持IP证书
+
+
+## 2. 建议设置多长时间运行一次流水线
+建议每天运行一次，检查证书过期时间    
+当证书没过期时，自动跳过部署
+当证书到期前35天（创建流水线时可以修改），将会自动重新申请证书，自动部署
+
+

docs/guide/use/https/index.md

@@ -17,7 +17,9 @@ CERTD_HTTPS_port=7002
 参考Certd顶部的创建证书流水线教程
 
 ### 2、配置复制到本机任务
-将证书复制到certd的证书安装位置
+将证书复制到certd的证书安装位置   
+证书路径：`ssl/cert.crt`   
+私钥路径：`ssl/cert.key` 
 
 ![](./images/1.png)
 ![](./images/2.png)

docs/guide/use/pretask/index.md

@@ -0,0 +1,13 @@
+# 带输出的前置任务
+
+前置任务输出可以在后续任务中使用
+
+比如上传证书到阿里云，会返回阿里云的CertId，之后其他阿里云的部署任务可以选择复用这个证书
+
+## 复用证书
+
+![img.png](images/pretask1.png)
+
+在后续任务中可以选择前置任务的输出
+
+![img.png](images/pretask2.png)

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.34.1"
+  "version": "1.36.2"
 }

package.json

@@ -20,7 +20,7 @@
     "afterpublishOnly": "npm run copylogs && time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
     "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
     "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
-    "commitPro": "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
+    "commitPro": "cd ./packages/pro/ && git add . && git commit -m \"build: publish\" && git push",
     "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/changelogs/",
     "prepublishOnly1": "npm run check && lerna run build ",
     "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
@@ -30,7 +30,8 @@
     "init": "lerna run build",
     "docs:dev": "vitepress dev docs",
     "docs:build": "vitepress build docs",
-    "docs:preview": "vitepress preview docs"
+    "docs:preview": "vitepress preview docs",
+    "pub": "echo 1"
   },
   "license": "AGPL-3.0",
   "dependencies": {

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,92 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/publishlab/node-acme-client/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.1](https://github.com/publishlab/node-acme-client/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.36.0](https://github.com/publishlab/node-acme-client/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.5](https://github.com/publishlab/node-acme-client/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.4](https://github.com/publishlab/node-acme-client/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.3](https://github.com/publishlab/node-acme-client/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.2](https://github.com/publishlab/node-acme-client/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.1](https://github.com/publishlab/node-acme-client/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Performance Improvements
+
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/publishlab/node-acme-client/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+
+# [1.35.0](https://github.com/publishlab/node-acme-client/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.11](https://github.com/publishlab/node-acme-client/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/publishlab/node-acme-client/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+
+### Performance Improvements
+
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/publishlab/node-acme-client/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+
+## [1.34.10](https://github.com/publishlab/node-acme-client/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.9](https://github.com/publishlab/node-acme-client/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.8](https://github.com/publishlab/node-acme-client/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.7](https://github.com/publishlab/node-acme-client/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.6](https://github.com/publishlab/node-acme-client/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.5](https://github.com/publishlab/node-acme-client/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.4](https://github.com/publishlab/node-acme-client/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.3](https://github.com/publishlab/node-acme-client/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.2](https://github.com/publishlab/node-acme-client/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Performance Improvements
+
+* http方式支持校验443端口 ([d75fcb7](https://github.com/publishlab/node-acme-client/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
 ## [1.34.1](https://github.com/publishlab/node-acme-client/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 ### Bug Fixes

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.34.1",
+    "version": "1.36.2",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.34.1",
+        "@certd/basic": "^1.36.2",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -27,7 +27,7 @@
         "https-proxy-agent": "^7.0.5",
         "lodash-es": "^4.17.21",
         "node-forge": "^1.3.1",
-        "punycode": "^2.3.1"
+        "punycode.js": "^2.3.1"
     },
     "devDependencies": {
         "@types/node": "^20.14.10",
@@ -51,7 +51,8 @@
         "lint": "eslint .",
         "lint-types": "tsd",
         "prepublishOnly": "npm run build-docs",
-        "test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\""
+        "test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\"",
+        "pub": "npm publish"
     },
     "repository": {
         "type": "git",
@@ -68,5 +69,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+    "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/core/acme-client/src/auto.js

@@ -75,6 +75,9 @@ export default async (client, userOpts) => {
 
     log("[auto] Placing new certificate order with ACME provider");
     const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) };
+    if (opts.profile && client.sslProvider === 'letsencrypt' ){
+        orderPayload.profile = opts.profile;
+    }
     const order = await client.createOrder(orderPayload);
     const authorizations = await client.getAuthorizations(order);
 
@@ -213,12 +216,16 @@ export default async (client, userOpts) => {
         return promise;
     }
 
-    async function runPromisePa(tasks, waitTime = 5000) {
+    async function runPromisePa(tasks, waitTime = 8000) {
         const results = [];
+        let j = 0
         // eslint-disable-next-line no-await-in-loop,no-restricted-syntax
         for (const task of tasks) {
+            j++
+            log(`开始第${j}个任务`);
             results.push(task());
             // eslint-disable-next-line no-await-in-loop
+            log(`wait ${Math.floor(waitTime/1000)}s`)
             await wait(waitTime);
         }
         return Promise.all(results);
@@ -234,6 +241,7 @@ export default async (client, userOpts) => {
             throw new CancelError("用户取消");
         }
 
+        const waitDnsDiffuseTime = opts.waitDnsDiffuseTime || 30;
         try {
             // eslint-disable-next-line no-await-in-loop
             await runPromisePa(challengePromises);
@@ -241,9 +249,10 @@ export default async (client, userOpts) => {
                 log(`跳过本地验证（skipChallengeVerification=true），等待 60s`);
                 await wait(60 * 1000);
             } else {
+                log("开始本地校验")
                 await runPromisePa(localVerifyTasks, 1000);
-                log("本地校验完成，等待30s")
-                await wait(30 * 1000)
+                log(`本地校验完成，等待${waitDnsDiffuseTime}s`)
+                await wait(waitDnsDiffuseTime * 1000)
             }
 
             log("开始向提供商请求挑战验证");

packages/core/acme-client/src/client.js

@@ -90,10 +90,12 @@ const defaultOpts = {
  */
 
 class AcmeClient {
+    sslProvider
     constructor(opts) {
         if (!Buffer.isBuffer(opts.accountKey)) {
             opts.accountKey = Buffer.from(opts.accountKey);
         }
+        this.sslProvider = opts.sslProvider;
 
         this.opts = { ...defaultOpts, ...opts };
         this.backoffOpts = {

packages/core/acme-client/src/verify.js

@@ -24,22 +24,46 @@ const dns = dnsSdk.promises
  */
 
 async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) {
+
+    async function doQuery(challengeUrl){
+        log(`正在测试请求 ${challengeUrl} `)
+        // const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
+        // const challengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
+
+        /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
+        const httpsAgent = new https.Agent({ rejectUnauthorized: false });
+
+        log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
+        let data = ""
+        try{
+            const resp = await axios.get(challengeUrl, { httpsAgent });
+            data = (resp.data || '').replace(/\s+$/, '');
+        }catch (e) {
+            log(`[error] HTTP request error from ${authz.identifier.value}`,e.message);
+            return false
+        }
+
+        if (!data || (data !== keyAuthorization)) {
+            log(`[error] Authorization not found in HTTP response from ${authz.identifier.value}`);
+            return false
+        }
+        return true
+
+    }
+
     const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
     const challengeUrl = `http://${authz.identifier.value}:${httpPort}${suffix}`;
 
-    /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
-    const httpsAgent = new https.Agent({ rejectUnauthorized: false });
-
-    log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
-    const resp = await axios.get(challengeUrl, { httpsAgent });
-    const data = (resp.data || '').replace(/\s+$/, '');
-
-    log(`Query successful, HTTP status code: ${resp.status}`);
-
-    if (!data || (data !== keyAuthorization)) {
-        throw new Error(`Authorization not found in HTTP response from ${authz.identifier.value}`);
+    if (!await doQuery(challengeUrl)) {
+        const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
+        const httpsChallengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
+        const res = await doQuery(httpsChallengeUrl)
+        if (!res) {
+            throw new Error(`[error] 验证失败，请检查以上测试url是否可以正常访问`);
+        }
     }
 
+
     log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
     return true;
 }

packages/core/acme-client/types/index.d.ts

@@ -66,6 +66,7 @@ export interface ClientAutoOptions {
     challengePriority?: string[];
     preferredChain?: string;
     signal?: AbortSignal;
+    profile?:string;
 }
 
 export class Client {
@@ -203,6 +204,7 @@ export const agents: any;
 export function setLogger(fn: (message: any, ...args: any[]) => void): void;
 
 export function walkTxtRecord(record: any): Promise<string[]>;
+export function getAuthoritativeDnsResolver(record:string): Promise<any>;
 
 export const CancelError: typeof CancelError;
 

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,92 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+### Performance Improvements
+
+* 证书检查支持自定义dns服务器 ([c53bb7c](https://github.com/certd/certd/commit/c53bb7cf677faa32729709ae0c10359db5194d7a))
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+* 修复自建插件保存丢失部署策略的bug ([863e74d](https://github.com/certd/certd/commit/863e74dd2e3912f950ff5025b5ed0070aeb37035))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 ### Performance Improvements

packages/core/basic/build.md

@@ -1 +1 @@
-00:16
+00:43

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.34.1",
+  "version": "1.36.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -12,7 +12,8 @@
     "build": "npm run before-build && tsc --skipLibCheck",
     "dev-build": "npm run build",
     "preview": "vite preview",
-    "test": "mocha   --loader=ts-node/esm"
+    "test": "mocha   --loader=ts-node/esm",
+    "pub": "npm publish"
   },
   "dependencies": {
     "axios": "^1.7.2",
@@ -44,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/core/basic/src/utils/index.ts

@@ -1,39 +1,40 @@
-export * from './util.request.js';
-export * from './util.env.js';
-export * from './util.log.js';
-export * from './util.file.js';
-export * from './util.sp.js';
-export * from './util.promise.js';
-export * from './util.hash.js';
-export * from './util.merge.js';
-export * from './util.cache.js';
-export * from './util.string.js';
-export * from './util.lock.js';
-export * from './util.mitter.js';
-export * from './util.id.js';
-export * from './util.domain.js';
-export * from './util.amount.js';
-import { stringUtils } from './util.string.js';
-import sleep from './util.sleep.js';
-import { http, download } from './util.request.js';
+export * from "./util.request.js";
+export * from "./util.env.js";
+export * from "./util.log.js";
+export * from "./util.file.js";
+export * from "./util.sp.js";
+export * from "./util.promise.js";
+export * from "./util.hash.js";
+export * from "./util.merge.js";
+export * from "./util.cache.js";
+export * from "./util.string.js";
+export * from "./util.lock.js";
+export * from "./util.mitter.js";
+export * from "./util.id.js";
+export * from "./util.domain.js";
+export * from "./util.amount.js";
+import { stringUtils } from "./util.string.js";
+import sleep from "./util.sleep.js";
+import { http, download } from "./util.request.js";
 
-import { mergeUtils } from './util.merge.js';
-import { sp } from './util.sp.js';
-import { hashUtils } from './util.hash.js';
-import { promises } from './util.promise.js';
-import { fileUtils } from './util.file.js';
-import * as _ from 'lodash-es';
-import { cache } from './util.cache.js';
-import dayjs from 'dayjs';
-import { domainUtils } from './util.domain.js';
-import { optionsUtils } from './util.options.js';
-import { amountUtils } from './util.amount.js';
-import { nanoid } from 'nanoid';
-import * as id from './util.id.js';
-import { locker } from './util.lock.js';
-import { mitter } from './util.mitter.js';
+import { mergeUtils } from "./util.merge.js";
+import { sp } from "./util.sp.js";
+import { hashUtils } from "./util.hash.js";
+import { promises } from "./util.promise.js";
+import { fileUtils } from "./util.file.js";
+import * as _ from "lodash-es";
+import { cache } from "./util.cache.js";
+import dayjs from "dayjs";
+import { domainUtils } from "./util.domain.js";
+import { optionsUtils } from "./util.options.js";
+import { amountUtils } from "./util.amount.js";
+import { nanoid } from "nanoid";
+import * as id from "./util.id.js";
+import { locker } from "./util.lock.js";
+import { mitter } from "./util.mitter.js";
 
-import * as request from './util.request.js';
+import * as request from "./util.request.js";
+export * from "./util.cache.js";
 export const utils = {
   sleep,
   http,

packages/core/basic/src/utils/util.cache.ts

@@ -1,8 +1,53 @@
 // LRUCache
 
-import { LRUCache } from 'lru-cache';
+import { LRUCache } from "lru-cache";
 
 export const cache = new LRUCache<string, any>({
   max: 1000,
   ttl: 1000 * 60 * 10,
 });
+
+export class LocalCache<V = any> {
+  cache: Map<string, { value: V; expiresAt: number }>;
+  constructor(opts: { clearInterval?: number } = {}) {
+    this.cache = new Map();
+    setInterval(() => {
+      this.clearExpires();
+    }, opts.clearInterval ?? 5 * 60 * 1000);
+  }
+
+  get(key: string): V | undefined {
+    const entry = this.cache.get(key);
+    if (!entry) {
+      return undefined;
+    }
+
+    // 检查是否过期
+    if (Date.now() > entry.expiresAt) {
+      this.cache.delete(key);
+      return undefined;
+    }
+
+    return entry.value;
+  }
+
+  set(key: string, value: V, ttl = 300000) {
+    // 默认5分钟 (300000毫秒)
+    this.cache.set(key, {
+      value,
+      expiresAt: Date.now() + ttl,
+    });
+  }
+
+  clear() {
+    this.cache.clear();
+  }
+
+  clearExpires() {
+    for (const [key, entry] of this.cache) {
+      if (entry.expiresAt < Date.now()) {
+        this.cache.delete(key);
+      }
+    }
+  }
+}

packages/core/basic/src/utils/util.hash.ts

@@ -14,9 +14,13 @@ function hmacSha256(data: string, digest: BinaryToTextEncoding = "base64") {
 function base64(data: string) {
   return Buffer.from(data).toString("base64");
 }
+function base64Decode(data: string) {
+  return Buffer.from(data, "base64").toString("utf8");
+}
 export const hashUtils = {
   md5,
   sha256,
   base64,
+  base64Decode,
   hmacSha256,
 };

packages/core/basic/src/utils/util.log.ts

@@ -18,16 +18,31 @@ const OutputAppender = {
   },
 };
 
+let logFilePath = "./logs/app.log";
 export function resetLogConfigure() {
   // @ts-ignore
   log4js.configure({
-    appenders: { std: { type: "stdout" }, output: { type: OutputAppender } },
-    categories: { default: { appenders: ["std"], level: "info" }, pipeline: { appenders: ["std", "output"], level: "info" } },
+    appenders: {
+      std: { type: "stdout" },
+      output: { type: OutputAppender },
+      file: {
+        type: "dateFile",
+        filename: logFilePath,
+        keepFileExt: true,
+        compress: true,
+        numBackups: 3,
+      },
+    },
+    categories: { default: { appenders: ["std", "file"], level: "info" }, pipeline: { appenders: ["std", "file", "output"], level: "info" } },
   });
 }
 resetLogConfigure();
 export const logger = log4js.getLogger("default");
 
+export function resetLogFilePath(filePath: string) {
+  logFilePath = filePath;
+  resetLogConfigure();
+}
 export function buildLogger(write: (text: string) => void) {
   const logger = log4js.getLogger("pipeline");
   const _secrets: string[] = [];
@@ -41,8 +56,15 @@ export function buildLogger(write: (text: string) => void) {
         if (item == null) {
           continue;
         }
-        //换成同长度的*号， item可能有多行
-        text = text.replaceAll(item, "*".repeat(item.length));
+        if (item.includes(text)) {
+          //整个包含
+          text = "*".repeat(text.length);
+          continue;
+        }
+        if (text.includes(item)) {
+          //换成同长度的*号， item可能有多行
+          text = text.replaceAll(item, "*".repeat(item.length));
+        }
       }
       write(text);
     },

packages/core/basic/src/utils/util.request.ts

@@ -91,10 +91,23 @@ export function createAxiosService({ logger }: { logger: Logger }) {
   // 请求拦截
   service.interceptors.request.use(
     (config: any) => {
+      if (config.logParams == null) {
+        config.logParams = false;
+      }
+      if (config.logRes == null) {
+        config.logRes = false;
+      }
+      if (config.logData == null) {
+        config.logData = false;
+      }
+
       logger.info(`http request:${config.url}，method:${config.method}`);
       if (config.logParams !== false && config.params) {
         logger.info(`params:${JSON.stringify(config.params)}`);
       }
+      if (config.logData !== false && config.data) {
+        logger.info(`data:${JSON.stringify(config.data)}`);
+      }
       if (config.timeout == null) {
         config.timeout = 15000;
       }
@@ -145,7 +158,8 @@ export function createAxiosService({ logger }: { logger: Logger }) {
       } else {
         logger.info("http response status:", response?.status);
       }
-      if (response?.config?.returnResponse) {
+
+      if (response?.config?.returnOriginRes) {
         return response;
       }
       return response.data;
@@ -201,6 +215,10 @@ export function createAxiosService({ logger }: { logger: Logger }) {
         logger.error("AggregateError", error);
       }
       const err = new HttpError(error);
+      if (error.response?.config?.logParams === false) {
+        delete err.request?.params;
+        delete err.request?.data;
+      }
       return Promise.reject(err);
     }
   );
@@ -214,8 +232,9 @@ export type HttpRequestConfig<D = any> = {
   skipCheckRes?: boolean;
   logParams?: boolean;
   logRes?: boolean;
+  logData?: boolean;
   httpProxy?: string;
-  returnResponse?: boolean;
+  returnOriginRes?: boolean;
 } & AxiosRequestConfig<D>;
 export type HttpClient = {
   request<D = any, R = any>(config: HttpRequestConfig<D>): Promise<HttpClientResponse<R>>;

packages/core/basic/src/utils/util.sleep.ts

@@ -1,5 +1,5 @@
 export default function (timeout: number) {
-  return new Promise((resolve) => {
+  return new Promise(resolve => {
     setTimeout(() => {
       resolve({});
     }, timeout);

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,109 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+### Performance Improvements
+
+* 阿里云waf cname站点选择支持翻页及域名查询 ([4cf9858](https://github.com/certd/certd/commit/4cf98584dacc5999752732f136246647a2f1f07d))
+* 支持选择运行策略设置 ([60f055f](https://github.com/certd/certd/commit/60f055f293ce237c21cd9050333dad9609eceac1))
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+### Performance Improvements
+
+* 支持批量修改通知和定时 ([e11b3be](https://github.com/certd/certd/commit/e11b3becfd4abe6547e84d09adc38ebd6e1c4b87))
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+### Bug Fixes
+
+* 修复消息内容存在()<>等括号情况下无法发送tg通知的bug ([c937583](https://github.com/certd/certd/commit/c937583a50d8513d76adead3648f83eee2fcc6f9))
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Performance Improvements
+
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+* 站点监控支持监控IP ([9cc4c01](https://github.com/certd/certd/commit/9cc4c017ae646a18284e732769b82636feda01d3))
+* 支持批量重新运行 ([8189982](https://github.com/certd/certd/commit/818998259ddc75e722196ac5c365038818539b9b))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+
+### Performance Improvements
+
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.34.1",
+  "version": "1.36.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -13,11 +13,12 @@
     "dev-build": "npm run build",
     "build3": "rollup -c",
     "preview": "vite preview",
-    "test": "mocha   --loader=ts-node/esm"
+    "test": "mocha   --loader=ts-node/esm",
+    "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.34.1",
-    "@certd/plus-core": "^1.34.1",
+    "@certd/basic": "^1.36.2",
+    "@certd/plus-core": "^1.36.1",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -43,5 +44,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/core/pipeline/src/access/api.ts

@@ -37,6 +37,7 @@ export type AccessContext = {
   http: HttpClient;
   logger: ILogger;
   utils: typeof utils;
+  accessService: IAccessService;
 };
 
 export abstract class BaseAccess implements IAccess {

packages/core/pipeline/src/access/decorator.ts

@@ -1,5 +1,5 @@
 // src/decorator/memoryCache.decorator.ts
-import { AccessContext, AccessDefine, AccessInputDefine } from "./api.js";
+import { AccessContext, AccessDefine, AccessInputDefine, IAccessService } from "./api.js";
 import { Decorator } from "../decorator/index.js";
 import * as _ from "lodash-es";
 import { accessRegistry } from "./registry.js";
@@ -41,7 +41,7 @@ export function AccessInput(input?: AccessInputDefine): PropertyDecorator {
   };
 }
 
-export async function newAccess(type: string, input: any, ctx?: AccessContext) {
+export async function newAccess(type: string, input: any, accessService: IAccessService, ctx?: AccessContext) {
   const register = accessRegistry.get(type);
   if (register == null) {
     throw new Error(`access ${type} not found`);
@@ -58,6 +58,7 @@ export async function newAccess(type: string, input: any, ctx?: AccessContext) {
       http,
       logger,
       utils,
+      accessService,
     };
   }
   access.setCtx(ctx);

packages/core/pipeline/src/context/index.ts

@@ -2,3 +2,36 @@ import { IContext } from "../core/index.js";
 
 export type UserContext = IContext;
 export type PipelineContext = IContext;
+
+export type PageSearch = {
+  pageNo?: number;
+  pageSize?: number;
+  searchKey?: string;
+  // sortBy?: string;
+  // sortOrder?: "asc" | "desc";
+};
+
+
+export type PageRes = {
+  pageNo?: number;
+  pageSize?: number;
+  total?: string;
+  list: any[];
+};
+
+export class Pager {
+  pageNo: number;
+  pageSize: number;
+  constructor(req: PageSearch) {
+    this.pageNo = req.pageNo ?? 1;
+    this.pageSize = req.pageSize || 50;
+  }
+
+  getOffset() {
+    return (this.pageNo - 1) * (this.pageSize ?? 50);
+  }
+
+  setOffset(offset: number) {
+    this.pageNo = Math.ceil(offset / (this.pageSize ?? 50)) + 1;
+  }
+}

packages/core/pipeline/src/core/executor.ts

@@ -218,7 +218,7 @@ export class Executor {
             returnType: ResultType.error,
             runnable: t,
           });
-          errorMessage += `任务${t.title}执行失败，错误详情:${e.message}；`;
+          errorMessage += `任务${t.title}执行失败，错误详情：${e.message}；`;
         }
       }
       if (errorList.length > 0) {
@@ -295,6 +295,12 @@ export class Executor {
     const pluginConfig = await this.options.pluginConfigService.getPluginConfig(pluginName);
     //从outputContext读取输入参数
     const input = cloneDeep(step.input);
+    const sysInput = pluginConfig.sysSetting?.input || {};
+    //注入系统设置参数
+    for (const sysInputKey in sysInput) {
+      input[sysInputKey] = sysInput[sysInputKey];
+    }
+
     Decorator.inject(define.input, instance, input, (item, key) => {
       if (item.component?.name === "output-selector") {
         const contextKey = input[key];
@@ -314,12 +320,6 @@ export class Executor {
       }
     });
 
-    const sysInput = pluginConfig.sysSetting?.input || {};
-    //注入系统设置参数
-    for (const sysInputKey in sysInput) {
-      input[sysInputKey] = sysInput[sysInputKey];
-    }
-
     const newInputHash = hashUtils.md5(JSON.stringify(input));
     step.status!.inputHash = newInputHash;
     //判断是否需要跳过
@@ -438,7 +438,7 @@ export class Executor {
         const runnableError = error as RunnableError;
         content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n`;
         for (const re of runnableError.errors) {
-          content += ` - ${re.runnable.title} 执行失败\n  错误详情:${re.e.message}\n\n`;
+          content += ` - ${re.runnable.title} 执行失败，错误详情：${re.e?.message || re.e?.error?.message}\n\n`;
         }
       } else {
         content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n${this.currentStatusMap?.currentStep?.title} 执行失败\n\n错误详情:${error.message}`;
@@ -452,12 +452,12 @@ export class Executor {
         continue;
       }
 
-      if (notification.type === "email") {
+      if (notification.type === "email" && notification.options?.receivers) {
         try {
           await this.options.emailService?.send({
             subject,
             content,
-            receivers: notification.options.receivers,
+            receivers: notification.options?.receivers,
           });
         } catch (e) {
           logger.error("send email error", e);
@@ -489,7 +489,15 @@ export class Executor {
     }
   }
 
+  /**
+   *
+   * @param stepId 如果==ALL 清除所有
+   */
   clearLastStatus(stepId: string) {
+    if (stepId === "ALL") {
+      this.lastStatusMap.clear();
+      return;
+    }
     this.lastStatusMap.clearById(stepId);
   }
 }

packages/core/pipeline/src/core/run-history.ts

@@ -203,6 +203,7 @@ export class RunnableCollection {
     if (runnable?.status) {
       runnable.status.status = ResultType.none;
       runnable.status.result = ResultType.none;
+      runnable.status.output = {};
       runnable.status.inputHash = "";
       // @ts-ignore
       runnable.input = {};

packages/core/pipeline/src/dt/pipeline.ts

@@ -52,7 +52,9 @@ export type Stage = Runnable & {
 export type Trigger = {
   id: string;
   title: string;
-  cron: string;
+  props: {
+    cron: string;
+  };
   type: string;
 };
 
@@ -78,14 +80,13 @@ export type EmailOptions = {
   receivers: string[];
 };
 export type NotificationWhen = "error" | "success" | "turnToSuccess" | "start";
-export type NotificationType = "email" | "url";
+export type NotificationType = "email" | "other";
 export type Notification = {
   type: NotificationType;
   when: NotificationWhen[];
-  options: EmailOptions;
+  options?: EmailOptions;
   notificationId: number;
   title: string;
-  subType: string;
 };
 
 export type Pipeline = Runnable & {

packages/core/pipeline/src/notification/api.ts

@@ -4,7 +4,6 @@ import { FormItemProps, HistoryResult, Pipeline } from "../dt/index.js";
 import { HttpClient, ILogger, utils } from "@certd/basic";
 import * as _ from "lodash-es";
 import { IEmailService } from "../service/index.js";
-import { isPlus } from "@certd/plus-core";
 
 export type NotificationBody = {
   userId?: number;
@@ -81,9 +80,6 @@ export abstract class BaseNotification implements INotification {
   logger!: ILogger;
 
   async doSend(body: NotificationBody) {
-    if (this.define.needPlus && !isPlus()) {
-      body.content = `${body.content}\n\n注意：此通知渠道已调整为专业版功能，后续版本将不再支持发送，请尽快修改或升级为专业版`;
-    }
     return await this.send(body);
   }
   abstract send(body: NotificationBody): Promise<void>;
@@ -121,9 +117,13 @@ export abstract class BaseNotification implements INotification {
   async onTestRequest() {
     return await this.doSend({
       userId: 0,
-      title: "【Certd】测试通知【*.foo.com】，标题长度测试、测试、测试",
-      content: `测试通知,*.foo.com
+      title: "【标题】测试通知【*.foo.com】，标题长度测试、测试、测试",
+      content: `测试通知
+域名测试: *.foo.com
 换行测试
+(括号测试)
+<尖括号测试>
+[中括号测试]
       `,
       pipeline: {
         id: 1,

packages/core/pipeline/src/plugin/api.ts

@@ -152,6 +152,16 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     this.logger = ctx.logger;
     this.accessService = ctx.accessService;
     this.http = ctx.http;
+    // 将证书加入secret
+    // @ts-ignore
+    if (this.cert && this.cert.crt && this.cert.key) {
+      //有证书
+      // @ts-ignore
+      const cert: any = this.cert;
+      this.registerSecret(cert.crt);
+      this.registerSecret(cert.key);
+      this.registerSecret(cert.one);
+    }
   }
 
   async getAccess<T = any>(accessId: string | number, isCommon = false) {
@@ -186,6 +196,14 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     return res as T;
   }
 
+  registerSecret(value: string) {
+    // @ts-ignore
+    if (this.logger?.addSecret) {
+      // @ts-ignore
+      this.logger.addSecret(value);
+    }
+  }
+
   randomFileId() {
     return Math.random().toString(36).substring(2, 9);
   }
@@ -227,6 +245,11 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     return name + "_" + dayjs().format("YYYYMMDDHHmmssSSS");
   }
 
+  buildCertName(domain: string) {
+    domain = domain.replaceAll("*", "_").replaceAll(".", "_");
+    return `${domain}_${dayjs().format("YYYYMMDDHHmmssSSS")}`;
+  }
+
   async onRequest(req: PluginRequestHandleReq<any>) {
     if (!req.action) {
       throw new Error("action is required");

packages/core/pipeline/src/registry/registry.ts

@@ -48,6 +48,11 @@ export class Registry<T = any> {
     logger.info(`注册插件:${this.type}:${key}`);
   }
 
+  unRegister(key: string) {
+    delete this.storage[key];
+    logger.info(`反注册插件:${this.type}:${key}`);
+  }
+
   get(name: string): RegistryItem<T> {
     if (!name) {
       throw new Error("插件名称不能为空");

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,82 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.34.1",
+  "version": "1.36.2",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -10,7 +10,8 @@
     "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
     "build": "npm run before-build && rollup -c ",
     "dev-build": "npm run build",
-    "preview": "vite preview"
+    "preview": "vite preview",
+    "pub": "npm publish"
   },
   "dependencies": {
     "axios": "^1.7.2",
@@ -23,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,82 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.34.1",
+  "version": "1.36.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -13,7 +13,8 @@
     "dev-build": "npm run build",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
-    "preview": "vite preview"
+    "preview": "vite preview",
+    "pub": "npm publish"
   },
   "dependencies": {
     "nanoid": "^4.0.0"
@@ -30,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,82 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.34.1",
+  "version": "1.36.2",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -9,7 +9,8 @@
     "test": "cross-env NODE_CONFIG_DIR=./test/config  mocha --recursive --require babel-register",
     "dev": "babel src --out-dir babel -w",
     "build": "rollup -c ",
-    "dev-build": "npm run build"
+    "dev-build": "npm run build",
+    "pub": "npm publish"
   },
   "author": "",
   "license": "Apache",
@@ -60,5 +61,5 @@
       "fetch"
     ]
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,82 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.34.1",
+  "version": "1.36.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -13,10 +13,11 @@
     "dev-build": "npm run build",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
-    "preview": "vite preview"
+    "preview": "vite preview",
+    "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.34.1",
+    "@certd/basic": "^1.36.2",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -31,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,94 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/lib-server
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-server
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Performance Improvements
+
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Performance Improvements
+
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Performance Improvements
+
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+### Performance Improvements
+
+* 小助手可以关闭 ([3e2101a](https://github.com/certd/certd/commit/3e2101aa5b56548614102e900d59819ce8c7e97c))
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Performance Improvements
+
+* 支持设置网安备案号 ([d18e431](https://github.com/certd/certd/commit/d18e431e2f08e6b37704032c4ea6fbdd8e971442))
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.34.1",
+  "version": "1.36.2",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -27,10 +27,10 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.34.1",
-    "@certd/basic": "^1.34.1",
-    "@certd/pipeline": "^1.34.1",
-    "@certd/plus-core": "^1.34.1",
+    "@certd/acme-client": "^1.36.2",
+    "@certd/basic": "^1.36.2",
+    "@certd/pipeline": "^1.36.2",
+    "@certd/plus-core": "^1.36.1",
     "@midwayjs/cache": "~3.14.0",
     "@midwayjs/core": "~3.20.3",
     "@midwayjs/i18n": "~3.20.3",
@@ -61,5 +61,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/libs/lib-server/src/basic/base-service.ts

@@ -84,6 +84,7 @@ export abstract class BaseService<T> {
       ...where,
     });
     await this.modifyAfter(idArr);
+    return ids
   }
 
   resolveIdArr(ids: string | any[]) {

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -16,6 +16,7 @@ export class SysPublicSettings extends BaseSettings {
   static __access__ = 'public';
 
   registerEnabled = false;
+  userValidTimeEnabled?:boolean = false;
   passwordLoginEnabled = true;
   usernameRegisterEnabled = true;
   mobileRegisterEnabled = false;
@@ -25,7 +26,9 @@ export class SysPublicSettings extends BaseSettings {
   limitUserPipelineCount = 0;
   managerOtherUserPipeline = false;
   icpNo?: string;
+  mpsNo?: string;
   robots?: boolean = true;
+  aiChatEnabled = true;
 }
 
 export class SysPrivateSettings extends BaseSettings {
@@ -202,3 +205,5 @@ export class SysSafeSetting extends BaseSettings {
     autoHiddenTimes: 5,
   };
 }
+
+

packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts

@@ -3,11 +3,12 @@ import { InjectEntityModel } from '@midwayjs/typeorm';
 import { Repository } from 'typeorm';
 import { SysSettingsEntity } from '../entity/sys-settings.js';
 import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecret, SysSecretBackup } from './models.js';
-import * as _ from 'lodash-es';
+
 import { BaseService } from '../../../basic/index.js';
 import { cache, logger, setGlobalProxy } from '@certd/basic';
 import * as dns from 'node:dns';
-
+import {mergeUtils} from "@certd/basic";
+const {merge} = mergeUtils;
 /**
  * 设置
  */
@@ -75,7 +76,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
     }
     let newSetting: T = new type();
     const savedSettings = await this.getSettingByKey(key);
-    newSetting = _.merge(newSetting, savedSettings);
+    newSetting = merge(newSetting, savedSettings);
     await this.saveSetting(newSetting);
     cache.set(cacheKey, newSetting);
     return newSetting;

packages/libs/lib-server/src/user/access/service/access-service.ts

@@ -1,16 +1,16 @@
-import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
-import { InjectEntityModel } from '@midwayjs/typeorm';
-import { Repository } from 'typeorm';
-import { BaseService, PageReq, PermissionException, ValidateException } from '../../../index.js';
-import { AccessEntity } from '../entity/access.js';
-import { AccessDefine, accessRegistry, newAccess } from '@certd/pipeline';
-import { EncryptService } from './encrypt-service.js';
+import {Inject, Provide, Scope, ScopeEnum} from '@midwayjs/core';
+import {InjectEntityModel} from '@midwayjs/typeorm';
+import {Repository} from 'typeorm';
+import {AccessGetter, BaseService, PageReq, PermissionException, ValidateException} from '../../../index.js';
+import {AccessEntity} from '../entity/access.js';
+import {AccessDefine, accessRegistry, newAccess} from '@certd/pipeline';
+import {EncryptService} from './encrypt-service.js';
 
 /**
  * 授权
  */
 @Provide()
-@Scope(ScopeEnum.Request, { allowDowngrade: true })
+@Scope(ScopeEnum.Request, {allowDowngrade: true})
 export class AccessService extends BaseService<AccessEntity> {
   @InjectEntityModel(AccessEntity)
   repository: Repository<AccessEntity>;
@@ -95,6 +95,7 @@ export class AccessService extends BaseService<AccessEntity> {
     param.encryptSetting = JSON.stringify(encryptSetting);
     param.setting = JSON.stringify(json);
   }
+
   /**
    * 修改
    * @param param 数据
@@ -140,7 +141,8 @@ export class AccessService extends BaseService<AccessEntity> {
       id: entity.id,
       ...setting,
     };
-    return await newAccess(entity.type, input);
+    const accessGetter = new AccessGetter(userId, this.getById.bind(this));
+    return await newAccess(entity.type, input,accessGetter);
   }
 
   async getById(id: any, userId: number): Promise<any> {

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,82 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.34.1",
+  "version": "1.36.2",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,106 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+### Performance Improvements
+
+* 模版导入流水线 ([dcc8c56](https://github.com/certd/certd/commit/dcc8c569693432579709ce63656665a76bcf9a44))
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+
+### Performance Improvements
+
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Performance Improvements
+
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 修复证书申请任务无法修改dns提供商类型的bug ([8802274](https://github.com/certd/certd/commit/88022747bebe2054223e0241d68d410771405e68))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 ### Bug Fixes

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.34.1",
+  "version": "1.36.2",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -12,19 +12,20 @@
     "dev-build": "npm run build",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
-    "preview": "vite preview"
+    "preview": "vite preview",
+    "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.34.1",
-    "@certd/basic": "^1.34.1",
-    "@certd/pipeline": "^1.34.1",
-    "@certd/plugin-lib": "^1.34.1",
+    "@certd/acme-client": "^1.36.2",
+    "@certd/basic": "^1.36.2",
+    "@certd/pipeline": "^1.36.2",
+    "@certd/plugin-lib": "^1.36.2",
     "@google-cloud/publicca": "^1.3.0",
     "dayjs": "^1.11.7",
     "jszip": "^3.10.1",
     "lodash-es": "^4.17.21",
     "psl": "^1.9.0",
-    "punycode": "^2.3.1",
+    "punycode.js": "^2.3.1",
     "rimraf": "^5.0.5"
   },
   "devDependencies": {
@@ -42,5 +43,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/plugins/plugin-cert/src/dns-provider/api.ts

@@ -29,9 +29,25 @@ export type DnsProviderContext = {
 
 export interface IDnsProvider<T = any> {
   onInstance(): Promise<void>;
+
+  /**
+   * 中文转英文
+   * @param domain
+   */
+  punyCodeEncode(domain: string): string;
+
+  /**
+   * 转中文域名
+   * @param domain
+   */
+  punyCodeDecode(domain: string): string;
+
   createRecord(options: CreateRecordOptions): Promise<T>;
+
   removeRecord(options: RemoveRecordOptions<T>): Promise<void>;
+
   setCtx(ctx: DnsProviderContext): void;
+
   //中文域名是否需要punycode转码，如果返回True，则使用punycode来添加解析记录，否则使用中文域名添加解析记录
   usePunyCode(): boolean;
 }

packages/plugins/plugin-cert/src/dns-provider/base.ts

@@ -1,16 +1,34 @@
 import { CreateRecordOptions, DnsProviderContext, DnsProviderDefine, IDnsProvider, RemoveRecordOptions } from "./api.js";
 import { dnsProviderRegistry } from "./registry.js";
 import { HttpClient, ILogger } from "@certd/basic";
-
+import punycode from "punycode.js";
 export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
   ctx!: DnsProviderContext;
   http!: HttpClient;
   logger!: ILogger;
 
   usePunyCode(): boolean {
+    //是否使用punycode来添加解析记录
+    //默认都使用原始中文域名来添加
     return false;
   }
 
+  /**
+   * 中文转英文
+   * @param domain
+   */
+  punyCodeEncode(domain: string) {
+    return punycode.toASCII(domain);
+  }
+
+  /**
+   * 转中文域名
+   * @param domain
+   */
+  punyCodeDecode(domain: string) {
+    return punycode.toUnicode(domain);
+  }
+
   setCtx(ctx: DnsProviderContext) {
     this.ctx = ctx;
     this.logger = ctx.logger;

packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts

@@ -6,7 +6,7 @@ import { Challenge } from "@certd/acme-client/types/rfc8555";
 import { IContext } from "@certd/pipeline";
 import { ILogger, utils } from "@certd/basic";
 import { IDnsProvider, IDomainParser } from "../../dns-provider/index.js";
-import punycode from "node:punycode";
+import punycode from "punycode.js";
 import { IOssClient } from "@certd/plugin-lib";
 export type CnameVerifyPlan = {
   type?: string;
@@ -63,6 +63,7 @@ type AcmeServiceOptions = {
   maxCheckRetryCount?: number;
   userId: number;
   domainParser: IDomainParser;
+  waitDnsDiffuseTime?: number;
 };
 
 export class AcmeService {
@@ -232,16 +233,18 @@ export class AcmeService {
     let dnsProvider = providers.dnsProvider;
     let fullRecord = `_acme-challenge.${fullDomain}`;
 
+    const origDomain = punycode.toUnicode(domain);
+    const origFullDomain = punycode.toUnicode(fullDomain);
     if (providers.domainsVerifyPlan) {
       //按照计划执行
-      const domainVerifyPlan = providers.domainsVerifyPlan[domain];
+      const domainVerifyPlan = providers.domainsVerifyPlan[origDomain];
       if (domainVerifyPlan) {
         if (domainVerifyPlan.type === "dns") {
           dnsProvider = domainVerifyPlan.dnsProvider;
         } else if (domainVerifyPlan.type === "cname") {
           const cnameVerifyPlan = domainVerifyPlan.cnameVerifyPlan;
           if (cnameVerifyPlan) {
-            const cname = cnameVerifyPlan[fullDomain];
+            const cname = cnameVerifyPlan[origFullDomain];
             if (cname) {
               dnsProvider = cname.dnsProvider;
               domain = await this.options.domainParser.parse(cname.domain);
@@ -324,8 +327,9 @@ export class AcmeService {
     csrInfo: any;
     isTest?: boolean;
     privateKeyType?: string;
+    profile?: string;
   }): Promise<CertInfo> {
-    const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan } = options;
+    const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan, profile } = options;
     const client: acme.Client = await this.getAcmeClient(email, isTest);
 
     let domains = options.domains;
@@ -397,6 +401,7 @@ export class AcmeService {
         return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader);
       },
       signal: this.options.signal,
+      profile,
     });
 
     const crtString = crt.toString();

packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts

@@ -8,7 +8,7 @@ export const EVENT_CERT_APPLY_SUCCESS = "CertApply.success";
 
 export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
   @TaskInput({
-    title: "域名",
+    title: "证书域名",
     component: {
       name: "a-select",
       vModel: "value",

packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts

@@ -8,7 +8,7 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
   @TaskInput({
     title: "邮箱",
     component: {
-      name: "a-input",
+      name: "email-selector",
       vModel: "value",
     },
     rules: [{ type: "email", message: "请输入正确的邮箱" }],
@@ -81,6 +81,10 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
     }
   }
 
+  getCheckChangeInputKeys() {
+    //插件哪些字段参与校验是否需要更新
+    return ["domains", "sslProvider", "privateKeyType", "dnsProviderType", "pfxPassword"];
+  }
   /**
    * 是否更新证书
    */
@@ -91,7 +95,7 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
     //   return null;
     // }
 
-    const checkInputChanges = ["domains", "sslProvider", "privateKeyType", "dnsProviderType", "pfxPassword"];
+    const checkInputChanges = this.getCheckChangeInputKeys();
     const oldInput = JSON.stringify(pick(this.lastStatus?.input, checkInputChanges));
     const thisInput = JSON.stringify(pick(this, checkInputChanges));
     const inputChanged = oldInput !== thisInput;
@@ -145,7 +149,8 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
       throw new Error("过期时间不能为空");
     }
     // 检查有效期
-    const leftDays = dayjs(expires).diff(dayjs(), "day");
+    const leftDays = Math.floor((expires - dayjs().valueOf()) / (1000 * 60 * 60 * 24));
+    this.logger.info(`证书剩余天数：${leftDays}`);
     return {
       isWillExpire: leftDays <= maxDays,
       leftDays,

packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts

@@ -5,6 +5,7 @@ import path from "path";
 import { CertificateInfo, crypto } from "@certd/acme-client";
 import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
+import { uniq } from "lodash-es";
 
 export type CertReaderHandleContext = {
   reader: CertReader;
@@ -88,9 +89,39 @@ export class CertReader {
 
   getAllDomains() {
     const { detail } = this.getCrtDetail();
-    const domains = [detail.domains.commonName];
+    const domains = [];
+    if (detail.domains?.commonName) {
+      domains.push(detail.domains.commonName);
+    }
     domains.push(...detail.domains.altNames);
-    return domains;
+    //去重
+    return uniq(domains);
+  }
+
+  getAltNames() {
+    const { detail } = this.getCrtDetail();
+    return detail.domains.altNames;
+  }
+
+  static getMainDomain(crt: string) {
+    const { detail } = CertReader.readCertDetail(crt);
+    return CertReader.getMainDomainFromDetail(detail);
+  }
+
+  getMainDomain() {
+    const { detail } = this.getCrtDetail();
+    return CertReader.getMainDomainFromDetail(detail);
+  }
+
+  static getMainDomainFromDetail(detail: CertificateInfo) {
+    let domain = detail?.domains?.commonName;
+    if (domain == null) {
+      domain = detail?.domains?.altNames?.[0];
+    }
+    if (domain == null) {
+      domain = "unknown";
+    }
+    return domain;
   }
 
   saveToFile(type: "crt" | "key" | "pfx" | "der" | "oc" | "one" | "ic" | "jks", filepath?: string) {
@@ -162,10 +193,15 @@ export class CertReader {
   }
 
   buildCertFileName(suffix: string, applyTime: any, prefix = "cert") {
-    const detail = this.getCrtDetail();
-    let domain = detail.detail.domains.commonName;
-    domain = domain.replace(".", "_").replace("*", "_");
+    let domain = this.getMainDomain();
+    domain = domain.replaceAll(".", "_").replaceAll("*", "_");
     const timeStr = dayjs(applyTime).format("YYYYMMDDHHmmss");
     return `${prefix}_${domain}_${timeStr}.${suffix}`;
   }
+
+  buildCertName() {
+    let domain = this.getMainDomain();
+    domain = domain.replaceAll(".", "_").replaceAll("*", "_");
+    return `${domain}_${dayjs().format("YYYYMMDDHHmmssSSS")}`;
+  }
 }

packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts

@@ -68,9 +68,9 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
       ],
     },
     required: true,
-    helper: `DNS直接验证：域名是在阿里云/腾讯云/华为云/Cloudflare/NameSilo/西数/火山/dns.la/京东云注册的，选它；
-CNAME代理验证：支持任何注册商注册的域名，但第一次需要手动添加CNAME记录；
-HTTP文件验证：不支持泛域名，需要配置网站文件上传`,
+    helper: `1. <b>DNS直接验证</b>：域名dns解析是在阿里云/腾讯云/华为云/CF/NameSilo/西数/火山/dns.la/京东云/51dns的，选它
+2.  <b>CNAME代理验证</b>：支持任何注册商的域名，第一次需要手动添加CNAME记录（建议将DNS服务器修改为阿里云/腾讯云的，然后使用DNS直接验证）
+3.  <b>HTTP文件验证</b>：不支持泛域名，需要配置网站文件上传`,
   })
   challengeType!: string;
 
@@ -102,11 +102,11 @@ HTTP文件验证：不支持泛域名，需要配置网站文件上传`,
           return form.challengeType === 'dns' 
       }),
       component:{
-        on:{
-          selectedChange({form,$event}){
-            form.dnsProviderAccessType = $event.accessType
+        onSelectedChange: ctx.compute(({form})=>{
+          return ($event)=>{
+           form.dnsProviderAccessType = $event.accessType
           }
-        }
+        })
       }
     }
     `,
@@ -248,6 +248,30 @@ HTTP文件验证：不支持泛域名，需要配置网站文件上传`,
   })
   privateKeyType!: PrivateKeyType;
 
+  @TaskInput({
+    title: "证书配置",
+    value: "classic",
+    component: {
+      name: "a-select",
+      vModel: "value",
+      options: [
+        { value: "classic", label: "经典（classic）" },
+        { value: "tlsserver", label: "TLS服务器（tlsserver）" },
+        { value: "shortlived", label: "短暂的（shortlived）" },
+      ],
+    },
+    helper: "如无特殊需求，默认即可",
+    required: false,
+    mergeScript: `
+    return {
+        show: ctx.compute(({form})=>{
+            return form.sslProvider === 'letsencrypt'
+        })
+    }
+    `,
+  })
+  certProfile!: string;
+
   @TaskInput({
     title: "使用代理",
     value: false,
@@ -290,6 +314,17 @@ HTTP文件验证：不支持泛域名，需要配置网站文件上传`,
   })
   maxCheckRetryCount = 20;
 
+  @TaskInput({
+    title: "等待解析生效时长",
+    value: 30,
+    component: {
+      name: "a-input-number",
+      vModel: "value",
+    },
+    helper: "等待解析生效时长（秒）",
+  })
+  waitDnsDiffuseTime = 30;
+
   acme!: AcmeService;
 
   eab!: EabAccess;
@@ -309,7 +344,7 @@ HTTP文件验证：不支持泛域名，需要配置网站文件上传`,
         this.logger.info("当前正在使用 google EAB授权");
         eab = await this.getAccess(this.eabAccessId);
       } else if (this.googleCommonEabAccessId) {
-        this.logger.info("当前正在使用 google公共EAB授权");
+        this.logger.info("当前正在使用 google 公共EAB授权");
         eab = await this.getAccess(this.googleCommonEabAccessId, true);
       } else {
         throw new Error("google需要配置EAB授权或服务账号授权");
@@ -341,6 +376,7 @@ HTTP文件验证：不支持泛域名，需要配置网站文件上传`,
       signal: this.ctx.signal,
       maxCheckRetryCount: this.maxCheckRetryCount,
       domainParser,
+      waitDnsDiffuseTime: this.waitDnsDiffuseTime,
     });
   }
 
@@ -383,6 +419,7 @@ HTTP文件验证：不支持泛域名，需要配置网站文件上传`,
         csrInfo,
         isTest: false,
         privateKeyType: this.privateKeyType,
+        profile: this.certProfile,
       });
 
       const certInfo = this.formatCerts(cert);

packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts

@@ -80,17 +80,29 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
   legoEabAccessId!: number;
 
   @TaskInput({
-    title: "自定义LEGO参数",
+    title: "自定义LEGO全局参数",
     component: {
       name: "a-input",
       vModel: "value",
       placeholder: "--dns-timeout 30",
     },
-    helper: "额外的lego命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    helper: "额外的lego全局命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
     maybeNeed: true,
   })
   customArgs = "";
 
+  @TaskInput({
+    title: "自定义LEGO签名参数",
+    component: {
+      name: "a-input",
+      vModel: "value",
+      placeholder: "--no-bundle",
+    },
+    helper: "额外的lego签名命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    maybeNeed: true,
+  })
+  customCommandOptions = "";
+
   @TaskInput({
     title: "加密算法",
     value: "ec256",
@@ -112,9 +124,12 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
   })
   privateKeyType!: PrivateKeyType;
 
-
   eab?: EabAccess;
 
+  getCheckChangeInputKeys() {
+    return ["domains", "privateKeyType", "dnsType"];
+  }
+
   async onInstance() {
     this.accessService = this.ctx.accessService;
     this.logger = this.ctx.logger;
@@ -202,7 +217,7 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
     if (this.acmeServer) {
       serverArgs = ` --server ${this.acmeServer}`;
     }
-    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs}  ${this.customArgs || ""} run`];
+    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs} ${this.customArgs || ""} run ${this.customCommandOptions || ""}`];
 
     await this.ctx.utils.sp.spawn({
       cmd: cmds,

packages/plugins/plugin-cert/test/cert-plugin.test.mjs

@@ -0,0 +1,27 @@
+import { expect } from "chai";
+import { CertApplyPlugin } from "../dist/index.js";
+import dayjs from "dayjs";
+import { logger } from "@certd/basic";
+
+describe("test/cert-plugin.ts", () => {
+  const certApplyPlugin = new CertApplyPlugin();
+  certApplyPlugin.logger = logger;
+  it("should throw error when expires is null or undefined", () => {
+    expect(() => {
+      // @ts-ignore
+      certApplyPlugin.isWillExpire(undefined);
+    }).throw("过期时间不能为空");
+
+    expect(() => {
+      // @ts-ignore
+      certApplyPlugin.isWillExpire(null);
+    }).throw("过期时间不能为空");
+  });
+
+  it("isWillExpire", () => {
+    const now = dayjs().add(36, "day") - 10000;
+    const res = certApplyPlugin.isWillExpire(now.valueOf(), 35);
+    console.log(res);
+    expect(res.isWillExpire).eq(true);
+  });
+});

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,111 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+### Bug Fixes
+
+* 腾讯云授权支持设置是否国际站，部署到EO插件支持国际站 ([5cd3968](https://github.com/certd/certd/commit/5cd3968929acef333cf30d3b20cf21cea6c82c5f))
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+
+### Performance Improvements
+
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Performance Improvements
+
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 修复阿里云 esa 证书获取站点列表错误的问题 ([0c2ea5d](https://github.com/certd/certd/commit/0c2ea5da4c836f8a0df132a3f22d399bd9ee1de9))
+
+### Performance Improvements
+
+* 关闭腾讯云证书通知提醒 ([231a875](https://github.com/certd/certd/commit/231a875bb481420c39bf76ec9ff4e50954ab9fe4))
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Performance Improvements
+
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+### Performance Improvements
+
+* 支持部署到maoyun cdn ([68f333f](https://github.com/certd/certd/commit/68f333fb87ce85eed27436ecb0f76351c0ccb0d1))
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Performance Improvements
+
+* http方式支持校验443端口 ([d75fcb7](https://github.com/certd/certd/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
 ## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
 
 ### Performance Improvements

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.34.1",
+  "version": "1.36.2",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -12,13 +12,17 @@
     "dev-build": "npm run build",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
-    "preview": "vite preview"
+    "preview": "vite preview",
+    "pub": "npm publish"
   },
   "dependencies": {
+    "@alicloud/openapi-client": "^0.4.14",
+    "@alicloud/openapi-util": "^0.3.2",
     "@alicloud/pop-core": "^1.7.10",
+    "@alicloud/tea-util": "^1.4.10",
     "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.34.1",
-    "@certd/pipeline": "^1.34.1",
+    "@certd/basic": "^1.36.2",
+    "@certd/pipeline": "^1.36.2",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -49,5 +53,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9749fc817d3cfd435e8cb3f2f86edc81d69e2310"
+  "gitHead": "8671887abcdfb93a7ecb709f223bd6add6f03c67"
 }

packages/plugins/plugin-lib/src/aliyun/access/aliyun-access.ts

@@ -1,4 +1,94 @@
 import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
+import { ILogger } from "@certd/basic";
+
+export type AliyunClientV2Req = {
+  action: string;
+  version: string;
+  protocol?: "HTTPS";
+  // 接口 HTTP 方法
+  method?: "GET" | "POST";
+  authType?: "AK";
+  style?: "RPC";
+  // 接口 PATH
+  pathname?: `/`;
+
+  data?: any;
+};
+export class AliyunClientV2 {
+  access: AliyunAccess;
+  logger: ILogger;
+  endpoint: string;
+
+  client: any;
+  constructor(opts: { access: AliyunAccess; logger: ILogger; endpoint: string }) {
+    this.access = opts.access;
+    this.logger = opts.logger;
+    this.endpoint = opts.endpoint;
+  }
+
+  async getClient() {
+    if (this.client) {
+      return this.client;
+    }
+    const $OpenApi = await import("@alicloud/openapi-client");
+    // const Credential = await import("@alicloud/credentials");
+    // //@ts-ignore
+    // const credential = new Credential.default.default({
+    //
+    //   type: "access_key",
+    // });
+    const config = new $OpenApi.Config({
+      accessKeyId: this.access.accessKeyId,
+      accessKeySecret: this.access.accessKeySecret,
+    });
+    // Endpoint 请参考 https://api.aliyun.com/product/FC
+    // config.endpoint = `esa.${this.regionId}.aliyuncs.com`;
+    config.endpoint = this.endpoint;
+    //@ts-ignore
+    this.client = new $OpenApi.default.default(config);
+    return this.client;
+  }
+
+  async doRequest(req: AliyunClientV2Req) {
+    const client = await this.getClient();
+
+    const $OpenApi = await import("@alicloud/openapi-client");
+    const $Util = await import("@alicloud/tea-util");
+    const OpenApiUtil = await import("@alicloud/openapi-util");
+    const params = new $OpenApi.Params({
+      // 接口名称
+      action: req.action,
+      // 接口版本
+      version: req.version,
+      // 接口协议
+      protocol: "HTTPS",
+      // 接口 HTTP 方法
+      method: req.method ?? "POST",
+      authType: "AK",
+      style: "RPC",
+      // 接口 PATH
+      pathname: `/`,
+      // 接口请求体内容格式
+      reqBodyType: "json",
+      // 接口响应体内容格式
+      bodyType: "json",
+    });
+
+    if (req.data?.query) {
+      //@ts-ignore
+      req.data.query = OpenApiUtil.default.default.query(req.data.query);
+    }
+    const runtime = new $Util.RuntimeOptions({});
+    const request = new $OpenApi.OpenApiRequest(req.data);
+    // 复制代码运行请自行打印 API 的返回值
+    // 返回值实际为 Map 类型，可从 Map 中获得三类数据：响应体 body、响应头 headers、HTTP 返回的状态码 statusCode。
+    const res = await client.callApi(params, request, runtime);
+    /**
+     * res?.body?.
+     */
+    return res?.body;
+  }
+}
 
 @IsAccess({
   name: "aliyun",
@@ -27,6 +117,14 @@ export class AliyunAccess extends BaseAccess {
     helper: "注意：证书申请需要dns解析权限；其他阿里云插件，需要对应的权限，比如证书上传需要证书管理权限；嫌麻烦就用主账号的全量权限的accessKey",
   })
   accessKeySecret = "";
+
+  getClient(endpoint: string) {
+    return new AliyunClientV2({
+      access: this,
+      logger: this.ctx.logger,
+      endpoint: endpoint,
+    });
+  }
 }
 
 new AliyunAccess();

packages/plugins/plugin-lib/src/aliyun/lib/oss-client.ts

@@ -52,9 +52,11 @@ export class AliossClient {
     }
   }
 
-  async uploadFile(filePath: string, content: Buffer | string) {
+  async uploadFile(filePath: string, content: Buffer | string, timeout = 1000 * 60 * 60) {
     await this.init();
-    return await this.client.put(filePath, content);
+    return await this.client.put(filePath, content, {
+      timeout,
+    });
   }
 
   async removeFile(filePath: string) {
@@ -62,9 +64,11 @@ export class AliossClient {
     return await this.client.delete(filePath);
   }
 
-  async downloadFile(key: string, savePath: string) {
+  async downloadFile(key: string, savePath: string, timeout = 1000 * 60 * 60) {
     await this.init();
-    return await this.client.get(key, savePath);
+    return await this.client.get(key, savePath, {
+      timeout,
+    });
   }
 
   async listDir(dirKey: string) {

packages/plugins/plugin-lib/src/aliyun/lib/ssl-client.ts

@@ -29,7 +29,7 @@ export type AliyunSslUploadCertReq = {
   cert: AliyunCertInfo;
 };
 
-export type CasCertInfo = { certId: number; certName: string; certIdentifier: string };
+export type CasCertInfo = { certId: number; certName: string; certIdentifier: string; notAfter: number; casRegion: string };
 
 export class AliyunSslClient {
   opts: AliyunSslClientOpts;
@@ -68,6 +68,8 @@ export class AliyunSslClient {
       certId: certId,
       certName: res.Name,
       certIdentifier: res.CertIdentifier,
+      notAfter: res.NotAfter,
+      casRegion: this.getCasRegionFromEndpoint(this.opts.endpoint),
     };
   }
 
@@ -83,7 +85,7 @@ export class AliyunSslClient {
       method: "POST",
     };
 
-    this.opts.logger.info("开始上传证书");
+    this.opts.logger.info(`开始上传证书：${req.name}`);
     const ret: any = await client.request("UploadUserCertificate", params, requestOption);
     this.checkRet(ret);
     this.opts.logger.info("证书上传成功：aliyunCertId=", ret.CertId);
@@ -148,4 +150,24 @@ export class AliyunSslClient {
     this.checkRet(res);
     return res;
   }
+
+  async deleteCert(certId: any) {
+    await this.doRequest("DeleteUserCertificate", { CertId: certId }, { method: "POST" });
+  }
+
+  getCasRegionFromEndpoint(endpoint: string) {
+    if (!endpoint) {
+      return "cn-hangzhou";
+    }
+    /**
+     * {value: 'cas.aliyuncs.com', label: '中国大陆'},
+     *         {value: 'cas.ap-southeast-1.aliyuncs.com', label: '新加坡'},
+     *         {value: 'cas.eu-central-1.aliyuncs.com', label: '德国（法兰克福）'},
+     */
+    const region = endpoint.replace(".aliyuncs.com", "").replace("cas.", "");
+    if (region === "cas") {
+      return "cn-hangzhou";
+    }
+    return region;
+  }
 }

packages/plugins/plugin-lib/src/common/index.ts

@@ -1,87 +1 @@
-import { merge } from "lodash-es";
-
-export function createCertDomainGetterInputDefine(opts?: { certInputKey?: string; props?: any }) {
-  const certInputKey = opts?.certInputKey || "cert";
-  return merge(
-    {
-      title: "当前证书域名",
-      component: {
-        name: "cert-domains-getter",
-      },
-      mergeScript: `
-        return {
-          component:{
-              inputKey: ctx.compute(({form})=>{
-                return form.${certInputKey}
-              }),
-          }
-        }
-        `,
-      required: true,
-    },
-    opts?.props
-  );
-}
-
-export function createRemoteSelectInputDefine(opts?: {
-  title: string;
-  certDomainsInputKey?: string;
-  accessIdInputKey?: string;
-  typeName?: string;
-  action: string;
-  type?: string;
-  watches?: string[];
-  helper?: string;
-  formItem?: any;
-  mode?: string;
-  multi?: boolean;
-  required?: boolean;
-  rules?: any;
-  mergeScript?: string;
-}) {
-  const title = opts?.title || "请选择";
-  const certDomainsInputKey = opts?.certDomainsInputKey || "certDomains";
-  const accessIdInputKey = opts?.accessIdInputKey || "accessId";
-  const typeName = opts?.typeName;
-  const action = opts?.action;
-  const type = opts?.type || "plugin";
-  const watches = opts?.watches || [];
-  const helper = opts?.helper || "请选择";
-  let mode = "tags";
-  if (opts.multi === false) {
-    mode = undefined;
-  } else {
-    mode = opts?.mode ?? "tags";
-  }
-
-  const item = {
-    title,
-    component: {
-      name: "remote-select",
-      vModel: "value",
-      mode,
-      type,
-      typeName,
-      action,
-      watches: [certDomainsInputKey, accessIdInputKey, ...watches],
-    },
-    rules: opts?.rules,
-    required: opts.required ?? true,
-    mergeScript:
-      opts.mergeScript ??
-      `
-          return {
-            component:{
-              form: ctx.compute(({form})=>{
-                return form
-              })
-            },
-         }
-        `,
-    helper,
-  };
-
-  return merge(item, opts?.formItem);
-}
-
-
+export * from "./util.js";

packages/plugins/plugin-lib/src/common/util.ts

@@ -0,0 +1,94 @@
+import { merge } from "lodash-es";
+
+export function createCertDomainGetterInputDefine(opts?: { certInputKey?: string; props?: any }) {
+  const certInputKey = opts?.certInputKey || "cert";
+  return merge(
+    {
+      title: "当前证书域名",
+      component: {
+        name: "cert-domains-getter",
+      },
+      mergeScript: `
+        return {
+          component:{
+              inputKey: ctx.compute(({form})=>{
+                return form.${certInputKey}
+              }),
+          }
+        }
+        `,
+      template:false,
+      required: true,
+    },
+    opts?.props
+  );
+}
+
+export function createRemoteSelectInputDefine(opts?: {
+  title: string;
+  certDomainsInputKey?: string;
+  accessIdInputKey?: string;
+  typeName?: string;
+  action: string;
+  type?: string;
+  watches?: string[];
+  helper?: string;
+  formItem?: any;
+  mode?: string;
+  multi?: boolean;
+  required?: boolean;
+  rules?: any;
+  mergeScript?: string;
+  search?: boolean;
+  pager?: boolean;
+  component?: any;
+}) {
+  const title = opts?.title || "请选择";
+  const certDomainsInputKey = opts?.certDomainsInputKey || "certDomains";
+  const accessIdInputKey = opts?.accessIdInputKey || "accessId";
+  const typeName = opts?.typeName;
+  const action = opts?.action;
+  const type = opts?.type || "plugin";
+  const watches = opts?.watches || [];
+  const helper = opts?.helper || "请选择";
+  const search = opts?.search ?? false;
+  const pager = opts?.pager ?? false;
+  let mode = "tags";
+  if (opts.multi === false) {
+    mode = undefined;
+  } else {
+    mode = opts?.mode ?? "tags";
+  }
+
+  const item = {
+    title,
+    component: {
+      name: "remote-select",
+      vModel: "value",
+      mode,
+      type,
+      typeName,
+      action,
+      search,
+      pager,
+      watches: [certDomainsInputKey, accessIdInputKey, ...watches],
+      ...opts.component,
+    },
+    rules: opts?.rules,
+    required: opts.required ?? true,
+    mergeScript:
+      opts.mergeScript ??
+      `
+          return {
+            component:{
+              form: ctx.compute(({form})=>{
+                return form
+              })
+            },
+         }
+        `,
+    helper,
+  };
+
+  return merge(item, opts?.formItem);
+}

packages/plugins/plugin-lib/src/ftp/access.ts

@@ -24,7 +24,7 @@ export class FtpAccess extends BaseAccess {
   host!: string;
 
   @AccessInput({
-    title: "host",
+    title: "端口",
     value: 21,
     component: {
       placeholder: "21",

packages/plugins/plugin-lib/src/oss/impls/s3.ts

@@ -54,6 +54,9 @@ export default class S3OssClientImpl extends BaseOssClient<S3Access> {
       Prefix: dirKey, // The name of the object. For example, 'sample_upload.txt'.
     };
     const res = await this.client.send(new ListObjectsCommand({ ...params }));
+    if (!res.Contents) {
+      return [];
+    }
     return res.Contents.map(item => {
       return {
         path: item.Key,