Compare commits

...

207 Commits

Author SHA1 Message Date
xiaojunnuo 5096df5cc0 feat: 新增推广等级激励功能 2026-05-31 01:01:30 +08:00
xiaojunnuo 3c2d450aa8 Merge branch 'v2-dev' into v2-invite 2026-05-30 21:53:15 +08:00
xiaojunnuo b083b3cc41 style(trade crud): adjust order and style for order operation buttons
add order prop for syncStatus, cancel and updatePaid buttons, set cancel button to danger style for both trade pages, unify button display order logic
2026-05-29 01:00:14 +08:00
xiaojunnuo 6624769032 perf(trade): 优化商品购买页面的规格展示和折扣计算,支持订单取消 2026-05-29 00:56:30 +08:00
xiaojunnuo 55f75c6051 chore(acme): 包装DNS提供商错误信息并抛出异常
为DNS解析记录创建操作添加异常捕获,将错误信息添加上提供商名称前缀后重新抛出,便于定位具体出错的DNS服务商
2026-05-27 10:56:08 +08:00
xiaojunnuo 42d9c3ef14 chore: 优化http提示 2026-05-27 09:19:07 +08:00
xiaojunnuo c7a9363422 chore: 钱包重构 2026-05-27 01:49:43 +08:00
xiaojunnuo 969b6e3288 chore: 钱包邀请页面美化 2026-05-26 23:45:44 +08:00
xiaojunnuo 03ce030754 build: release 2026-05-26 15:40:34 +08:00
xiaojunnuo f2c1e362a0 build: publish 2026-05-26 14:02:47 +08:00
xiaojunnuo 6426aa57a2 build: trigger build image 2026-05-26 14:02:35 +08:00
xiaojunnuo 7ceb0f6306 v1.40.5 2026-05-26 14:00:57 +08:00
xiaojunnuo b26a1944c6 build: prepare to build 2026-05-26 13:31:45 +08:00
xiaojunnuo 235aec3e42 chore: 1 2026-05-26 13:29:12 +08:00
xiaojunnuo 346fb730a3 fix: 修复查询阿里云cdn Dcdn 域名太多无法选择的bug 2026-05-26 12:30:58 +08:00
xiaojunnuo c87bc22a5f chore: package 2026-05-26 11:55:04 +08:00
xiaojunnuo 7198e24945 chore: 1 2026-05-26 11:54:04 +08:00
xiaojunnuo 1a08bd340e fix: 安装glibc,增加Alpine镜像下 dns解析结果的兼容性 2026-05-26 11:35:06 +08:00
xiaojunnuo af9047bf3c fix: 修复阿里云证书订单orderid 选择出错的问题 2026-05-26 11:28:14 +08:00
xiaojunnuo 9566fc4e03 chore: 阿里云订单优化只获取一个订单id 2026-05-26 11:28:07 +08:00
xiaojunnuo 41254d10b7 fix: 修复阿里云证书订单orderid 选择出错的问题 2026-05-26 11:13:29 +08:00
xiaojunnuo ed97f41884 chore: 阿里云订单优化只获取一个订单id 2026-05-26 09:10:01 +08:00
xiaojunnuo 02b83ce0ad Merge branch 'v2-invite' of https://github.com/certd/certd into v2-invite 2026-05-26 09:02:53 +08:00
xiaojunnuo f1d2a1033a feat: 商业版支持邀请推广功能 2026-05-26 01:08:17 +08:00
xiaojunnuo ba1fe54ef8 chore: 优化私有图片上传和查看逻辑 2026-05-25 23:05:23 +08:00
xiaojunnuo deac92faf8 chore: 1 2026-05-25 22:39:32 +08:00
xiaojunnuo 1c36a79162 Merge branch 'v2-dev' into v2-invite 2026-05-25 22:36:40 +08:00
xiaojunnuo b6f7042adc chore: 1 2026-05-25 11:42:35 +08:00
xiaojunnuo f721cefb4a build: release 2026-05-25 00:32:36 +08:00
xiaojunnuo fc2c947afe build: publish 2026-05-25 00:23:24 +08:00
xiaojunnuo d0272095cc build: trigger build image 2026-05-25 00:23:12 +08:00
xiaojunnuo 4a09cf289d v1.40.4 2026-05-25 00:22:01 +08:00
xiaojunnuo 89c23fef35 build: prepare to build 2026-05-25 00:18:32 +08:00
xiaojunnuo 5e59651d45 fix(pipeline-service): 修复流水线运行时超过套餐部署次数仍然能够正常运行的bug 2026-05-25 00:15:23 +08:00
xiaojunnuo 5e72f75395 perf: 商业版套餐只支持设置为可叠加 2026-05-24 23:53:55 +08:00
xiaojunnuo 0a77fe0169 chore: 钱包余额明细 2026-05-24 23:12:56 +08:00
xiaojunnuo 961abb0f80 chore: acme账号改为必填项 2026-05-24 19:58:58 +08:00
xiaojunnuo 4efe12d2d3 Merge branch 'codex/v2-persist-01' into v2-invite 2026-05-24 19:48:24 +08:00
xiaojunnuo 67b05e2d75 feat: 支持dns-persist-01持久化验证方式申请证书,优化Acme账号的存储方式 2026-05-24 05:42:51 +08:00
xiaojunnuo 8edb6f8727 perf: 新增阿里云直播证书部署插件 2026-05-22 19:06:55 +08:00
xiaojunnuo b30f02a1fb chore: 1 2026-05-22 00:06:55 +08:00
xiaojunnuo 7e2333a63a chore: 1 2026-05-22 00:06:18 +08:00
xiaojunnuo 0be66cccbc build: release 2026-05-21 23:48:39 +08:00
xiaojunnuo ed26ed196d build: publish 2026-05-21 23:26:57 +08:00
xiaojunnuo a204f270dd build: trigger build image 2026-05-21 23:26:51 +08:00
xiaojunnuo 7585d7bbd0 build: publish 2026-05-21 23:25:32 +08:00
xiaojunnuo 2981f086c8 build: trigger build image 2026-05-21 23:25:21 +08:00
xiaojunnuo 784ef8a6a4 chore: 1 2026-05-21 23:23:20 +08:00
xiaojunnuo 01c91ba294 v1.40.3 2026-05-21 22:59:22 +08:00
xiaojunnuo 05629acfa9 build: prepare to build 2026-05-21 22:57:04 +08:00
xiaojunnuo 12a3afe15b chore: 1 2026-05-21 22:56:16 +08:00
xiaojunnuo 3bb68e3111 chore: 1 2026-05-21 22:52:19 +08:00
xiaojunnuo 5ba33be30f fix: 修复暗黑模式下注册页面验证码看不清的问题 2026-05-20 18:16:42 +08:00
xiaojunnuo 1e7b057946 chore: 1 2026-05-20 16:00:14 +08:00
xiaojunnuo fb5b00d73f perf: 修复商业版套餐添加和修改时的字段显示 2026-05-20 14:52:46 +08:00
xiaojunnuo 09ccfa2624 chore: 删除pnpm-lock文件 2026-05-20 14:27:00 +08:00
xiaojunnuo 5c80c99b94 chore: 优化fix 2026-05-20 12:25:56 +08:00
xiaojunnuo adcf570b15 Merge branch 'v2-dev' of https://github.com/certd/certd into v2-dev 2026-05-20 12:07:58 +08:00
xiaojunnuo 5ccd6e64bc build: release 2026-05-20 01:06:32 +08:00
xiaojunnuo ff7e7858c0 build: publish 2026-05-20 00:40:40 +08:00
xiaojunnuo 37bcd8ce08 build: trigger build image 2026-05-20 00:40:28 +08:00
xiaojunnuo 678b70cee8 v1.40.2 2026-05-20 00:38:50 +08:00
xiaojunnuo c0ca8da4ed build: prepare to build 2026-05-20 00:35:35 +08:00
xiaojunnuo a07dcb1cf5 chore: 1 2026-05-20 00:34:20 +08:00
xiaojunnuo cb4a86d1d5 build: prepare to build 2026-05-20 00:26:45 +08:00
xiaojunnuo 0499347588 fix(certd-server): 调整首页缓存控制头的判断逻辑
新增对首页路径 / 和 /index.html 的强制不缓存处理,确保首页始终获取最新内容
2026-05-20 00:21:42 +08:00
xiaojunnuo f4bb459b5e chore: 佣金等级功能 2026-05-20 00:17:29 +08:00
xiaojunnuo 83a5a21f95 perf: 商业版提现增加收款二维码上传 2026-05-19 23:37:03 +08:00
xiaojunnuo 85c633fddf Merge branch 'v2-dev' into v2-invite 2026-05-19 22:59:18 +08:00
xiaojunnuo cb08e061d2 perf(controller): 更换版本获取源并添加版本标准化处理
将npm镜像源的版本查询替换为AtomGit仓库的最新release接口,新增normalizeReleaseVersion方法标准化版本号格式,移除v前缀
2026-05-19 22:58:03 +08:00
xiaojunnuo 787b52bef7 docs: 更新文档内容,完善证书复用相关说明
1. 重命名前置任务文档标题为证书复用
2. 在常见问题中添加同证书多云上传的复用指引
3. 在侧边栏新增证书复用导航入口
2026-05-19 14:39:58 +08:00
xiaojunnuo 9bf7ca400f build: release 2026-05-19 00:58:34 +08:00
xiaojunnuo 9f75e30af3 Merge branch 'v2' of https://github.com/certd/certd into v2 2026-05-19 00:55:41 +08:00
xiaojunnuo 3f0243ba9a build: publish 2026-05-19 00:38:56 +08:00
xiaojunnuo 1a9b367c9d build: trigger build image 2026-05-19 00:38:44 +08:00
xiaojunnuo 73996f055b v1.40.1 2026-05-19 00:37:16 +08:00
xiaojunnuo 57ea2f317a build: prepare to build 2026-05-19 00:34:11 +08:00
xiaojunnuo c66c05b442 chore: 1 2026-05-19 00:32:24 +08:00
xiaojunnuo 6450d2bd56 chore: 商业版也支持企业模式 2026-05-19 00:23:32 +08:00
xiaojunnuo b5368d120d chore: tsconfig.build 支持sourcemap控制 2026-05-19 00:22:48 +08:00
xiaojunnuo f9a310b6c3 feat: 商业版支持邀请返佣功能 2026-05-18 13:25:35 +08:00
xiaojunnuo 1bdcfe646f chore: tsconfig.build 支持sourcemap控制 2026-05-18 13:25:01 +08:00
Robert Silén a88d14a3bd dos: Document MariaDB support in README (#737)
Mention MariaDB in the database feature list. Install docs and TypeORM
already support type=mariadb; the app uses the mysql2 driver.
2026-05-17 00:40:41 +08:00
xiaojunnuo bdb3d09c09 perf(suite): 商业版用户已购套餐支持修改 2026-05-17 00:29:36 +08:00
xiaojunnuo 667e7b185b fix(email-service): 优化商业版测试邮件内容中带的url链接 2026-05-16 02:54:15 +08:00
xiaojunnuo 8483ee0d41 refactor(util.cache): 优化定时清理过期缓存的定时器行为
新增定时器变量保存intervalId,并调用unref方法避免阻塞进程退出
2026-05-16 02:46:28 +08:00
xiaojunnuo c3baaf3ac7 chore: auto fix 存储标记,确保fix只运行一次 2026-05-16 02:23:21 +08:00
xiaojunnuo c63745d1ba perf: 商业版支持限制泛域名数量 2026-05-16 02:18:06 +08:00
xiaojunnuo 59b9ffadd0 fix: 固化华为云sdk版本,避免华为云调用报错 2026-05-15 23:18:51 +08:00
xiaojunnuo d131ea3790 build: release 2026-05-15 01:14:12 +08:00
xiaojunnuo b849d34be5 build: publish 2026-05-15 00:50:09 +08:00
xiaojunnuo 58fc9a551c build: trigger build image 2026-05-15 00:49:57 +08:00
xiaojunnuo 5801f34b3a v1.40.0 2026-05-15 00:48:37 +08:00
xiaojunnuo 17cf16ca92 build: prepare to build 2026-05-15 00:44:39 +08:00
xiaojunnuo 7015b1b232 perf: 头像增加缓存时间 2026-05-15 00:39:35 +08:00
xiaojunnuo 3b72ca09c6 chore: 支持设置初始化密码 2026-05-15 00:26:24 +08:00
xiaojunnuo a815d0245b perf: 第三方登录自动注册的用户支持设置初始化密码 2026-05-15 00:25:28 +08:00
xiaojunnuo 229f22d5a9 docs: 自动升级docker-compose 2026-05-15 00:12:44 +08:00
xiaojunnuo 22f5cfcfd8 fix: 修复clogin登录丢失state问题 2026-05-14 23:44:04 +08:00
xiaojunnuo 90ba55c043 chore: 1 2026-05-14 19:05:49 +08:00
xiaojunnuo 9f878a353c fix: 修复clogin多选类型登录失败的bug 2026-05-14 19:04:20 +08:00
xiaojunnuo af7297d671 chore: 1 2026-05-14 18:47:28 +08:00
xiaojunnuo 2f172b56e9 fix: 修复群晖授权没有显示设备id输入框的bug 2026-05-14 18:42:35 +08:00
xiaojunnuo 9076c8b20e Merge branch 'v2-dev' of https://github.com/certd/certd into v2-dev 2026-05-14 18:31:34 +08:00
xiaojunnuo 639756dfcd chore: sdk 2026-05-14 18:31:25 +08:00
xiaojunnuo 7aa0c7e491 feat: 彩虹登录支持选择多种登录方式 2026-05-14 01:39:22 +08:00
xiaojunnuo 45dedf5bc7 fix: 修复第三方登录丢失state时无法在用户信息页面绑定第三方账号的bug 2026-05-13 23:47:31 +08:00
xiaojunnuo 4681ec9008 fix: 修复自动注册后没有跳转到控制台的bug 2026-05-13 22:47:46 +08:00
xiaojunnuo b91826c6e6 chore: 1 2026-05-13 17:29:49 +08:00
xiaojunnuo 686856d0ae build: release 2026-05-13 17:29:19 +08:00
xiaojunnuo 9b09d2578d chore: 1 2026-05-13 17:14:14 +08:00
xiaojunnuo f8f51adf88 build: publish 2026-05-13 14:22:46 +08:00
xiaojunnuo f8ce639717 build: trigger build image 2026-05-13 14:22:33 +08:00
xiaojunnuo 1c6dc169ac v1.39.16 2026-05-13 14:21:21 +08:00
xiaojunnuo 3e5366c74e build: prepare to build 2026-05-13 14:13:01 +08:00
xiaojunnuo b49ddbfef9 v1.39.15 2026-05-13 13:49:09 +08:00
xiaojunnuo b92fd73f53 build: prepare to build 2026-05-13 13:33:12 +08:00
xiaojunnuo 41b8f51a6a chore: 1 2026-05-13 13:32:01 +08:00
xiaojunnuo aad9045de5 perf(network): 新增全局公共http请求 headers设置
1. 新增公共请求头配置项,支持在系统设置中配置全局请求头
2. 实现请求头解析工具方法,支持多行KEY=VALUE格式配置
3. 在请求发起时自动附加全局公共请求头,且不会覆盖请求中已存在的同名Header
4. 添加多语言配置与前端表单组件,完善配置界面
5. 新增单元测试验证全局请求头合并逻辑
2026-05-13 12:09:01 +08:00
xiaojunnuo fdd5848df4 perf: icon选择器增加一套logo集 2026-05-13 11:20:55 +08:00
xiaojunnuo 118c15d046 perf(monitor/site): 新增站点监控页面禁用启用、检查状态两个筛选条件 2026-05-13 11:14:00 +08:00
xiaojunnuo bae4f8e320 fix: 修复第三方登录彩虹登录不上的bug 2026-05-13 11:03:10 +08:00
xiaojunnuo e0189a566e docs(donate): update privilege comparison table to add commercial edition details 2026-05-12 15:08:46 +08:00
xiaojunnuo 1cd8d73cdb Merge branch 'v2-dev' of https://github.com/certd/certd into v2-dev 2026-05-12 10:51:41 +08:00
xiaojunnuo d6e9e5987b perf: 优化申请时报错日志增加对应域名打印 2026-05-12 10:51:34 +08:00
xiaojunnuo 8c5aa37745 build: release 2026-05-12 00:51:59 +08:00
xiaojunnuo a18a871ac3 build: publish 2026-05-12 00:22:37 +08:00
xiaojunnuo 90cbff9cf9 build: trigger build image 2026-05-12 00:22:25 +08:00
xiaojunnuo bae5a04dcc v1.39.14 2026-05-12 00:21:06 +08:00
xiaojunnuo 7146570392 build: prepare to build 2026-05-12 00:06:37 +08:00
xiaojunnuo ae88f85d8e chore: 1 2026-05-12 00:06:02 +08:00
xiaojunnuo a362860137 fix: 修复阿里云订阅流水线创建对话框无法获取阿里订单列表的bug 2026-05-11 23:47:48 +08:00
xiaojunnuo c966896522 fix: 修复启动时报密钥备份不存在的问题 2026-05-11 22:31:11 +08:00
xiaojunnuo 5f88da1985 build: release 2026-05-11 10:26:12 +08:00
xiaojunnuo 043b80a298 chore: 1 2026-05-11 09:41:47 +08:00
xiaojunnuo ed0da28896 Merge branch 'v2-dev' of https://github.com/certd/certd into v2-dev 2026-05-11 09:40:22 +08:00
xiaojunnuo 61a0d69d58 chore: 打包报错, 固定pnpm@10.33.4 2026-05-11 09:39:04 +08:00
xiaojunnuo 3833a9216e chore: 1 2026-05-11 01:21:44 +08:00
xiaojunnuo e59566b5e2 chore: 1 2026-05-11 01:20:00 +08:00
xiaojunnuo e4be0ce464 chore: 1 2026-05-11 01:13:44 +08:00
xiaojunnuo 022dbf0cab chore: 1 2026-05-11 00:54:50 +08:00
xiaojunnuo 1e6b559b89 chore: 1 2026-05-11 00:48:05 +08:00
xiaojunnuo 74bae2005d build: publish 2026-05-11 00:28:04 +08:00
xiaojunnuo 1731a35d94 build: trigger build image 2026-05-11 00:27:48 +08:00
xiaojunnuo 9f7d766cb3 v1.39.13 2026-05-11 00:26:11 +08:00
xiaojunnuo 6c0d0b00c9 build: prepare to build 2026-05-11 00:21:28 +08:00
xiaojunnuo a82a38421d chore: sql 2026-05-11 00:20:25 +08:00
xiaojunnuo c4b01da384 fix(plugin-aliyun): 过滤非CAS证书并优化日志信息
过滤证书列表仅保留CAS类型证书,并更新相关日志信息以更准确反映操作情况
2026-05-11 00:07:48 +08:00
xiaojunnuo 3e1473dba5 chore: 1 2026-05-11 00:03:16 +08:00
xiaojunnuo d383706554 chore(用户资料): 添加头像和昵称的编辑按钮
- 在头像和昵称旁边添加编辑按钮,提升用户操作便捷性
- 移除原有的更新资料按钮,优化界面布局
- 调整角色信息显示位置至用户名旁边
2026-05-10 23:58:23 +08:00
xiaojunnuo e0eb0e21f6 perf(用户资料): 新增手机号邮箱绑定功能
实现用户邮箱和手机号的绑定与修改功能,包括:
1. 添加联系方式绑定API接口
2. 实现身份验证流程
3. 添加前端绑定对话框组件
4. 完善用户资料页面的联系方式展示和编辑入口
5. 添加联系方式冲突检测逻辑
6. 实现验证码校验功能
2026-05-10 23:51:45 +08:00
xiaojunnuo 7266af1749 fix: cnameProvider域名支持设置子域名托管 2026-05-10 22:41:07 +08:00
xiaojunnuo f93bc09438 chore(plugin-cert): 更新EAB选项标签和生成按钮文本
- 移除EAB选项中的免费说明文字
- 将"刷新"按钮文本改为"生成"
- 更新相关提示信息以保持一致性
2026-05-10 18:28:03 +08:00
xiaojunnuo fe3bb7c1b4 chore(plugin-cert): 修改刷新按钮文本为更简洁的表述 2026-05-10 17:15:47 +08:00
xiaojunnuo 923676c7d5 build: 添加 cross-env 依赖并更新单元测试脚本
在 package.json 和 pnpm-lock.yaml 中添加 cross-env 依赖,用于在单元测试时设置 NODE_ENV=unittest 环境变量。同时更新 AGENTS.md 文档说明单元测试环境要求。
2026-05-10 17:06:00 +08:00
xiaojunnuo 4755216505 perf: 重构自动加载模块并优化EAB授权处理
refactor(ui): 将分散的auto-*模块整合为统一命名的auto-register模块
perf(plugin-cert): 增强EAB授权功能,支持账号私钥刷新和类型选择
test: 添加EAB授权服务和ACME账号配置的单元测试
docs: 更新AGENTS.md补充ACME/EAB使用注意事项
chore: 统一各package.json中的测试脚本配置
2026-05-10 16:57:12 +08:00
xiaojunnuo 37d03c10f9 chore: 1 2026-05-08 22:28:10 +08:00
xiaojunnuo 490b724808 chore: 更新腾讯云证书(Id不变)插件下架 2026-05-08 22:19:31 +08:00
xiaojunnuo d8f132919d chore: 1 2026-05-08 15:50:28 +08:00
xiaojunnuo b8a64a6b5b perf(plugin-volcengine): 支持火山引擎VKE部署插件
- 改进Kubernetes错误处理,添加RBAC权限不足的友好提示
- 添加集群ID验证和kubeconfig解码验证
- 优化Ingress不存在时的错误提示,显示可用选项
- 移除未使用的TargetCluster选项
- 修复kubeconfig请求中集群ID未验证的问题
2026-05-08 00:25:00 +08:00
xiaojunnuo 25ad1e6f86 perf(设置): 添加首页启用开关配置
在系统设置中添加首页启用开关配置项,包括前端路由守卫检查、多语言支持和表单配置,以控制是否显示首页
2026-05-07 23:15:50 +08:00
xiaojunnuo 6b6f1604e9 style(ui): 修复批量操作区域样式溢出问题
为批量操作区域添加 overflow-x-auto 和 whitespace-nowrap 样式,防止文本溢出
2026-05-07 23:01:42 +08:00
xiaojunnuo 63be1c1cbd perf(证书流水线): 添加批量更新证书申请参数功能
实现批量更新证书申请参数功能,包括前端界面和后端处理逻辑
- 添加批量修改证书申请参数的按钮和对话框
- 实现后端批量更新证书申请参数的接口和服务
- 添加相关测试用例验证功能正确性
2026-05-07 22:54:29 +08:00
xiaojunnuo b75c625ddc fix(aliyun-access): 添加阿里云密钥校验失败的错误处理
在测试阿里云访问密钥时,增加对STS错误响应的处理逻辑
添加相关测试用例验证错误处理和正常情况
2026-05-07 22:18:34 +08:00
xiaojunnuo 7083e7aff7 test(tld-client): 添加对rdap.ss回退机制的测试
验证当rdap和whoiser都失败时,TldClient能正确委托RdapSsClient处理
2026-05-07 22:03:33 +08:00
xiaojunnuo 9d2937dd4b perf(domain): 添加域名过期时间同步进度显示功能
添加同步进度对话框,展示同步任务的实时进度和状态
更新中英文翻译文件,添加相关文案
修改AGENTS.md文档中的格式化命令说明
2026-05-07 00:22:41 +08:00
xiaojunnuo a7e281e278 chore: rdap-ss client 重构 2026-05-05 22:53:22 +08:00
xiaojunnuo 72b6597817 chore: agents update 2026-05-05 22:17:09 +08:00
xiaojunnuo 91a1b97550 perf: 域名注册过期时间获取再次优化 2026-05-05 21:56:08 +08:00
xiaojunnuo 9951ab678f chore: rm app.log 2026-05-05 19:26:36 +08:00
xiaojunnuo 930aa355e8 refactor(acme-client): 将acme-client改造成ts包并优化项目结构
重构acme-client模块,将原有JavaScript代码迁移至TypeScript
添加类型定义文件(.d.ts)和类型检查
更新构建配置和脚本以支持TypeScript编译
优化项目目录结构和模块导出方式
更新相关依赖和开发工具配置
2026-05-05 19:17:44 +08:00
xiaojunnuo e0143fa540 chore: 补充单元测试 2026-05-05 18:44:43 +08:00
xiaojunnuo 7c1d92ff4b chore: 为多个package.json添加test:unit脚本并更新全局测试命令
在多个库和插件的package.json中添加统一的test:unit脚本
同时在根package.json中添加全局test:unit命令以并行运行所有子项目的单元测试
2026-05-01 09:25:53 +08:00
xiaojunnuo 0a0f1e90e1 chore: 补充单元测试 2026-05-01 09:16:46 +08:00
xiaojunnuo 80092823db docs(AGENTS): 更新文档以明确文件读取时的编码设置
添加关于在PowerShell中读取中文和文档文件时使用UTF-8编码的说明,并更新示例命令
2026-05-01 00:21:28 +08:00
xiaojunnuo 146098d9ce docs(AGENTS.md): 更新开发指南和本地化文件格式
修复中文语言文件缩进问题并更新自定义页脚说明
添加前端文件修改后的格式化建议到开发指南
2026-05-01 00:18:11 +08:00
xiaojunnuo 519743dbdb style(locales): 调整多语言文件缩进格式并添加自定义页脚字段
调整多个语言文件的缩进格式以保持一致性
在系统设置中添加自定义页脚相关的中英文翻译字段
2026-05-01 00:15:47 +08:00
xiaojunnuo 7ab661ecd7 Merge branch 'v2-dev' into codex_i18n 2026-05-01 00:07:29 +08:00
xiaojunnuo bb46cb08f7 perf: 支持火山云vke 2026-05-01 00:05:58 +08:00
xiaojunnuo 028932c04a refactor: organize certd client i18n translations 2026-04-30 23:48:48 +08:00
xiaojunnuo 73e6480853 chore: add shared codex skills link 2026-04-30 23:40:58 +08:00
xiaojunnuo aa176b081a perf: 新增agents.md 2026-04-30 23:31:12 +08:00
xiaojunnuo 267243e71b chore: i18n first 2026-04-30 22:57:00 +08:00
xiaojunnuo 33fbef8380 build: release 2026-04-29 23:28:39 +08:00
xiaojunnuo 45a128a050 build: publish 2026-04-29 23:12:05 +08:00
xiaojunnuo 2ddc668954 build: trigger build image 2026-04-29 23:11:53 +08:00
xiaojunnuo 898bc9b9f2 v1.39.12 2026-04-29 23:10:25 +08:00
xiaojunnuo d8e5928523 build: prepare to build 2026-04-29 23:06:41 +08:00
xiaojunnuo 36808a953e chore: 1 2026-04-29 23:06:34 +08:00
xiaojunnuo 39d3f79026 build: prepare to build 2026-04-29 00:12:48 +08:00
xiaojunnuo 6463e1ca22 chore: 1 2026-04-29 00:12:07 +08:00
xiaojunnuo c985a13544 perf: 支持页脚自定义 2026-04-29 00:07:20 +08:00
xiaojunnuo ad76c5177c chore: 1 2026-04-28 12:12:34 +08:00
xiaojunnuo 64b3184b28 perf: 阿里云证书订单支持获取2.0的订单 2026-04-28 11:51:54 +08:00
xiaojunnuo 2f1ad7201f fix: 修复腾讯云clb部署报缺少sslmode参数的bug 2026-04-28 10:52:09 +08:00
xiaojunnuo cd23ee2055 chore: 1 2026-04-28 00:38:57 +08:00
xiaojunnuo e00830bebc perf: 优化流水线执行时的状态保存性能 2026-04-28 00:33:59 +08:00
xiaojunnuo 00e6d580c2 perf: 524错误时重试3次 2026-04-27 23:51:27 +08:00
xiaojunnuo 9c7b419e8f chore: 1 2026-04-27 00:57:53 +08:00
xiaojunnuo 95edc0d303 chore: check interval 2026-04-27 00:42:06 +08:00
xiaojunnuo 5991b1e37c chore: 1 2026-04-27 00:19:49 +08:00
xiaojunnuo 1aa50cf53a perf: 增加权威NS检查开关,某些用户服务器禁止向黑名单NS服务器发请求 2026-04-27 00:16:14 +08:00
xiaojunnuo eab66e2d19 fix: 调整手机版首页标题被挤开的bug 2026-04-27 00:13:36 +08:00
xiaojunnuo 5b504f094f build: release 2026-04-26 14:09:42 +08:00
xiaojunnuo 1460cb9ac1 chore: 1 2026-04-26 13:45:08 +08:00
xiaojunnuo 53782cbf49 build: publish 2026-04-26 13:33:26 +08:00
xiaojunnuo 0ea22dddf0 build: trigger build image 2026-04-26 13:33:14 +08:00
533 changed files with 19485 additions and 31177 deletions
+1
View File
@@ -0,0 +1 @@
../.trae/skills
+1 -1
View File
@@ -44,7 +44,7 @@ jobs:
# cache: 'npm'
# working-directory: ./packages/ui/certd-client
- run: |
npm install -g pnpm
npm install -g pnpm@10.33.4
pnpm install
npm run build
working-directory: ./packages/ui/certd-client
+1 -1
View File
@@ -46,7 +46,7 @@ jobs:
console.log("certd_version:",pkg.version);
return pkg.version
- run: |
npm install -g pnpm
npm install -g pnpm@10.33.4
pnpm install
npm run build
working-directory: ./packages/ui/certd-client
+1 -1
View File
@@ -35,7 +35,7 @@ jobs:
run: |
export GITEE_TOKEN=${{ secrets.GITEE_TOKEN }}
rm -rf ./pnpm*.yaml
npm install -g pnpm
npm install -g pnpm@10.33.4
pnpm install
npm run publish_to_gitee
working-directory: ./
+1 -1
View File
@@ -35,7 +35,7 @@ jobs:
run: |
export GITHUB_TOKEN=${{ secrets.GH_TOKEN }}
rm -rf ./pnpm*.yaml
npm install -g pnpm
npm install -g pnpm@10.33.4
pnpm install
npm run publish_to_github
working-directory: ./
+1 -1
View File
@@ -50,7 +50,7 @@ jobs:
# cache: 'npm'
# working-directory: ./packages/ui/certd-client
- run: |
npm install -g pnpm
npm install -g pnpm@10.33.4
pnpm install
npm run build
working-directory: ./packages/ui/certd-client
+4 -1
View File
@@ -31,4 +31,7 @@ test/**/*.js
/packages/pro/
test.js
.history
/logs
/logs
.pnpm-lock.yaml
pnpm-lock.yaml
.studio/
+93
View File
@@ -0,0 +1,93 @@
---
name: fast-crud-page-dev
description: 用于开发或重构 Certd 前端列表管理、后台管理、记录查询、CRUD 表格页面,优先使用 Fast Crud(@fast-crud/fast-crud、fs-crud、useFs、createCrudOptions)实现。当用户要求列表页、管理页、审核页、记录页或表格 CRUD 页面时触发。
version: 1.0.0
---
# Fast Crud 页面开发技能
## 角色定义
你是一名 Certd 前端列表管理页面开发专家,熟悉 Vue 3、Ant Design Vue、Fast Crud 和本仓库现有页面拆分方式。你的目标是让管理页面保持统一的表格、搜索、分页、操作列和弹窗体验。
## 核心规则
- 列表管理、后台管理、记录查询、审核记录、CRUD 表格类页面,默认优先使用 Fast Crud 实现。
- 只有轻量只读展示、强交互自定义界面、复杂可视化或已有页面模式明确不适合 Fast Crud 时,才手写 `a-table` / 自定义列表,并在回复中说明原因。
- 设置表单、概览卡片、向导流程等非列表主体可以保留自定义 Vue;如果同一功能同时包含设置和列表,优先拆成独立页面,或把设置放入对话框。
## 推荐文件拆分
- `api.ts`:封装接口请求,保持页面和 CRUD 配置里不直接散落 URL。
- `crud.tsx` / `crud-*.tsx`:导出 `createCrudOptions`,集中定义请求映射、搜索项、列、表单、操作列、工具栏和字典。
- `index.vue`:承载 `fs-page``fs-crud`、页面头部、弹窗和生命周期,使用 `useFs({ createCrudOptions, context })` 创建绑定。
## 实现流程
1. 先在 `packages/ui/certd-client/src/views` 下找 1-2 个相近 Fast Crud 页面,沿用它们的导入、布局、命名和权限写法。
2.`index.vue` 中使用 `fs-crud ref="crudRef" v-bind="crudBinding"`,并在 `onMounted` / `onActivated` 时调用 `crudExpose.doRefresh()`
3.`crud.tsx` 中配置 `request.pageRequest``columns``search``form``rowHandle``actionbar``toolbar` 等,接口分页参数和返回值按现有页面适配。
4. 操作按钮优先放在 Fast Crud 的 `rowHandle.buttons``actionbar.buttons` 中;审核、保存设置、批量操作等复杂交互可通过 `context` 调用 `index.vue` 中的方法。
5. 金额、状态、时间、枚举等字段优先复用项目已有组件、字典和格式化工具;避免在模板里重复堆格式化逻辑。
6. 表格查询条件使用 Fast Crud 的 `search` 配置;新增/编辑表单使用 Fast Crud 的 `form` 配置,复杂设置项可以用 Ant Design Vue 对话框承载。
7. 删除、审核通过、拒绝等危险操作必须保留确认弹窗和错误提示,成功后刷新当前 CRUD 列表。
8. 对话框里只做纯确认时可以使用 `Modal.confirm`;只要需要字段输入、表单校验或提交字段,统一使用 `useFormDialog` / `openFormDialog`,不要在 `Modal.confirm``content` 里手写输入框。
## crud 配置
const crudOptions ={
id: string, //表格唯一标识,同一个页面的多个表格的列设置和字段设置会根据id进行区分保存
request:{}, //http请求
columns:{ //字段配置
key:{ //字段key
column:{}, //对应table-column配置
form:{}, //表单中该字段的公共配置,viewForm、addForm、editForm、search会集成此配置,支持对应ui的form-item配置
viewForm:{}, //查看表单中该字段的配置,支持对应ui的form-item配置
addForm:{}, // 添加表单中该字段的配置,支持对应ui的form-item配置
editForm:{}, //编辑表单中该字段的配置,支持对应ui的form-item配置
search:{} //对应查询表单的form-item配置
}
},
search:{ //查询框配置 ,对应fs-search组件
options:{} //查询表单配置 ,对应el-from, a-form配置
},
actionbar:{}, //动作条,添加按钮,对应fs-actionbar组件
toolbar:{}, //工具条 ,对应fs-toolbar组件
table:{ //表格配置,对应fs-table
// 对应 el-table / a-table的配置
slots:{} // 对应el-table ,a-table的插槽
},
data:{}, //列表数据,无需配置,自动从pageRequest中获取
// 如果你要手动改变表格数据,可以通过crudBinding.value.data直接赋值修改表格数据
rowHandle:{}, //操作列配置,对应fs-row-handle
form:{ //表单的公共配置,对应el-forma-form配置
wrapper:{} //表单外部容器(对话框)的配置,对应el-dialog,el-drawer,a-model,a-drawer的配置
},
viewForm:{}, //查看表单的独立配置
editForm:{}, //编辑表单的独立配置
addForm:{}, //添加表单的独立配置
pagination:{}, //分页配置 ,对应el-pagination / a-pagination
container:{}, //容器配置 ,对应fs-container
}
## 布局高度
- Fast Crud 表格依赖外部容器高度计算。虽然表格本身有默认约 200px 高度,但页面内嵌 `fs-crud` 时,为了获得稳定可用的列表区域,必须让外层容器提供明确高度或剩余高度。
- 独立列表页通常可直接让 `fs-page` / 页面内容区撑满;如果表格嵌在 tabs、详情页、上下分区或弹窗里,要从页面根容器到 `fs-crud` 建立完整的 flex 高度链路:父容器 `display: flex; flex-direction: column; min-height: 0`,中间内容区和 tab pane 使用 `flex: 1; min-height: 0``fs-crud` 本身也使用 `flex: 1; min-height: 0`
- 有固定操作栏、统计区、说明区时,这些区域应 `flex: none`,把剩余空间交给表格区域。
- 修改嵌入式 Fast Crud 页面后,要检查空数据、少量数据和多页数据时表格高度、分页器和空状态是否仍在预期区域内。
## 代码习惯
- 页面命名、API 命名、权限标识和路由结构要贴近同目录已有页面。
- CRUD 配置中不要写大段业务流程;复杂逻辑放回 `index.vue` 方法或 `api.ts`
- 能用 `dict``compute``valueBuilder``valueResolve``component` 配置表达的表格/表单行为,不要改成手写模板。
- 保持列表页密度和操作入口克制,不要做营销式布局、嵌套卡片或大块说明文字。
- 如果页面有“设置 + 列表”,管理端优先拆成两个路由页面;用户端提现设置这类低频配置优先使用对话框保存。
## 验证方式
- 前端改动后,只对本次改动的 Vue / TS / TSX / locale 文件运行项目现有 Prettier / ESLint。
- 不运行 `vue-tsc` / `pnpm tsc`,因为当前依赖组合下 `vue-tsc` 已知会抛内部错误。
- 若只是新增或修改本 skill / 文档,不需要运行前端格式化和测试。
+10
View File
@@ -65,6 +65,16 @@
"console": "integratedTerminal",
"internalConsoleOptions": "neverOpen"
},
{
"name": "server-new",
"type": "node",
"request": "launch",
"cwd": "${workspaceFolder}/packages/ui/certd-server",
"runtimeExecutable": "pnpm",
"runtimeArgs": ["dev-new"],
"console": "integratedTerminal",
"internalConsoleOptions": "neverOpen"
},
{
"name": "server-local-plus",
"type": "node",
+2 -1
View File
@@ -20,5 +20,6 @@
"scm.repositories.visible": 9,
"scm.repositories.explorer": false,
"scm.repositories.selectionMode": "multiple",
"scm.repositories.sortOrder": "discovery time"
"scm.repositories.sortOrder": "discovery time",
"git.ignoreLimitWarning": true
}
+241
View File
@@ -0,0 +1,241 @@
# Certd 开发 Agent 上下文
这个文件是给在本仓库工作的开发 agent 看的常驻项目说明。后续会话进入仓库后,应先读取它,再按任务需要查看具体代码,避免每次都重新全量扫描项目。
## 项目用途
Certd 是一个支持私有化部署的 SSL/TLS 证书自动化管理平台。它提供 Web 管理台和后端服务,用于证书申请、续期、部署、监控、通知和开放 API 集成。
它不只是一个简单的 ACME 客户端。项目的核心产品模型是“证书流水线”:
- 通过 ACME 申请证书
- 支持 DNS-01、HTTP-01、CNAME 代理以及各类服务商集成来完成域名验证
- 支持将证书转换或导出为 pem、pfx、der、jks、p7b 等格式
- 支持把证书部署到主机、Nginx、Kubernetes、CDN、云厂商、面板等目标
- 支持通知用户,并监控站点证书过期时间
由于系统会保存证书、云厂商凭据、SSH 信息、API Key 等敏感数据,产品定位上强烈建议私有化/本地部署。
## 仓库结构
这是一个 pnpm + lerna 的 monorepo。
- `package.json`:根脚本和 workspace 元信息
- `pnpm-workspace.yaml`workspace 包匹配规则
- `lerna.json`lerna-lite 配置
- `docs/`VitePress 文档站
- `docker/`Docker 安装和运行相关文件
- `packages/core/acme-client/`:ACME 协议客户端,风格接近 node-acme-client
- `packages/core/basic/`:共享基础工具和基础设施
- `packages/core/pipeline/`:流水线核心、注册表、装饰器、插件模型、上下文、服务、通知等
- `packages/libs/`:共享集成与辅助库,例如 server、Huawei、JDCloud、Kubernetes、iframe
- `packages/plugins/plugin-lib/`:通用插件辅助能力和证书相关共享代码
- `packages/plugins/plugin-cert/`:证书流水线插件包
- `packages/pro/`:商业版/专业版相关包
- `packages/ui/certd-server/`:后端服务
- `packages/ui/certd-client/`:前端 Web 管理台
`packages/pro/` 是独立 Git 工作区,使用 `packages/pro/.git` 管理。根仓库的 `git status` / `git diff` 默认看不到这里的实际改动;修改商业版代码后,要在 `packages/pro` 目录内单独执行 `git status` / `git diff` 检查。
## 后端
主要后端包:`packages/ui/certd-server`
技术栈:
- Node.js、ESM、TypeScript
- MidwayJS 3
- Koa
- TypeORM
- 默认使用 better-sqlite3,同时支持 PostgreSQL 和 MySQL
- 通过 `@certd/midway-flyway-js` 使用类似 Flyway 的 SQL 迁移机制
重要位置:
- `packages/ui/certd-server/src/config/config.default.ts`:默认服务、静态文件、数据库、定时任务、认证、上传、Swagger 配置
- `packages/ui/certd-server/src/config/`:环境与配置加载逻辑
- `packages/ui/certd-server/src/configuration.ts`:Midway 应用配置、中间件注册、组件导入
- `packages/ui/certd-server/src/modules/`:业务模块,例如 pipeline、cert、cron、monitor、login、open API、sys、plugin、cname、notification
- `packages/ui/certd-server/src/controller/`:按 API 领域划分的控制器
- `packages/ui/certd-server/src/plugins/`:后端内置的具体服务商、部署、通知等插件
- `packages/ui/certd-server/db/migration/`:数据库迁移 SQL
- `packages/ui/certd-server/data/`:本地运行数据,例如 SQLite 数据库和生成文件
- `packages/ui/certd-server/logs/`:运行日志
已观察到的默认开发配置:
- HTTP 端口:`7001`
- HTTPS 端口:`7002`
- 默认 SQLite 数据库:`./data/db.sqlite`
- 默认文件根目录:`./data/files`
常用脚本:
- 根目录 `pnpm run start:server`:以生产模式启动后端包
- 后端 `pnpm run dev`:启动 Midway watch/dev 服务
- 后端 `pnpm run test`:运行后端 mocha 测试
- 后端 `pnpm run build`:构建后端并导出插件元数据
## 前端
主要前端包:`packages/ui/certd-client`
技术栈:
- Vue 3
- Vite
- TypeScript
- Ant Design Vue
- Fast Crud
- Pinia
- vue-router
- vue-i18n
- Tailwind/Windi 相关样式工具
重要位置:
- `packages/ui/certd-client/src/main.ts`:前端启动入口
- `packages/ui/certd-client/src/App.vue`:根组件
- `packages/ui/certd-client/src/api/`API 调用封装
- `packages/ui/certd-client/src/router/`:路由
- `packages/ui/certd-client/src/store/`Pinia store
- `packages/ui/certd-client/src/views/certd/`:核心产品页面,例如流水线、证书、授权、监控、通知、开放 API、项目、支付、插件
- `packages/ui/certd-client/src/components/`:共享 UI 组件
- `packages/ui/certd-client/src/locales/`:国际化
常用脚本:
- 前端 `pnpm dev`:启动 Vite 开发服务
- 前端 `pnpm build`:生产构建
- 不要运行前端 `pnpm tsc` / `vue-tsc`:当前依赖组合中 `vue-tsc@1.8.27` 会直接抛内部错误 `Search string not found: "/supportedTSExtensions = .*(?=;)/"`,不是有效的项目类型检查结果。
- 前端暂不跑单元测试;当前 `test:unit` 只是占位脚本
前端列表管理页面约定:
- 列表管理、后台管理、记录查询、CRUD 表格类页面,默认优先使用 Fast Crud(`@fast-crud/fast-crud``fs-crud``useFs``createCrudOptions`)实现。
- 只有轻量只读展示、强交互自定义界面或已有页面模式明确不适合 Fast Crud 时,才手写 `a-table` / 自定义列表,并在回复中说明原因。
- 开发或重构这类页面前,先读取 `.trae/skills/fast-crud-page-dev/SKILL.md`,按仓库内 Fast Crud 页面拆分与验证方式实现。
- 前端对话框里只做纯确认时可以使用 `Modal.confirm`;只要对话框里有字段输入、表单校验或提交字段,统一使用 `useFormDialog` / `openFormDialog`,不要在 `Modal.confirm``content` 里手写输入框。
- 页面内嵌 Fast Crud 表格时,要显式给外层容器稳定高度或 `flex: 1; min-height: 0` 的撑满链路;Fast Crud 依赖外部元素高度,不能只依赖表格默认高度。
- 后台管理列表里展示或筛选用户字段时,优先参考 `packages/ui/certd-client/src/views/sys/suite/user-suite/crud.tsx``userId` 字段模式:前端使用 `table-select` + `/sys/authority/user/getSimpleUserByIds` 字典回显和搜索;不要为了展示用户名让后端列表接口额外 `fillSimpleUser` / `userDisplay`,除非该接口本身就是用户端业务列表且已有明确模式。
## 流水线与插件模型
项目最关键的架构概念是证书流水线。
可以从 `packages/core/pipeline/src/index.ts` 入手,它导出:
- `core`
- `dt`
- `access`
- `registry`
- `plugin`
- `context`
- `decorator`
- `service`
- `notification`
插件是核心能力,不是边缘功能。新增服务商、DNS 验证、证书部署、通知方式等能力,通常应该放在插件包里,或放在 `packages/ui/certd-server/src/plugins/<plugin-name>/` 下。
后端已看到的插件类型包括:
- DNS 和注册商服务商:Aliyun、Tencent、Cloudflare、Huawei、JDCloud、AWS、Azure、Google、GoDaddy、Namesilo、Xinnet、West、UCloud、Qiniu、Upyun、Volcengine 等
- 部署目标:host、Kubernetes、Nginx Proxy Manager、APISIX、Proxmox、QNAP、Dokploy、GoEdge、各类 CDN、各类面板
- 系统/产品插件:notification、captcha、oauth、admin、plus/pro、demo/template
当修改证书申请、验证、部署或通知行为时,先判断改动属于哪里:
- ACME client 代码
- pipeline 核心抽象
- 后端 module/service/entity/controller
- 某个具体插件实现
- 前端 view/form/schema
如果只是某个服务商或部署目标的问题,不要轻易修改共享 pipeline/core 行为,除非确实是可复用的公共能力。
### ACME / EAB 注意事项
- 公共 EAB(尤其是 Google EAB)可能只能创建一次 ACME 账号。要跨用户复用公共 EAB,应保存并复用同一个 ACME account private key`accountUrl` 如果存到 `userContext` 里,只能视为当前用户缓存,因为 `userContext` 跟用户 id 走。
- ACME 协议的 `newAccount` 支持 `onlyReturnExisting`。使用同一个 account private key 调用 `newAccount({ onlyReturnExisting: true })` 可以取回已创建账号的 URL,且不会再次消费 EAB。
- 修改 EAB 的 `kid` 后,应重新生成绑定该 `kid` 的 account private key;否则应阻止继续申请并提示用户刷新账号私钥。
## 数据与迁移
后端使用 TypeORM 实体加 SQL 迁移。
重点查看:
- `packages/ui/certd-server/src/modules/**/entity/*.ts`
- `packages/ui/certd-server/db/migration/*.sql`
默认配置中 `synchronize: false`,所以涉及表结构变更时,通常应该添加或更新迁移脚本,而不是依赖 TypeORM 自动同步。
## 开发注意事项
- 中文 README 在部分 PowerShell 环境中可能显示乱码;`README_en.md` 可读性更好,且包含同样的高层项目说明。
- 初次整理时观察到当前分支为 `v2-dev`
- 根包管理器是 pnpm,不要引入 npm/yarn lockfile。
- 优先沿用现有模块、插件、服务模式,再考虑新增抽象。
- `packages/ui/certd-server/data/``logs/`、生成的 metadata/dist 等通常视为运行时或构建产物,除非任务明确要求处理它们。
- 注意本地数据和配置里可能包含凭据、证书材料等敏感信息。
- 使用 `/basic/file/upload` 上传文件后,接口返回的是临时缓存 key。业务保存表单或设置时,后端必须调用 `FileService.saveFile(userId, key, "public" | "private")` 转成永久文件 key 后再入库/入设置;不要直接保存 `tmpfile_key_...`,否则后续回显或下载会失效。
- 本仓库代码注释优先使用中文,尤其是解释业务规则、兼容逻辑、协议细节和隐藏风险时;除非文件已有明确英文注释风格或引用外部英文术语,否则不要新增英文说明性注释。
- 代码可读性优先于短写法。遇到包含业务分支的复杂三元表达式、内联对象、链式调用或条件组合时,优先拆成命名清晰的中间变量、独立分支或小函数,让读代码的人能一眼看出业务意图;不要为了少写几行把逻辑压成难读的一坨。
- 遵守 DRY 原则:同一业务规则、字段转换、权限判断、Repository 选择、事务传播、金额计算等逻辑不要在多个地方复制粘贴。第二次出现时可以先保持清晰,第三次出现前应优先抽成局部 helper、service 方法或已有公共工具;抽象要服务于减少真实重复和降低修改风险,不要为了形式上的“复用”制造过度设计。
- 遵守单一职责原则:一个方法只负责一个清晰的业务步骤或技术步骤。流程编排方法可以串联多个步骤,但具体的校验、计算、持久化、状态变更、展示数据组装应尽量拆到命名明确的小方法中;不要让一个方法同时承担查询、校验、计算、写库、格式化返回等过多职责。
- 后端方法参数超过 3 个时,尽量改为对象参数传入;需要传入 `manager` / `EntityManager` 做事务传播的方法,必须使用对象参数,不要把 `manager` 作为位置参数藏在参数列表末尾。
- 后端 service 层只有存在事务链路传播需求时才定义 `ctx`,不要为了将来可能需要而提前给普通方法加 `ctx`。事务链路方法统一采用 `method(ctx, req)` 形式,`ctx` 放第一位并承载 `manager?: EntityManager` 等横切上下文,业务参数放在 `req` 对象里,例如 `settleCommission({ manager }, { tradeId, userId, amount })`。无事务链路需求的普通查询、纯函数和简单私有方法继续使用明确参数。
- service 内部需要根据事务上下文选择 Repository 时,优先使用 `BaseService.getRepo(ctx, entity)`;不要在业务方法里反复写 `ctx.manager?.getRepository(Entity) || this.xxxRepository``ctx` 类型统一从 `BaseService` 导出的 `ServiceContext` 复用,不要在每个 service 里重复定义。
## 插件开发技能
仓库内置了 Certd 插件开发技能,供 Trae 和 Codex 共用:
- Trae 入口:`.trae/skills`
- Codex 入口:`.codex/skills`
其中 `.codex/skills` 是指向 `.trae/skills` 的目录链接,不要复制出第二份技能内容。更新技能时只维护 `.trae/skills` 下的原始文件,Codex 会通过 `.codex/skills` 读取同一份内容。
当前技能包括:
- `access-plugin-dev`:开发 Access 授权插件
- `dns-provider-dev`:开发 DNS Provider 插件
- `fast-crud-page-dev`:开发或重构前端 Fast Crud 列表管理页面
- `task-plugin-dev`:开发 Task 部署任务插件
- `plugin-converter`:将插件转换为 YAML 配置
做插件相关任务时,先读取对应技能目录下的 `SKILL.md`,再进入具体实现。若用户在插件开发中指出更好的做法,应总结并更新对应技能。
## 快速定向命令
进入项目后,优先使用这些有目标的读取命令,而不是立刻全仓库扫描:
```powershell
Get-Content -Encoding utf8 package.json
Get-Content -Encoding utf8 pnpm-workspace.yaml
Get-Content -Encoding utf8 lerna.json
Get-Content -Encoding utf8 README_en.md -TotalCount 180
Get-Content -Encoding utf8 packages\ui\certd-server\package.json
Get-Content -Encoding utf8 packages\ui\certd-client\package.json
Get-ChildItem packages\ui\certd-server\src\modules
Get-ChildItem packages\ui\certd-server\src\plugins
Get-ChildItem packages\ui\certd-client\src\views\certd
```
## 本仓库 Agent 工作方式
- 先读本文件,再按用户任务查看相关 package/module。
- 在 PowerShell 中读取中文、Markdown、locale、文档类文件时,显式使用 `Get-Content -Encoding utf8`;如果仍然显示乱码,再先执行 `[Console]::OutputEncoding = [System.Text.UTF8Encoding]::new()` 后重试。
- 做后端任务时,先定位 `packages/ui/certd-server/src/modules` 下的模块,以及相关 entity/service/controller。
- 做前端任务时,先定位 `packages/ui/certd-client/src/views/certd` 下的页面,再找对应 `src/api`
- 做服务商、DNS、部署、通知相关任务时,先看 `packages/ui/certd-server/src/plugins`,再看 `packages/plugins/plugin-lib` 里的共享辅助能力。
- 做数据库结构变更时,添加或更新迁移脚本,不要依赖 TypeORM 自动同步。
- 实现新功能或修复行为缺陷前,先补对应单元测试,并先运行测试确认它处于失败状态;再实现功能或修复代码,反复运行聚焦单元测试直到通过。若某项改动确实不适合先写单元测试,应在回复中说明原因和替代验证方式。
- 后补单元测试时,应先基于对正确行为的实际预期编写测试,而不是为了迎合现有实现改写预期;如果运行后出现红灯,且通过测试需要修改已有实现,应先向用户确认这是确实的 bug,还是原本需求/既有行为就是如此;确认后再修改原始实现,避免把测试补充变成未经确认的行为改动。
- 后端纯单元测试用例放在 `src` 目录内,并尽量与被测文件相邻,例如 `src/utils/random.test.ts`;对应 `test:unit` 只跑 `src/**/*.test.ts`,构建/打包配置应排除这些 `*.test.ts` 文件。
- 单元测试需要 mock ESM 静态 import 时,优先使用 `esmock`,不要为了测试把业务代码改成构造函数注入或把逻辑挪到调用方;各包 `test:unit` 脚本应显式设置 `NODE_ENV=unittest`
- 单个 monorepo 包运行单元测试时,优先使用 `corepack pnpm --dir <包目录> test:unit`,例如 `corepack pnpm --dir packages\ui\certd-server test:unit``corepack pnpm --dir packages\core\basic test:unit``corepack pnpm --dir packages\plugins\plugin-lib test:unit`;也可以用包名过滤,例如 `corepack pnpm --filter @certd/ui-server test:unit`。前端 `packages\ui\certd-client` 暂时不跑单元测试。
- 前端 TS/Vue/locale 等文件改动后,优先只对本次改动文件运行项目现有自动格式化/修复;Windows/PowerShell 下 Prettier 已验证可用命令为 `packages\ui\certd-client\node_modules\.bin\prettier.cmd --write <files>`ESLint 可用命令为 `packages\ui\certd-client\node_modules\.bin\eslint.cmd --fix <files>`;不要运行 `vue-tsc` / `pnpm tsc`;不要为了格式化无关文件而扩大 diff。项目保留了 `tslint` 依赖,但当前主要使用 ESLint + Prettier。
- 优先对改动包运行聚焦的测试;后端可按包运行单元测试,前端优先使用 Prettier/ESLint 做改动文件验证。只有跨包影响明显时再考虑全 monorepo 构建。
- 不要主动运行 `pnpm install` 安装依赖:用户会事先准备好 `node_modules`。如果 `pnpm install``test:unit` 因缺少依赖、TTY 或网络问题失败,立即停止尝试,告知用户解决环境问题。
+129
View File
@@ -3,6 +3,135 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.40.5](https://github.com/certd/certd/compare/v1.40.4...v1.40.5) (2026-05-26)
### Bug Fixes
* 安装glibc,增加Alpine镜像下 dns解析结果的兼容性 ([1a08bd3](https://github.com/certd/certd/commit/1a08bd340e1e7d3f9acf5d40f7bba7998459b8fb))
* 修复阿里云证书订单orderid 选择出错的问题 ([af9047b](https://github.com/certd/certd/commit/af9047bf3c54ce71b11727ccc6220288ed1f57be))
* 修复查询阿里云cdn Dcdn 域名太多无法选择的bug ([346fb73](https://github.com/certd/certd/commit/346fb730a37e035576f5d9ea5c0d74c052b34aeb))
## [1.40.4](https://github.com/certd/certd/compare/v1.40.3...v1.40.4) (2026-05-24)
### Bug Fixes
* **pipeline-service:** 修复流水线运行时超过套餐部署次数仍然能够正常运行的bug ([5e59651](https://github.com/certd/certd/commit/5e59651d45bc91919629e35995ff1b3cff6b87ea))
### Performance Improvements
* 商业版套餐只支持设置为可叠加 ([5e72f75](https://github.com/certd/certd/commit/5e72f75395fb632a30e80c07d35d8ba40ef631fa))
* 新增阿里云直播证书部署插件 ([8edb6f8](https://github.com/certd/certd/commit/8edb6f8727bd148f106801bef25567880fd35e9e))
## [1.40.3](https://github.com/certd/certd/compare/v1.40.2...v1.40.3) (2026-05-21)
### Bug Fixes
* 修复暗黑模式下注册页面验证码看不清的问题 ([5ba33be](https://github.com/certd/certd/commit/5ba33be30f765f06cafbfcc04f5e25320db01449))
### Performance Improvements
* 修复商业版套餐添加和修改时的字段显示 ([fb5b00d](https://github.com/certd/certd/commit/fb5b00d73f925036a65ce5003c57c1199578c34d))
## [1.40.2](https://github.com/certd/certd/compare/v1.40.1...v1.40.2) (2026-05-19)
### Bug Fixes
* **certd-server:** 调整首页缓存控制头的判断逻辑 ([0499347](https://github.com/certd/certd/commit/0499347588ee544862420ab9a5afd2546d61bc6c))
### Performance Improvements
* **controller:** 更换版本获取源并添加版本标准化处理 ([cb08e06](https://github.com/certd/certd/commit/cb08e061d257ba23a0fefdbfb046a8c759def828))
## [1.40.1](https://github.com/certd/certd/compare/v1.40.0...v1.40.1) (2026-05-18)
### Bug Fixes
* 固化华为云sdk版本,避免华为云调用报错 ([59b9ffa](https://github.com/certd/certd/commit/59b9ffadd05faf3982151c48f8d83cbd97419865))
* **email-service:** 优化商业版测试邮件内容中带的url链接 ([667e7b1](https://github.com/certd/certd/commit/667e7b185bf26558972be01720872f48352b5876))
### Performance Improvements
* 商业版支持限制泛域名数量 ([c63745d](https://github.com/certd/certd/commit/c63745d1ba30904428ba6b13ab0785298baa5cae))
* **suite:** 商业版用户已购套餐支持修改 ([bdb3d09](https://github.com/certd/certd/commit/bdb3d09c09fc73e7e5e3401f6ef5588bf8ad5088))
# [1.40.0](https://github.com/certd/certd/compare/v1.39.16...v1.40.0) (2026-05-14)
### Bug Fixes
* 修复第三方登录丢失state时无法在用户信息页面绑定第三方账号的bug ([45dedf5](https://github.com/certd/certd/commit/45dedf5bc779fea852e1f33dda4f31db2765633c))
* 修复群晖授权没有显示设备id输入框的bug ([2f172b5](https://github.com/certd/certd/commit/2f172b56e9411303ca15138d827bdb9bafdae4d1))
* 修复自动注册后没有跳转到控制台的bug ([4681ec9](https://github.com/certd/certd/commit/4681ec90088a3eb665427b2ac4047ec5ccefd7b3))
* 修复clogin登录丢失state问题 ([22f5cfc](https://github.com/certd/certd/commit/22f5cfcfd8462ca74128329eefb3f48b3ee0b7ea))
* 修复clogin多选类型登录失败的bug ([9f878a3](https://github.com/certd/certd/commit/9f878a353cd49b7b10bb0a95610ad236bc920dd2))
### Features
* 彩虹登录支持选择多种登录方式 ([7aa0c7e](https://github.com/certd/certd/commit/7aa0c7e491fe660abb62e68792ff5474f19bd5b8))
### Performance Improvements
* 第三方登录自动注册的用户支持设置初始化密码 ([a815d02](https://github.com/certd/certd/commit/a815d0245b97efbb948b33d6fc9d49862ce06889))
* 头像增加缓存时间 ([7015b1b](https://github.com/certd/certd/commit/7015b1b232602e5168a3eb8bee6d7f1776ae1e74))
## [1.39.16](https://github.com/certd/certd/compare/v1.39.15...v1.39.16) (2026-05-13)
**Note:** Version bump only for package root
## [1.39.15](https://github.com/certd/certd/compare/v1.39.14...v1.39.15) (2026-05-13)
### Bug Fixes
* 修复第三方登录彩虹登录不上的bug ([bae4f8e](https://github.com/certd/certd/commit/bae4f8e3209d9f9869ecbd7c01655383bac2fe21))
### Performance Improvements
* 优化申请时报错日志增加对应域名打印 ([d6e9e59](https://github.com/certd/certd/commit/d6e9e5987bd52ea12ee18745615486eadd4c87ff))
* icon选择器增加一套logo集 ([fdd5848](https://github.com/certd/certd/commit/fdd5848df4055a6ee07dc5eabaaf6b718672882d))
* **monitor/site:** 新增站点监控页面禁用启用、检查状态两个筛选条件 ([118c15d](https://github.com/certd/certd/commit/118c15d04633a6ef06f2d9e7a7849d20f596e02c))
* **network:** 新增全局公共http请求 headers设置 ([aad9045](https://github.com/certd/certd/commit/aad9045de55e76cb2ad09cac74a7bd60a4b47124))
## [1.39.14](https://github.com/certd/certd/compare/v1.39.13...v1.39.14) (2026-05-11)
### Bug Fixes
* 修复阿里云订阅流水线创建对话框无法获取阿里订单列表的bug ([a362860](https://github.com/certd/certd/commit/a362860137bfb7072893c844fe775edc46070ee1))
* 修复启动时报密钥备份不存在的问题 ([c966896](https://github.com/certd/certd/commit/c9668965226af6b54e0e576931dcba8b3d188ef3))
## [1.39.13](https://github.com/certd/certd/compare/v1.39.12...v1.39.13) (2026-05-10)
### Bug Fixes
* **aliyun-access:** 添加阿里云密钥校验失败的错误处理 ([b75c625](https://github.com/certd/certd/commit/b75c625ddcc0b3110699d8e6175681ef157b25df))
* cnameProvider域名支持设置子域名托管 ([7266af1](https://github.com/certd/certd/commit/7266af17491a98338022cfb18cfedfb93ca6ef8f))
* **plugin-aliyun:** 过滤非CAS证书并优化日志信息 ([c4b01da](https://github.com/certd/certd/commit/c4b01da384bc40a241a673ea8bc01ca733c04d83))
### Performance Improvements
* **设置:** 添加首页启用开关配置 ([25ad1e6](https://github.com/certd/certd/commit/25ad1e6f861e43288cc8bd90d4903628e6faec29))
* 新增agents.md ([aa176b0](https://github.com/certd/certd/commit/aa176b081a92837d2d6809d16546a8dfc2e5dd36))
* **用户资料:** 新增手机号邮箱绑定功能 ([e0eb0e2](https://github.com/certd/certd/commit/e0eb0e21f6dae24b639c944f9aba2c90496ab1c0))
* 域名注册过期时间获取再次优化 ([91a1b97](https://github.com/certd/certd/commit/91a1b9755066bf280e194dabf7c3a9f936e2643f))
* **证书流水线:** 添加批量更新证书申请参数功能 ([63be1c1](https://github.com/certd/certd/commit/63be1c1cbd9b09a3b48f26130c296b1cedcca1ac))
* 支持火山云vke ([bb46cb0](https://github.com/certd/certd/commit/bb46cb08f71f6ae921543f7e4a6c5f4e0190556e))
* 重构自动加载模块并优化EAB授权处理 ([4755216](https://github.com/certd/certd/commit/4755216505ad18555a50da9d8008c2207c48df86))
* **domain:** 添加域名过期时间同步进度显示功能 ([9d2937d](https://github.com/certd/certd/commit/9d2937dd4b14ffab73e9b096edd2aa8539811182))
* **plugin-volcengine:** 支持火山引擎VKE部署插件 ([b8a64a6](https://github.com/certd/certd/commit/b8a64a6b5bf3691a47177de42bc49b798e795feb))
## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
### Bug Fixes
* 调整手机版首页标题被挤开的bug ([eab66e2](https://github.com/certd/certd/commit/eab66e2d1988635985745f2d1b227b958969ee00))
* 修复腾讯云clb部署报缺少sslmode参数的bug ([2f1ad72](https://github.com/certd/certd/commit/2f1ad7201f5ed9e00368a28b9e40907d4b415852))
### Performance Improvements
* 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
* 阿里云证书订单支持获取2.0的订单 ([64b3184](https://github.com/certd/certd/commit/64b3184b286fee996002d857b0de588452abdadd))
* 优化流水线执行时的状态保存性能 ([e00830b](https://github.com/certd/certd/commit/e00830bebcfe6344499e490bc174de96f9fb22d6))
* 增加权威NS检查开关,某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/certd/certd/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
* 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
### Bug Fixes
+18 -13
View File
@@ -34,10 +34,11 @@ Certd® 是一个免费的全自动证书管理系统,让你的网站证书永
* **多种通知方式**: 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
* **私有化部署**: 数据保存本地,安装简单快捷,镜像由Github Actions构建,过程公开透明
* **多重安全保障**: 授权加密,站点隐藏,2FA,密码防爆破等多重安全保障
* **多数据库支持**:支持SQLite、PostgreSQL、MySQL
* **多数据库支持**:支持SQLite、PostgreSQL、MySQL、MariaDB
* **开放接口支持**: 提供RESTful API接口,方便集成到其他系统
* **站点证书监控**: 定时监控网站证书的过期时间
* **多用户管理**: 用户可以管理自己的证书流水线
* **项目管理**: 企业级项目管理模式
* **多语言支持** 中英双语切换
* **无忧升级** 版本向下兼容
@@ -179,19 +180,23 @@ https://certd.handfree.work/
[50元专业版优惠券限时领取](https://app.handfree.work/subject/#/app/certd/product)
专业版特权对比
| 功能 | 免费版 | 专业版 |
|---------|---------------------------------------|--------------------------------|
| 免费证书申请 | 免费无限制 | 免费无限制 |
| 证书域名数量 | 无限制 | 无限制 |
| 证书流水线条数 | 无限制 | 无限制 |
| 自动部署插件 | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖、威联通、proxmox等 |
| 通知 | 邮件通知、自定义webhook | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
| 站点监控 | 限制1条 | 无限制 |
| 批量操作 | 无 | 流水线模版,流水线复制,批量运行,批量设置通知、定时等 |
| VIP群 | 无 | 可加,一对一技术支持,必要时可申请远程协助 |
专业版、商业版特权对比
| 功能&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; | 免费版 | 专业版 | 商业版 |
|---------|---------------------------------------|--------------------------------|---------------------------------|
| 证书申请 | 无限制 | 无限制 | 无限制 |
| 证书域名数量 | 无限制 | 无限制 | 无限制 |
| 证书流水线条数 | 无限制 | 无限制 | 无限制 |
| 自动部署插件 | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖、威联通、proxmox等 | 同专业版 |
| 通知 | 邮件通知、自定义webhook | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 | 同专业版 |
| 站点监控 | 限制1条 | 无限制 | 无限制 |
| 批量操作 | 无 | 流水线模版,流水线复制,批量运行,批量设置通知、定时等 | 同专业版 |
| VIP群 | 无 | 可加,一对一技术支持,必要时可申请远程协助 | 商业版技术支持 |
| 站点个性化 | 无 | 无 | 可自定义站点名称、Logo等,移除Certd元素,首页警告等 |
| 套餐功能 | 无 | 无 | 支持配置套餐供用户购买 |
| 数据统计 | 无 | 无 | 支持站点各类统计数据 |
| 插件管理 | 无 | 无 | 支持公共EAB设置,插件选项配置 |
| 是否可商用 | 不允许 | 不允许 | 可对外运营 |
## 九、贡献代码
+1 -1
View File
@@ -31,7 +31,7 @@ This project not only supports automated certificate application but also automa
* Multiple notification methods, including email, webhook, WeChat Work, DingTalk, Lark, and anpush.
* On-premises deployment, local data storage, simple and quick installation. Images are built by Github Actions, with a transparent process.
* Multiple security measures, including authorization encryption, site hiding, 2FA, and password brute-force protection.
* Supports multiple databases such as SQLite, PostgreSQL, and MySQL.
* Supports multiple databases such as SQLite, PostgreSQL, MySQL, and MariaDB.
* Open API support.
* Site certificate monitoring.
* Multi-user management.
+95
View File
@@ -0,0 +1,95 @@
version: '3.3' # 兼容旧版docker-compose
services:
certd:
# 镜像 # ↓↓↓↓↓ ---- 镜像版本号,建议改成固定版本号,例如:certd:1.29.0
image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
# image: ghcr.io/certd/certd:latest # --------- 如果 报镜像not found,可以尝试其他镜像源
# image: greper/certd:latest
container_name: certd # 容器名
restart: unless-stopped # 自动重启
volumes:
# ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下,【您需要定时备份此目录,以保障数据容灾】
- /data/certd:/app/data # 只要修改冒号前面的,冒号后面的/app/data切记切记不要动
#- /volume1/docker/certd:/app/data:delegated #群晖使用这个配置
# ↓↓↓↓↓ -------------------------------------------------------- 如果走时不准,考虑挂载localtime文件
#- /etc/localtime:/etc/localtime
#- /etc/timezone:/etc/timezone
ports: # 端口映射
# ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突,可以修改第一个7001为其他不冲突的端口号,第二个7001不要动
- "7001:7001"
# ↓↓↓↓ ---------------------------------------------------------- https端口,可以根据实际情况,是否暴露该端口
- "7002:7002"
#↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo EAI_AGAIN 或 getaddrinfo ENOTFOUND 错误,可以尝试设置dns
# dns:
# - 223.5.5.5 # 阿里云公共dns
# - 223.6.6.6
# # ↓↓↓↓ --------------------------------------------------------- 如果你服务器在腾讯云,可以用这个替换上面阿里云的公共dns
# - 119.29.29.29 # 腾讯云公共dns
# - 182.254.116.116
# # ↓↓↓↓ --------------------------------------------------------- 如果你服务器部署在国外,可以用这个替换上面阿里云的公共dns
# - 8.8.8.8 # 谷歌公共dns
# - 8.8.4.4
# extra_hosts:
# # ↓↓↓↓ -------------------------------------------------------- 这里可以配置自定义hosts,外网域名可以指向本地局域网ip地址
# - "localdomain.com:192.168.1.3"
# # ↓↓↓↓ ------------------------------------------------ 直接使用主机的网络,如果网络问题实在找不到原因,可以尝试打开此参数
# network_mode: host
labels:
com.centurylinklabs.watchtower.enable: "true"
# ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络,还需要把下面networks的注释放开
# networks:
# - ip6net
environment:
# ↓↓↓↓ ----------------------------------------------------- 使用上海东八时区
- TZ=Asia/Shanghai
# 设置环境变量即可自定义certd配置
# 配置项见: packages/ui/certd-server/src/config/config.default.ts
# 配置规则: certd_ + 配置项, 点号用_代替
# #↓↓↓↓ ----------------------------- 如果忘记管理员密码,可以设置为truedocker compose up -d 重建容器之后,管理员密码将改成123456,然后请及时修改回false
- certd_system_resetAdminPasswd=false
# ↓↓↓ 要使用ipv6,将此配置修改为::
- certd_koa_hostname=0.0.0.0
# 默认使用sqlite文件数据库,如果需要使用其他数据库,请设置以下环境变量
# 注意: 选定使用一种数据库之后,不支持更换数据库。
# 数据库迁移方法:1、使用新数据库重新部署一套,然后将旧数据同步过去,注意flyway_history表的数据不要同步
# #↓↓↓↓ ----------------------------- 使用postgresql数据库,需要提前创建数据库
# - certd_flyway_scriptDir=./db/migration-pg # 升级脚本目录
# - certd_typeorm_dataSource_default_type=postgres # 数据库类型
# - certd_typeorm_dataSource_default_host=localhost # 数据库地址
# - certd_typeorm_dataSource_default_port=5433 # 数据库端口
# - certd_typeorm_dataSource_default_username=postgres # 用户名
# - certd_typeorm_dataSource_default_password=yourpasswd # 密码
# - certd_typeorm_dataSource_default_database=certd # 数据库名
# #↓↓↓↓ ----------------------------- 使用mysql8数据库,需要提前创建数据库 charset=utf8mb4, collation=utf8mb4_bin
# - certd_flyway_scriptDir=./db/migration-mysql # 升级脚本目录
# - certd_typeorm_dataSource_default_type=mysql # 数据库类型, 或者 mariadb
# - certd_typeorm_dataSource_default_host=localhost # 数据库地址
# - certd_typeorm_dataSource_default_port=3306 # 数据库端口
# - certd_typeorm_dataSource_default_username=root # 用户名
# - certd_typeorm_dataSource_default_password=yourpasswd # 密码
# - certd_typeorm_dataSource_default_database=certd # 数据库名
# ↓↓↓↓ --------------------------------------------------------- 自动升级,上面certd的版本号要保持为latest
certd-updater: # 添加 Watchtower 服务
image: containrrr/watchtower:latest
container_name: certd-updater
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# 配置 自动更新
environment:
- WATCHTOWER_CLEANUP=true # 自动清理旧版本容器
- WATCHTOWER_INCLUDE_STOPPED=false # 不更新已停止的容器
- WATCHTOWER_LABEL_ENABLE=true # 根据容器标签进行更新
- WATCHTOWER_POLL_INTERVAL=600 # 每 10 分钟检查一次更新
# ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络,还需要把上面networks的注释放开
#networks:
# ip6net:
# enable_ipv6: true
# ipam:
# config:
# - subnet: 2001:db8::/64
+1
View File
@@ -119,6 +119,7 @@ export default defineConfig({
{text: "Certd本身的证书更新", link: "/guide/use/https/index.md"},
{text: "js脚本插件使用", link: "/guide/use/custom-script/index.md"},
{text: "邮箱配置", link: "/guide/use/email/index.md"},
{text: "证书复用", link: "/guide/use/pretask/"},
{text: "IPv6支持", link: "/guide/use/setting/ipv6.md"},
{text: "ESXi", link: "/guide/use/ESXi/index.md"},
{text: "宝塔动态IP白名单", link: "/guide/use/baota/white_list.md"},
+155
View File
@@ -3,6 +3,161 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.40.5](https://github.com/certd/certd/compare/v1.40.4...v1.40.5) (2026-05-26)
### Bug Fixes
* 安装glibc,增加Alpine镜像下 dns解析结果的兼容性 ([1a08bd3](https://github.com/certd/certd/commit/1a08bd340e1e7d3f9acf5d40f7bba7998459b8fb))
* 修复阿里云证书订单orderid 选择出错的问题 ([af9047b](https://github.com/certd/certd/commit/af9047bf3c54ce71b11727ccc6220288ed1f57be))
* 修复查询阿里云cdn Dcdn 域名太多无法选择的bug ([346fb73](https://github.com/certd/certd/commit/346fb730a37e035576f5d9ea5c0d74c052b34aeb))
## [1.40.4](https://github.com/certd/certd/compare/v1.40.3...v1.40.4) (2026-05-24)
### Bug Fixes
* **pipeline-service:** 修复流水线运行时超过套餐部署次数仍然能够正常运行的bug ([5e59651](https://github.com/certd/certd/commit/5e59651d45bc91919629e35995ff1b3cff6b87ea))
### Performance Improvements
* 商业版套餐只支持设置为可叠加 ([5e72f75](https://github.com/certd/certd/commit/5e72f75395fb632a30e80c07d35d8ba40ef631fa))
* 新增阿里云直播证书部署插件 ([8edb6f8](https://github.com/certd/certd/commit/8edb6f8727bd148f106801bef25567880fd35e9e))
## [1.40.3](https://github.com/certd/certd/compare/v1.40.2...v1.40.3) (2026-05-21)
### Bug Fixes
* 修复暗黑模式下注册页面验证码看不清的问题 ([5ba33be](https://github.com/certd/certd/commit/5ba33be30f765f06cafbfcc04f5e25320db01449))
### Performance Improvements
* 修复商业版套餐添加和修改时的字段显示 ([fb5b00d](https://github.com/certd/certd/commit/fb5b00d73f925036a65ce5003c57c1199578c34d))
## [1.40.2](https://github.com/certd/certd/compare/v1.40.1...v1.40.2) (2026-05-19)
### Bug Fixes
* **certd-server:** 调整首页缓存控制头的判断逻辑 ([0499347](https://github.com/certd/certd/commit/0499347588ee544862420ab9a5afd2546d61bc6c))
### Performance Improvements
* **controller:** 更换版本获取源并添加版本标准化处理 ([cb08e06](https://github.com/certd/certd/commit/cb08e061d257ba23a0fefdbfb046a8c759def828))
## [1.40.1](https://github.com/certd/certd/compare/v1.40.0...v1.40.1) (2026-05-18)
### Bug Fixes
* 固化华为云sdk版本,避免华为云调用报错 ([59b9ffa](https://github.com/certd/certd/commit/59b9ffadd05faf3982151c48f8d83cbd97419865))
* **email-service:** 优化商业版测试邮件内容中带的url链接 ([667e7b1](https://github.com/certd/certd/commit/667e7b185bf26558972be01720872f48352b5876))
### Performance Improvements
* 商业版支持限制泛域名数量 ([c63745d](https://github.com/certd/certd/commit/c63745d1ba30904428ba6b13ab0785298baa5cae))
* **suite:** 商业版用户已购套餐支持修改 ([bdb3d09](https://github.com/certd/certd/commit/bdb3d09c09fc73e7e5e3401f6ef5588bf8ad5088))
# [1.40.0](https://github.com/certd/certd/compare/v1.39.16...v1.40.0) (2026-05-14)
### Bug Fixes
* 修复第三方登录丢失state时无法在用户信息页面绑定第三方账号的bug ([45dedf5](https://github.com/certd/certd/commit/45dedf5bc779fea852e1f33dda4f31db2765633c))
* 修复群晖授权没有显示设备id输入框的bug ([2f172b5](https://github.com/certd/certd/commit/2f172b56e9411303ca15138d827bdb9bafdae4d1))
* 修复自动注册后没有跳转到控制台的bug ([4681ec9](https://github.com/certd/certd/commit/4681ec90088a3eb665427b2ac4047ec5ccefd7b3))
* 修复clogin登录丢失state问题 ([22f5cfc](https://github.com/certd/certd/commit/22f5cfcfd8462ca74128329eefb3f48b3ee0b7ea))
* 修复clogin多选类型登录失败的bug ([9f878a3](https://github.com/certd/certd/commit/9f878a353cd49b7b10bb0a95610ad236bc920dd2))
### Features
* 彩虹登录支持选择多种登录方式 ([7aa0c7e](https://github.com/certd/certd/commit/7aa0c7e491fe660abb62e68792ff5474f19bd5b8))
### Performance Improvements
* 第三方登录自动注册的用户支持设置初始化密码 ([a815d02](https://github.com/certd/certd/commit/a815d0245b97efbb948b33d6fc9d49862ce06889))
* 头像增加缓存时间 ([7015b1b](https://github.com/certd/certd/commit/7015b1b232602e5168a3eb8bee6d7f1776ae1e74))
## [1.39.16](https://github.com/certd/certd/compare/v1.39.15...v1.39.16) (2026-05-13)
**Note:** Version bump only for package root
## [1.39.15](https://github.com/certd/certd/compare/v1.39.14...v1.39.15) (2026-05-13)
### Bug Fixes
* 修复第三方登录彩虹登录不上的bug ([bae4f8e](https://github.com/certd/certd/commit/bae4f8e3209d9f9869ecbd7c01655383bac2fe21))
### Performance Improvements
* 优化申请时报错日志增加对应域名打印 ([d6e9e59](https://github.com/certd/certd/commit/d6e9e5987bd52ea12ee18745615486eadd4c87ff))
* icon选择器增加一套logo集 ([fdd5848](https://github.com/certd/certd/commit/fdd5848df4055a6ee07dc5eabaaf6b718672882d))
* **monitor/site:** 新增站点监控页面禁用启用、检查状态两个筛选条件 ([118c15d](https://github.com/certd/certd/commit/118c15d04633a6ef06f2d9e7a7849d20f596e02c))
* **network:** 新增全局公共http请求 headers设置 ([aad9045](https://github.com/certd/certd/commit/aad9045de55e76cb2ad09cac74a7bd60a4b47124))
## [1.39.14](https://github.com/certd/certd/compare/v1.39.13...v1.39.14) (2026-05-11)
### Bug Fixes
* 修复阿里云订阅流水线创建对话框无法获取阿里订单列表的bug ([a362860](https://github.com/certd/certd/commit/a362860137bfb7072893c844fe775edc46070ee1))
* 修复启动时报密钥备份不存在的问题 ([c966896](https://github.com/certd/certd/commit/c9668965226af6b54e0e576931dcba8b3d188ef3))
## [1.39.13](https://github.com/certd/certd/compare/v1.39.12...v1.39.13) (2026-05-10)
### Bug Fixes
* **aliyun-access:** 添加阿里云密钥校验失败的错误处理 ([b75c625](https://github.com/certd/certd/commit/b75c625ddcc0b3110699d8e6175681ef157b25df))
* cnameProvider域名支持设置子域名托管 ([7266af1](https://github.com/certd/certd/commit/7266af17491a98338022cfb18cfedfb93ca6ef8f))
* **plugin-aliyun:** 过滤非CAS证书并优化日志信息 ([c4b01da](https://github.com/certd/certd/commit/c4b01da384bc40a241a673ea8bc01ca733c04d83))
### Performance Improvements
* **设置:** 添加首页启用开关配置 ([25ad1e6](https://github.com/certd/certd/commit/25ad1e6f861e43288cc8bd90d4903628e6faec29))
* 新增agents.md ([aa176b0](https://github.com/certd/certd/commit/aa176b081a92837d2d6809d16546a8dfc2e5dd36))
* **用户资料:** 新增手机号邮箱绑定功能 ([e0eb0e2](https://github.com/certd/certd/commit/e0eb0e21f6dae24b639c944f9aba2c90496ab1c0))
* 域名注册过期时间获取再次优化 ([91a1b97](https://github.com/certd/certd/commit/91a1b9755066bf280e194dabf7c3a9f936e2643f))
* **证书流水线:** 添加批量更新证书申请参数功能 ([63be1c1](https://github.com/certd/certd/commit/63be1c1cbd9b09a3b48f26130c296b1cedcca1ac))
* 支持火山云vke ([bb46cb0](https://github.com/certd/certd/commit/bb46cb08f71f6ae921543f7e4a6c5f4e0190556e))
* 重构自动加载模块并优化EAB授权处理 ([4755216](https://github.com/certd/certd/commit/4755216505ad18555a50da9d8008c2207c48df86))
* **domain:** 添加域名过期时间同步进度显示功能 ([9d2937d](https://github.com/certd/certd/commit/9d2937dd4b14ffab73e9b096edd2aa8539811182))
* **plugin-volcengine:** 支持火山引擎VKE部署插件 ([b8a64a6](https://github.com/certd/certd/commit/b8a64a6b5bf3691a47177de42bc49b798e795feb))
## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
### Bug Fixes
* 调整手机版首页标题被挤开的bug ([eab66e2](https://github.com/certd/certd/commit/eab66e2d1988635985745f2d1b227b958969ee00))
* 修复腾讯云clb部署报缺少sslmode参数的bug ([2f1ad72](https://github.com/certd/certd/commit/2f1ad7201f5ed9e00368a28b9e40907d4b415852))
### Performance Improvements
* 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
* 阿里云证书订单支持获取2.0的订单 ([64b3184](https://github.com/certd/certd/commit/64b3184b286fee996002d857b0de588452abdadd))
* 优化流水线执行时的状态保存性能 ([e00830b](https://github.com/certd/certd/commit/e00830bebcfe6344499e490bc174de96f9fb22d6))
* 增加权威NS检查开关,某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/certd/certd/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
* 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
### Bug Fixes
* 修复列表页面底部滚动条与表格之间有空白间隙的bug ([71cfcad](https://github.com/certd/certd/commit/71cfcad2a15aac0badd85a10c4012a1e713654d1))
* 修复流水线未编辑模式下也提示未保存的bug ([64a3503](https://github.com/certd/certd/commit/64a350364d820725b5e69d22ac2416809092f97d))
* 修复商业版设置了公共eab,创建流水线仍然会显示需要配置eab的bug ([24dff05](https://github.com/certd/certd/commit/24dff05f6427dadec1e40350214c0167e1d6a73d))
* 修复站点监控某些情况下获取不到证书的bug ([a2bbc7e](https://github.com/certd/certd/commit/a2bbc7e27298821d75a36abac6ec05d86dcf51f4))
### Performance Improvements
* 支持google dns插件 ([edc7bfc](https://github.com/certd/certd/commit/edc7bfc23043c2c6ef5f3564392f8aac6661c4bf))
* 阿里云waf支持云产品接入方式应用的证书部署 ([2f7514a](https://github.com/certd/certd/commit/2f7514a2e7d89a34f833401a983149e667da911b))
* 模版创建流水线支持随机时间 ([575415b](https://github.com/certd/certd/commit/575415b93a3e10e1c6e5644f71ddc711ea6f8adc))
* 商业版支持配置证书申请插件参数 ([7ac789c](https://github.com/certd/certd/commit/7ac789c9c7e91cdf08dfdae1bb49186552e370e3))
* 添加全新的未登录首页和路由配置 ([d1988dc](https://github.com/certd/certd/commit/d1988dc982440472ecf61847ccad76e4c96a80fb))
* 添加Azure DNS插件支持及文档 ([1f1d687](https://github.com/certd/certd/commit/1f1d6873172d71fadaa5a0005e1d6f3f528096fc))
* 添加HiPMDnsmgr DNS提供商的支持 @WUHINS ([296dcab](https://github.com/certd/certd/commit/296dcab4c7c26cb3f9da1ff748cc6a6b7d83edda))
* 为DNS解析器添加超时配置,避免查询时间过长 ([cc5154e](https://github.com/certd/certd/commit/cc5154e04e87f648111119b4eeb4e3cb4dd6cc41))
* 优化权威域名服务器查询超时时长 ([77db5ec](https://github.com/certd/certd/commit/77db5ecd12c51293e4de178e43ca0067bc70b46d))
* 支持部署到nginx-proxy-manager ([2e6e9ed](https://github.com/certd/certd/commit/2e6e9ed9255bcf178edb0eb00d93a7f13c214430))
* 支持一键安装脚本 ([dc969dd](https://github.com/certd/certd/commit/dc969dd7edb6934a29d6657afefe6f8af056741c))
* 支持主动修改绑定url地址 ([11b7cfe](https://github.com/certd/certd/commit/11b7cfe5cb7e88e6ebd68d53acb4e5b556550ca9))
* apisix支持v2 ([23b4658](https://github.com/certd/certd/commit/23b465867244b199bab9b61863a5ca43644834a9))
* **technitium:** 添加Technitium DNS Server插件支持 ([edeb817](https://github.com/certd/certd/commit/edeb817c39597e4fa73a17ff4ca3f712f0320fec))
## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
### Bug Fixes
+8
View File
@@ -39,13 +39,21 @@ pnpm install
pnpm init
```
### lib包编译:
将packages下面依赖的包都编译一遍,并监听改动。
```shell
pnpm dev
```
### 启动 server:
启动server
```shell
cd packages/ui/certd-server
pnpm dev
```
### 启动 client:
启动前端
```shell
cd packages/ui/certd-client
pnpm dev
+16 -10
View File
@@ -16,16 +16,22 @@
****------------------****
## 专业版特权对比
| 功能&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; | 免费版 | 专业版 |
|---------|---------------------------------------|--------------------------------|
| 证书申请 | 无限制 | 无限制 |
| 证书域名数量 | 无限制 | 无限制 |
| 证书流水线条数 | 无限制 | 无限制 |
| 自动部署插件 | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖、威联通、proxmox等 |
| 通知 | 邮件通知、自定义webhook | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
| 站点监控 | 限制1条 | 无限制 |
| 批量操作 | 无 | 流水线模版,流水线复制,批量运行,批量设置通知、定时等 |
| VIP群 | 无 | 可加,一对一技术支持,必要时可申请远程协助 |
| 功能&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; | 免费版 | 专业版 | 商业版 |
|---------|---------------------------------------|--------------------------------|---------------------------------|
| 证书申请 | 无限制 | 无限制 | 无限制 |
| 证书域名数量 | 无限制 | 无限制 | 无限制 |
| 证书流水线条数 | 无限制 | 无限制 | 无限制 |
| 自动部署插件 | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖、威联通、proxmox等 | 同专业版 |
| 通知 | 邮件通知、自定义webhook | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 | 同专业版 |
| 站点监控 | 限制1条 | 无限制 | 无限制 |
| 批量操作 | 无 | 流水线模版,流水线复制,批量运行,批量设置通知、定时等 | 同专业版 |
| VIP群 | 无 | 可加,一对一技术支持,必要时可申请远程协助 | 商业版技术支持 |
| 站点个性化 | 无 | 无 | 可自定义站点名称、Logo等,移除Certd元素,首页警告等 |
| 套餐功能 | 无 | 无 | 支持配置套餐供用户购买 |
| 数据统计 | 无 | 无 | 支持站点各类统计数据 |
| 插件管理 | 无 | 无 | 支持公共EAB设置,插件选项配置 |
| 是否可商用 | 不允许 | 不允许 | 可对外运营 |
## 专业版激活方式
+60
View File
@@ -0,0 +1,60 @@
## 自动升级配置
### 1. 方法一:使用watchtower监控自动升级【推荐】
1. 修改docker-compose.yaml文件增加如下配置
或 [下载完整的自动升级docker-compose.yaml配置](https://gitee.com/certd/certd/raw/v2/docker/auto/docker-compose.yaml)
```yaml
services:
certd:
# 镜像 # ↓↓↓↓↓ ---- 镜像版本号 这里要保持为latest
image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
... # 这里是你原来的docker-compose.yaml配置
# ↓↓↓↓ --------------------------------------------------------- 增加一个标签,表示certd需要自动升级
labels:
com.centurylinklabs.watchtower.enable: "true"
# ↓↓↓↓ --------------------------------------------------------- 自动升级watchtower配置,注意:上面certd的版本号要保持为latest
certd-updater: # 添加 Watchtower 服务
image: containrrr/watchtower:latest
container_name: certd-updater
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# 配置 自动更新
environment:
- WATCHTOWER_CLEANUP=true # 自动清理旧版本容器
- WATCHTOWER_INCLUDE_STOPPED=false # 不更新已停止的容器
- WATCHTOWER_LABEL_ENABLE=true # 根据容器标签进行更新
- WATCHTOWER_POLL_INTERVAL=600 # 每 10 分钟检查一次更新
```
2. 重启certd容器
```shell
cd certd
docker compose down
docker compose up -d
```
### 2. 方法二:使用Certd版本监控功能【不太稳定】
1. 选择Github-检查Release版本插件
![](./images/github-release.png)
按如下图填写配置
![](./images/github-release-2.png)
2. 检测到新版本后执行宿主机升级命令:
```shell
# 拉取最新镜像
docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
# 升级容器命令, 替换成你自己的certd更新命令
export RESTART_CERT='sleep 10; cd ~/deploy/certd/ ; docker compose down; docker compose up -d'
# 构造一个脚本10s后在后台执行,避免容器销毁时执行太快,导致流水线任务无法结束
nohup sh -c '$RESTART_CERT' >/dev/null 2>&1 & echo '10秒后重启' && exit
```
-48
View File
@@ -22,51 +22,3 @@
可以查看最新版本号,以及所有版本的更新日志
[CHANGELOG](../changelogs/CHANGELOG.md)
## 自动升级配置
### 1. 方法一:使用watchtower监控
修改docker-compose.yaml文件增加如下配置, 使用watchtower监控自动升级
```yaml
services:
certd:
...
labels:
com.centurylinklabs.watchtower.enable: "true"
# ↓↓↓↓ --------------------------------------------------------- 自动升级,上面certd的版本号要保持为latest
certd-updater: # 添加 Watchtower 服务
image: containrrr/watchtower:latest
container_name: certd-updater
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# 配置 自动更新
environment:
- WATCHTOWER_CLEANUP=true # 自动清理旧版本容器
- WATCHTOWER_INCLUDE_STOPPED=false # 不更新已停止的容器
- WATCHTOWER_LABEL_ENABLE=true # 根据容器标签进行更新
- WATCHTOWER_POLL_INTERVAL=600 # 每 10 分钟检查一次更新
```
### 2. 方法二:使用Certd版本监控功能
选择Github-检查Release版本插件
![](./images/github-release.png)
按如下图填写配置
![](./images/github-release-2.png)
检测到新版本后执行宿主机升级命令:
```shell
# 拉取最新镜像
docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
# 升级容器命令, 替换成你自己的certd更新命令
export RESTART_CERT='sleep 10; cd ~/deploy/certd/ ; docker compose down; docker compose up -d'
# 构造一个脚本10s后在后台执行,避免容器销毁时执行太快,导致流水线任务无法结束
nohup sh -c '$RESTART_CERT' >/dev/null 2>&1 & echo '10秒后重启' && exit
```
+13 -11
View File
@@ -1,12 +1,12 @@
# 任务插件
`131` 款任务插件
`132` 款任务插件
## 1. 证书申请
| 序号 | 名称 | 说明 |
|-----|-----|-----|
| 1.| **证书申请(JS版)** | 免费通配符域名证书申请,支持多个域名打到同一个证书上 |
| 2.| **已有证书托管** | 手动上传自定义证书后,自动部署(每次证书有更新,都需要手动上传一次) |
| 3.| **获取阿里云订阅证书** | 从阿里云拉取订阅模式的商用证书 |
| 3.| **获取阿里云订阅证书** | 从阿里云拉取订阅模式的商用证书(支持 API 1.0 和 2.0 |
| 4.| **证书申请(Lego** | 支持海量DNS解析提供商,推荐使用,一样的免费通配符域名证书申请,支持多个域名打到同一个证书上 |
## 2. 主机
@@ -93,13 +93,14 @@
| 9.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速),自动删除过期证书 |
| 10.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算(FC3.0) |
| 11.| **阿里云-部署至GA** | 部署证书到阿里云GA(全球加速),支持更新默认证书和扩展证书 |
| 12.| **阿里云-部署至NLB(网络负载均衡)** | NLB,网络负载均衡,更新监听器的默认证书 |
| 13.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名,不是上传到阿里云oss |
| 14.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) |
| 15.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播(vod |
| 16.| **阿里云-部署至阿里云WAF(云产品接入)** | 部署证书到阿里云WAF(云产品接入),CNAME方式接入的请选择另外一个waf插件 |
| 17.| **阿里云-部署至阿里云WAF(cname接入)** | 部署证书到阿里云WAF(cname接入),云资源的请选择另外一个waf插件 |
| 18.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务(CAS),如果不想在阿里云上同一份证书上传多次,可以把此任务作为前置任务,其他阿里云任务证书那一项选择此任务的输出 |
| 12.| **阿里云-部署至直播(Live** | 部署证书到阿里云视频直播(Live)域名 |
| 13.| **阿里云-部署至NLB(网络负载均衡)** | NLB,网络负载均衡,更新监听器的默认证书 |
| 14.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名,不是上传到阿里云oss |
| 15.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) |
| 16.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播(vod |
| 17.| **阿里云-部署至阿里云WAF(云产品接入)** | 部署证书到阿里云WAF(云产品接入)CNAME方式接入的请选择另外一个waf插件 |
| 18.| **阿里云-部署至阿里云WAF(cname接入)** | 部署证书到阿里云WAF(cname接入),云资源的请选择另外一个waf插件 |
| 19.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务(CAS),如果不想在阿里云上同一份证书上传多次,可以把此任务作为前置任务,其他阿里云任务证书那一项选择此任务的输出 |
## 6. 华为云
| 序号 | 名称 | 说明 |
@@ -134,8 +135,9 @@
| 4.| **火山引擎-部署证书至DCDN** | 部署至火山引擎全站加速 |
| 5.| **火山引擎-部署证书至Live** | 部署至火山引擎视频直播 |
| 6.| **火山引擎-部署证书至TOS自定义域名** | 仅限TOS自定义域名,加速域名请选择火山引擎的CDN插件 |
| 7.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播 |
| 8.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 |
| 7.| **火山引擎-替换VKE证书** | 替换火山引擎VKE集群中的TLS Secret证书 |
| 8.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播 |
| 9.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 |
## 9. 京东云
| 序号 | 名称 | 说明 |
+4 -1
View File
@@ -59,4 +59,7 @@ DNS problem: NXDOMAIN looking up TXT for _acme-challenge.xxxxx - check that a D
证书颁发机构向域名ns查询TXT验证记录失败,有以下几种可能
1、域名的ns服务器修改成别的了,但申请证书时的DNS提供商选择错误(检查确认,配置正确的DNS提供商)
2、证书颁发机构与ns域名服务器之间访问不通,无法查询到TXT记录(尝试更换证书颁发机构)
3、ns服务商解析值生效慢(尝试修改证书申请任务里面的等待生效时长600-1000s)
3、ns服务商解析值生效慢(尝试修改证书申请任务里面的等待生效时长600-1000s)
## 8. 同一份证书上传多次的问题
同一份证书在阿里云、腾讯云中上传多次,[请使用证书复用功能](../use/pretask/index.md),避免重复上传。
Binary file not shown.

Before

Width:  |  Height:  |  Size: 44 KiB

After

Width:  |  Height:  |  Size: 92 KiB

+7 -5
View File
@@ -2,13 +2,13 @@
## 腾讯企业邮箱配置
1. 开启smtp
1. 开启smtp
![](./images/qq-3.png)
2. 获取授权码作为密码
2. 获取授权码作为密码
![](./images/qq-1.png)
![](./images/qq-2.png)
3. 填写域名、端口和密码
![](./images/qq-0.png)
3. 填写域名、端口和密码
![](./images/qq-0.png)
## QQ邮箱配置
1. smtp配置
@@ -19,5 +19,7 @@ smtp端口: 465
是否SSL: 是
```
2. 获取授权码
2. 获取授权码
登录qq邮箱,点击账号与安全
![](./images/qq-11.png)
+3 -3
View File
@@ -1,13 +1,13 @@
# 带输出的前置任务
# 证书复用
前置任务输出可以在后续任务中使用
比如上传证书到阿里云,会返回阿里云的CertId,之后其他阿里云的部署任务可以选择复用这个证书
## 复用证书
## 使用方法
![img.png](images/pretask1.png)
在后续任务中可以选择前置任务的输出
![img.png](images/pretask2.png)
![img.png](images/pretask2.png)
+1 -1
View File
@@ -9,5 +9,5 @@
}
},
"npmClient": "pnpm",
"version": "1.39.11"
"version": "1.40.5"
}
+6 -3
View File
@@ -9,6 +9,7 @@
"@lerna-lite/run": "^3.9.3",
"@lerna-lite/version": "^3.9.3",
"axios": "^1.9.0",
"cross-env": "^7.0.3",
"medium-zoom": "^1.1.0",
"vitepress": "^2.0.0-alpha.4",
"vitepress-plugin-lightbox": "^1.0.2"
@@ -19,14 +20,15 @@
"devb": "lerna run dev-build",
"i-all": "lerna link && lerna exec npm install ",
"publish": "pnpm run prepublishOnly2 && lerna publish --force-publish=pro/plus-core --conventional-commits && pnpm run afterpublishOnly ",
"publish2":" npm run pub_all && pnpm run afterpublishOnly",
"afterpublishOnly": "pnpm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && pnpm run commitAll",
"transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
"plugin-doc-gen": "cd ./packages/ui/certd-server/ && pnpm run export-metadata",
"commitAll": "git add . && git commit -m \"build: publish\" && git push && pnpm run commitPro",
"commitPro": "cd ./packages/pro/ && git add . && git commit -m \"build: publish\" && git push",
"copylogs": "copyfiles \"CHANGELOG.md\" ./docs/guide/changelogs/",
"prepublishOnly1": "pnpm run check && lerna run build ",
"prepublishOnly2": "pnpm run check && pnpm run before-build && lerna run build && pnpm run plugin-doc-gen",
"prepublishOnly1": "pnpm run test:unit && pnpm run check && lerna run build ",
"prepublishOnly2": "pnpm run test:unit && pnpm run check && pnpm run before-build && lerna run build && pnpm run plugin-doc-gen",
"before-build": "pnpm run transform-sql && cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
"deploy1": "node --experimental-json-modules ./scripts/deploy.js ",
"check": "node --experimental-json-modules ./scripts/publish-check.js",
@@ -35,9 +37,10 @@
"docs:dev": "vitepress dev docs",
"docs:build": "pnpm run copylogs && vitepress build docs",
"docs:preview": "vitepress preview docs",
"test:unit": "cross-env NODE_ENV=unittest pnpm -r --workspace-concurrency=1 run test:unit",
"pub": "echo 1",
"dev": "pnpm run -r --parallel compile ",
"pub_all":"pnpm run -r --parallel pub ",
"pub_all": "node ./scripts/pub-all.js",
"release": "time /t >trigger/release.trigger && git add trigger/release.trigger && git commit -m \"build: release\" && git push",
"publish_to_atomgit": "node --experimental-json-modules ./scripts/publish-atomgit.js",
"publish_to_gitee": "node --experimental-json-modules ./scripts/publish-gitee.js",
+12
View File
@@ -1,4 +1,13 @@
{
"parser": "@typescript-eslint/parser",
"parserOptions": {
"ecmaVersion": 2022,
"sourceType": "module"
},
"ignorePatterns": [
"dist",
"node_modules"
],
"extends": [
"plugin:prettier/recommended",
"prettier"
@@ -7,9 +16,12 @@
"eslint-plugin-import"
],
"env": {
"node": true,
"es2022": true,
"mocha": true
},
"rules": {
"prettier/prettier": "off",
"@typescript-eslint/no-var-requires": "off",
"@typescript-eslint/ban-ts-comment": "off",
"@typescript-eslint/ban-ts-ignore": "off",
+5
View File
@@ -4,3 +4,8 @@ node_modules/
npm-debug.log
package-lock.json
/.idea/
/dist/
/dist-test/
/logs/
/tsconfig.tsbuildinfo
/tsconfig.test.tsbuildinfo
+52
View File
@@ -3,6 +3,58 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.40.5](https://github.com/publishlab/node-acme-client/compare/v1.40.4...v1.40.5) (2026-05-26)
### Bug Fixes
* 修复阿里云证书订单orderid 选择出错的问题 ([af9047b](https://github.com/publishlab/node-acme-client/commit/af9047bf3c54ce71b11727ccc6220288ed1f57be))
## [1.40.4](https://github.com/publishlab/node-acme-client/compare/v1.40.3...v1.40.4) (2026-05-24)
**Note:** Version bump only for package @certd/acme-client
## [1.40.3](https://github.com/publishlab/node-acme-client/compare/v1.40.2...v1.40.3) (2026-05-21)
**Note:** Version bump only for package @certd/acme-client
## [1.40.2](https://github.com/publishlab/node-acme-client/compare/v1.40.1...v1.40.2) (2026-05-19)
**Note:** Version bump only for package @certd/acme-client
## [1.40.1](https://github.com/publishlab/node-acme-client/compare/v1.40.0...v1.40.1) (2026-05-18)
**Note:** Version bump only for package @certd/acme-client
# [1.40.0](https://github.com/publishlab/node-acme-client/compare/v1.39.16...v1.40.0) (2026-05-14)
**Note:** Version bump only for package @certd/acme-client
## [1.39.16](https://github.com/publishlab/node-acme-client/compare/v1.39.15...v1.39.16) (2026-05-13)
**Note:** Version bump only for package @certd/acme-client
## [1.39.15](https://github.com/publishlab/node-acme-client/compare/v1.39.14...v1.39.15) (2026-05-13)
### Performance Improvements
* 优化申请时报错日志增加对应域名打印 ([d6e9e59](https://github.com/publishlab/node-acme-client/commit/d6e9e5987bd52ea12ee18745615486eadd4c87ff))
## [1.39.14](https://github.com/publishlab/node-acme-client/compare/v1.39.13...v1.39.14) (2026-05-11)
**Note:** Version bump only for package @certd/acme-client
## [1.39.13](https://github.com/publishlab/node-acme-client/compare/v1.39.12...v1.39.13) (2026-05-10)
### Performance Improvements
* 重构自动加载模块并优化EAB授权处理 ([4755216](https://github.com/publishlab/node-acme-client/commit/4755216505ad18555a50da9d8008c2207c48df86))
## [1.39.12](https://github.com/publishlab/node-acme-client/compare/v1.39.11...v1.39.12) (2026-04-29)
### Performance Improvements
* 增加权威NS检查开关,某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/publishlab/node-acme-client/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
## [1.39.11](https://github.com/publishlab/node-acme-client/compare/v1.39.10...v1.39.11) (2026-04-26)
### Performance Improvements
+18 -12
View File
@@ -3,22 +3,22 @@
"description": "Simple and unopinionated ACME client",
"private": false,
"author": "nmorsman",
"version": "1.39.11",
"version": "1.40.5",
"type": "module",
"module": "scr/index.js",
"main": "src/index.js",
"types": "types/index.d.ts",
"module": "./dist/index.js",
"main": "./dist/index.js",
"types": "./dist/index.d.ts",
"license": "MIT",
"homepage": "https://github.com/publishlab/node-acme-client",
"engines": {
"node": ">= 18"
},
"files": [
"src",
"dist",
"types"
],
"dependencies": {
"@certd/basic": "^1.39.11",
"@certd/basic": "^1.40.5",
"@peculiar/x509": "^1.11.0",
"asn1js": "^3.0.5",
"axios": "^1.9.0",
@@ -35,10 +35,12 @@
"@typescript-eslint/parser": "^8.26.1",
"chai": "^4.4.1",
"chai-as-promised": "^7.1.2",
"cross-env": "^7.0.3",
"eslint": "^8.57.0",
"eslint-config-prettier": "^8.5.0",
"eslint-plugin-import": "^2.29.1",
"eslint-plugin-prettier": "^4.2.1",
"esmock": "^2.7.5",
"jsdoc-to-markdown": "^8.0.1",
"mocha": "^10.6.0",
"nock": "^13.5.4",
@@ -47,13 +49,17 @@
"typescript": "^5.4.2"
},
"scripts": {
"build-docs": "jsdoc2md src/client.js > docs/client.md && jsdoc2md src/crypto/index.js > docs/crypto.md && jsdoc2md src/crypto/forge.js > docs/forge.md",
"lint": "eslint .",
"lint-types": "tsd",
"prepublishOnly": "npm run build-docs",
"before-build": "node -e \"const fs=require('fs');fs.rmSync('dist',{recursive:true,force:true});fs.rmSync('tsconfig.tsbuildinfo',{force:true});\"",
"build": "npm run before-build && tsc -p tsconfig.build.json --skipLibCheck",
"build-docs": "jsdoc2md dist/client.js > docs/client.md && jsdoc2md dist/crypto/index.js > docs/crypto.md && jsdoc2md dist/crypto/forge.js > docs/forge.md",
"lint": "eslint \"src/**/*.ts\" \"types/**/*.ts\"",
"lint-types": "tsd --files \"types/index.test-d.ts\"",
"prepublishOnly": "npm run build && npm run build-docs",
"test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\"",
"before-test:unit": "node -e \"const fs=require('fs');fs.rmSync('dist-test',{recursive:true,force:true});fs.rmSync('tsconfig.test.tsbuildinfo',{force:true});\"",
"test:unit": "cross-env NODE_ENV=unittest npm run before-test:unit && cross-env NODE_ENV=unittest tsc -p tsconfig.test.json --skipLibCheck && cross-env NODE_ENV=unittest mocha -t 60000 \"dist-test/**/*.test.js\"",
"pub": "npm publish",
"compile": "echo '1'"
"compile": "tsc --skipLibCheck --watch"
},
"repository": {
"type": "git",
@@ -70,5 +76,5 @@
"bugs": {
"url": "https://github.com/publishlab/node-acme-client/issues"
},
"gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
"gitHead": "7ceb0f6306b8b5e9ab875b9f7c41cc7d56209ea4"
}
@@ -1,3 +1,4 @@
// @ts-nocheck
/**
* ACME API client
*/
@@ -1,3 +1,4 @@
// @ts-nocheck
/**
* ACME auto helper
*/
@@ -166,6 +167,7 @@ export default async (client, userOpts) => {
await client.completeChallenge(challenge);
}catch (e) {
await deactivateAuth(e);
e.message = `[${d}] ${e.message || "completeChallenge error"}`;
throw e;
}
challengeCompleted = true;
@@ -177,6 +179,7 @@ export default async (client, userOpts) => {
} catch (e) {
log(`[auto] [${d}] challengeCreateFn threw error: ${e.message || e}`);
await deactivateAuth(e);
e.message = `[${d}] ${e.message || "challengeCreateFn error"}`;
throw e;
}
@@ -1,3 +1,4 @@
// @ts-nocheck
/**
* Axios instance
*/
@@ -1,3 +1,4 @@
// @ts-nocheck
/**
* ACME client
*
@@ -466,6 +467,10 @@ class AcmeClient {
return createHash('sha256').update(result).digest('base64url');
}
if (challenge.type === 'dns-persist-01') {
return '';
}
/* https://datatracker.ietf.org/doc/html/rfc8737 */
if (challenge.type === 'tls-alpn-01') {
return result;
@@ -494,7 +499,7 @@ class AcmeClient {
throw new Error('Unable to verify ACME challenge, URL not found');
}
const {challenges} = createChallengeFn({logger:this.logger});
const {challenges} = createChallengeFn({logger:this.logger,walkFromAuthoritative: this.opts.walkFromAuthoritative});
const verify = challenges
if (typeof verify[challenge.type] === 'undefined') {
@@ -570,7 +575,7 @@ class AcmeClient {
* ```
*/
async waitForValidStatus(item,d) {
async waitForValidStatus(item, d?) {
if (!item.url) {
throw new Error(`[${d}] Unable to verify status of item, URL not found`);
}
@@ -1,3 +1,4 @@
// @ts-nocheck
/**
* Legacy node-forge crypto interface
*
@@ -112,7 +113,7 @@ function parseDomains(obj) {
* ```
*/
export async function createPrivateKey(size = 2048) {
export async function createPrivateKey(size = 2048): Promise<Buffer> {
const keyPair = await generateKeyPair({ bits: size });
const pemKey = forge.pki.privateKeyToPem(keyPair.privateKey);
return Buffer.from(pemKey);
@@ -131,7 +132,7 @@ export async function createPrivateKey(size = 2048) {
* ```
*/
export const createPublicKey = async (key) => {
export const createPublicKey = async (key): Promise<Buffer> => {
const privateKey = forge.pki.privateKeyFromPem(key);
const publicKey = forge.pki.rsa.setPublicKey(privateKey.n, privateKey.e);
const pemKey = forge.pki.publicKeyToPem(publicKey);
@@ -174,7 +175,7 @@ export const splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode
* ```
*/
export const getModulus = async (input) => {
export const getModulus = async (input): Promise<Buffer> => {
if (!Buffer.isBuffer(input)) {
input = Buffer.from(input);
}
@@ -197,7 +198,7 @@ export const getModulus = async (input) => {
* ```
*/
export const getPublicExponent = async (input) => {
export const getPublicExponent = async (input): Promise<Buffer> => {
if (!Buffer.isBuffer(input)) {
input = Buffer.from(input);
}
@@ -1,3 +1,4 @@
// @ts-nocheck
/**
* Native Node.js crypto interface
*
@@ -67,7 +68,7 @@ function getKeyInfo(keyPem) {
* ```
*/
export async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
export async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8'): Promise<Buffer> {
const pair = await generateKeyPair('rsa', {
modulusLength,
privateKeyEncoding: {
@@ -105,7 +106,7 @@ export const createPrivateKey = createPrivateRsaKey;
* ```
*/
export const createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
export const createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8'): Promise<Buffer> => {
const pair = await generateKeyPair('ec', {
namedCurve,
privateKeyEncoding: {
@@ -129,7 +130,7 @@ export const createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType =
* ```
*/
export const getPublicKey = (keyPem) => {
export const getPublicKey = (keyPem): Buffer => {
const info = getKeyInfo(keyPem);
const publicKey = info.publicKey.export({
@@ -1,3 +1,4 @@
// @ts-nocheck
export class CancelError extends Error {
constructor(message) {
super(message);
@@ -1,3 +1,4 @@
// @ts-nocheck
/**
* ACME HTTP client
*/
@@ -0,0 +1,19 @@
import assert from "node:assert/strict";
import { directory, getAllSslProviderDomains, getDirectoryUrl } from "./index.js";
declare const describe: any;
declare const it: any;
describe("directory helpers", () => {
it("selects the provider specific directory endpoint", () => {
assert.equal(getDirectoryUrl({ sslProvider: "sslcom", pkType: "ec" }), directory.sslcom.ec);
assert.equal(getDirectoryUrl({ sslProvider: "letsencrypt", pkType: "rsa" }), directory.letsencrypt.production);
});
it("includes configured provider domains", () => {
const domains = getAllSslProviderDomains();
assert.ok(domains.includes("acme.litessl.com"));
assert.ok(domains.includes("acme.ssl.com"));
});
});
@@ -1,8 +1,9 @@
// @ts-nocheck
/**
* acme-client
*/
import AcmeClinet from './client.js'
export const Client = AcmeClinet
export { default as Client } from './client.js'
export type * from './types.js'
/**
* Directory URLs
@@ -103,4 +104,4 @@ export * from './logger.js'
export * from './verify.js'
export * from './error.js'
export * from './util.js'
export * from './util.js'
@@ -1,3 +1,4 @@
// @ts-nocheck
/**
* ACME logger
*/
+127
View File
@@ -0,0 +1,127 @@
/**
* Account
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.2
* https://datatracker.ietf.org/doc/html/rfc8555#section-7.3
* https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.2
*/
export interface Account {
status: "valid" | "deactivated" | "revoked";
orders: string;
contact?: string[];
termsOfServiceAgreed?: boolean;
externalAccountBinding?: object;
}
export interface AccountCreateRequest {
contact?: string[];
termsOfServiceAgreed?: boolean;
onlyReturnExisting?: boolean;
externalAccountBinding?: object;
}
export interface AccountUpdateRequest {
status?: string;
contact?: string[];
termsOfServiceAgreed?: boolean;
}
/**
* Order
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.3
* https://datatracker.ietf.org/doc/html/rfc8555#section-7.4
*/
export interface Order {
status: "pending" | "ready" | "processing" | "valid" | "invalid";
identifiers: Identifier[];
authorizations: string[];
finalize: string;
expires?: string;
notBefore?: string;
notAfter?: string;
error?: object;
certificate?: string;
}
export interface OrderCreateRequest {
identifiers: Identifier[];
notBefore?: string;
notAfter?: string;
}
/**
* Authorization
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.4
*/
export interface Authorization {
identifier: Identifier;
status: "pending" | "valid" | "invalid" | "deactivated" | "expired" | "revoked";
challenges: Challenge[];
expires?: string;
wildcard?: boolean;
}
export interface Identifier {
type: string;
value: string;
}
/**
* Challenge
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-8
* https://datatracker.ietf.org/doc/html/rfc8555#section-8.3
* https://datatracker.ietf.org/doc/html/rfc8555#section-8.4
*/
export interface ChallengeAbstract {
type: string;
url: string;
status: "pending" | "processing" | "valid" | "invalid";
validated?: string;
error?: object;
}
export interface HttpChallenge extends ChallengeAbstract {
type: "http-01";
token: string;
}
export interface DnsChallenge extends ChallengeAbstract {
type: "dns-01";
token: string;
}
export interface DnsPersistChallenge extends ChallengeAbstract {
type: "dns-persist-01";
}
export type Challenge = HttpChallenge | DnsChallenge | DnsPersistChallenge;
/**
* Certificate
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-7.6
*/
export enum CertificateRevocationReason {
Unspecified = 0,
KeyCompromise = 1,
CACompromise = 2,
AffiliationChanged = 3,
Superseded = 4,
CessationOfOperation = 5,
CertificateHold = 6,
RemoveFromCRL = 8,
PrivilegeWithdrawn = 9,
AACompromise = 10,
}
export interface CertificateRevocationRequest {
reason?: CertificateRevocationReason;
}
+131
View File
@@ -0,0 +1,131 @@
import type * as rfc8555 from "./rfc8555.js";
import type { Challenge } from "./rfc8555.js";
export type * from "./rfc8555.js";
export type PrivateKeyBuffer = Buffer;
export type PublicKeyBuffer = Buffer;
export type CertificateBuffer = Buffer;
export type CsrBuffer = Buffer;
export type PrivateKeyString = string;
export type PublicKeyString = string;
export type CertificateString = string;
export type CsrString = string;
export interface Order extends rfc8555.Order {
url: string;
}
export interface Authorization extends rfc8555.Authorization {
url: string;
}
export type UrlMapping = {
enabled: boolean;
mappings: Record<string, string>;
};
export interface ClientExternalAccountBindingOptions {
kid: string;
hmacKey: string;
}
export interface ClientOptions {
sslProvider: string;
directoryUrl: string;
accountKey: PrivateKeyBuffer | PrivateKeyString;
accountUrl?: string;
externalAccountBinding?: ClientExternalAccountBindingOptions;
backoffAttempts?: number;
backoffMin?: number;
backoffMax?: number;
urlMapping?: UrlMapping;
signal?: AbortSignal;
logger?: any;
}
export interface ClientAutoOptions {
csr: CsrBuffer | CsrString;
challengeCreateFn: (
authz: Authorization,
keyAuthorization: (challenge: Challenge) => Promise<string>
) => Promise<{ recordReq?: any; recordRes?: any; dnsProvider?: any; challenge: Challenge; keyAuthorization: string }>;
challengeRemoveFn: (authz: Authorization, challenge: Challenge, keyAuthorization: string, recordReq: any, recordRes: any, dnsProvider: any, httpUploader: any) => Promise<any>;
email?: string;
termsOfServiceAgreed?: boolean;
skipChallengeVerification?: boolean;
challengePriority?: string[];
preferredChain?: string;
signal?: AbortSignal;
profile?: string;
waitDnsDiffuseTime?: number;
}
export interface CertificateDomains {
commonName: string;
altNames: string[];
}
export interface CertificateIssuer {
commonName: string;
}
export interface CertificateInfo {
issuer: CertificateIssuer;
domains: CertificateDomains;
notAfter: Date;
notBefore: Date;
}
export interface CsrOptions {
keySize?: number;
commonName?: string;
altNames?: string[];
country?: string;
state?: string;
locality?: string;
organization?: string;
organizationUnit?: string;
emailAddress?: string;
}
export interface RsaPublicJwk {
e: string;
kty: string;
n: string;
}
export interface EcdsaPublicJwk {
crv: string;
kty: string;
x: string;
y: string;
}
export interface CryptoInterface {
createPrivateKey(keySize?: number, encodingType?: string): Promise<PrivateKeyBuffer>;
createPrivateRsaKey(keySize?: number, encodingType?: string): Promise<PrivateKeyBuffer>;
createPrivateEcdsaKey(namedCurve?: "P-256" | "P-384" | "P-521", encodingType?: string): Promise<PrivateKeyBuffer>;
getPublicKey(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): PublicKeyBuffer;
getJwk(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): RsaPublicJwk | EcdsaPublicJwk;
splitPemChain(chainPem: CertificateBuffer | CertificateString): string[];
getPemBodyAsB64u(pem: CertificateBuffer | CertificateString): string;
readCsrDomains(csrPem: CsrBuffer | CsrString): CertificateDomains;
readCertificateInfo(certPem: CertificateBuffer | CertificateString): CertificateInfo;
createCsr(data: CsrOptions, keyPem?: PrivateKeyBuffer | PrivateKeyString, encodingType?: string): Promise<[PrivateKeyBuffer, CsrBuffer]>;
createAlpnCertificate(authz: Authorization, keyAuthorization: string, keyPem?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CertificateBuffer]>;
isAlpnCertificateAuthorizationValid(certPem: CertificateBuffer | CertificateString, keyAuthorization: string): boolean;
}
export interface CryptoLegacyInterface {
createPrivateKey(size?: number): Promise<PrivateKeyBuffer>;
createPublicKey(key: PrivateKeyBuffer | PrivateKeyString): Promise<PublicKeyBuffer>;
getPemBody(str: string): string;
splitPemChain(str: string): string[];
getModulus(input: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString | CertificateBuffer | CertificateString | CsrBuffer | CsrString): Promise<Buffer>;
getPublicExponent(input: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString | CertificateBuffer | CertificateString | CsrBuffer | CsrString): Promise<Buffer>;
readCsrDomains(csr: CsrBuffer | CsrString): Promise<CertificateDomains>;
readCertificateInfo(cert: CertificateBuffer | CertificateString): Promise<CertificateInfo>;
createCsr(data: CsrOptions, key?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CsrBuffer]>;
}
@@ -0,0 +1,58 @@
import assert from "node:assert/strict";
import { formatResponseError, parseRetryAfterHeader, retry } from "./util.js";
declare const describe: any;
declare const it: any;
describe("util helpers", () => {
it("parses retry-after values", () => {
assert.equal(parseRetryAfterHeader("120"), 120);
assert.equal(parseRetryAfterHeader("invalid"), 0);
assert.equal(parseRetryAfterHeader("Wed, 21 Oct 2015 07:28:00 GMT"), 0);
});
it("formats response errors without newlines", () => {
const error = formatResponseError({
data: {
error: {
detail: "line 1\nline 2",
},
},
});
assert.equal(error, "line 1line 2");
});
it("retries until success", async () => {
const delays: number[] = [];
const originalSetTimeout = globalThis.setTimeout;
let attempts = 0;
(globalThis as any).setTimeout = (fn: (...args: any[]) => void, delay?: number) => {
delays.push(Number(delay));
return originalSetTimeout(fn, 0);
};
try {
const result = await retry(
async () => {
attempts += 1;
if (attempts < 3) {
throw new Error(`boom-${attempts}`);
}
return "ok";
},
{ attempts: 3, min: 10, max: 20 },
() => {}
);
assert.equal(result, "ok");
assert.equal(attempts, 3);
assert.deepEqual(delays, [10, 20]);
} finally {
(globalThis as any).setTimeout = originalSetTimeout;
}
});
});
@@ -1,3 +1,4 @@
// @ts-nocheck
/**
* Utility methods
*/
@@ -252,7 +253,7 @@ async function resolveDomainBySoaRecord(recordName, logger = log) {
async function getAuthoritativeDnsResolver(recordName, logger = log) {
logger(`获取域名${recordName}的权威NS服务器: `);
const resolver = new dns.Resolver({ timeout: 10000,maxTimeout: 60000 });
const resolver = new dns.Resolver({timeout: 2000,tries: 2});
try {
/* Resolve root domain by SOA */
@@ -352,3 +353,5 @@ export {
resolveDomainBySoaRecord
};
-231
View File
@@ -1,231 +0,0 @@
/**
* ACME challenge verification
*/
import dnsSdk from "dns"
import https from 'https'
import {log as defaultLog} from './logger.js'
import axios from './axios.js'
import * as util from './util.js'
import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'
import {utils} from '@certd/basic'
const dns = dnsSdk.promises
export function createChallengeFn(opts = {}){
const logger = opts?.logger || {info:defaultLog,error:defaultLog,warn:defaultLog,debug:defaultLog}
const log = function(...args){
logger.info(...args)
}
/**
* Verify ACME HTTP challenge
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-8.3
*
* @param {object} authz Identifier authorization
* @param {object} challenge Authorization challenge
* @param {string} keyAuthorization Challenge key authorization
* @param {string} [suffix] URL suffix
* @returns {Promise<boolean>}
*/
async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) {
async function doQuery(challengeUrl){
log(`正在测试请求 ${challengeUrl} `)
// const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
// const challengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
/* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
const httpsAgent = new https.Agent({ rejectUnauthorized: false });
log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
let data = ""
try{
const resp = await axios.get(challengeUrl, { httpsAgent });
data = (resp.data || '').replace(/\s+$/, '');
}catch (e) {
log(`[error] HTTP request error from ${authz.identifier.value}`,e.message);
return false
}
if (!data || (data !== keyAuthorization)) {
log(`[error] Authorization not found in HTTP response from ${authz.identifier.value}`);
return false
}
return true
}
const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
let host = authz.identifier.value;
if(utils.domain.isIpv6(host)){
host = `[${host}]`;
}
const challengeUrl = `http://${host}:${httpPort}${suffix}`;
if (!await doQuery(challengeUrl)) {
const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
const httpsChallengeUrl = `https://${host}:${httpsPort}${suffix}`;
const res = await doQuery(httpsChallengeUrl)
if (!res) {
throw new Error(`[error] 验证失败,请检查以上测试url是否可以正常访问`);
}
}
log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
return true;
}
/**
* Walk DNS until TXT records are found
*/
async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
let records = [];
/* Resolve TXT records */
try {
log(`检查域名 ${recordName} 的TXT记录`);
const txtRecords = await resolver.resolveTxt(recordName);
if (txtRecords && txtRecords.length) {
log(`找到 ${txtRecords.length} 条 TXT记录( ${recordName}`);
log(`TXT records: ${JSON.stringify(txtRecords)}`);
records = records.concat(...txtRecords);
}
} catch (e) {
log(`解析 TXT 记录出错, ${recordName} :${e.message}`);
}
/* Resolve CNAME record first */
try {
log(`检查是否存在CNAME映射: ${recordName}`);
const cnameRecords = await resolver.resolveCname(recordName);
if (cnameRecords.length) {
const cnameRecord = cnameRecords[0];
log(`已找到${recordName}的CNAME记录,将检查: ${cnameRecord}`);
let res= await walkTxtRecord(cnameRecord,deep+1);
if (res && res.length) {
log(`从CNAME中找到TXT记录: ${JSON.stringify(res)}`);
records = records.concat(...res);
}
}else{
log(`没有CNAME映射(${recordName}`);
}
} catch (e) {
log(`检查CNAME出错(${recordName} :${e.message}`);
}
return records
}
async function walkTxtRecord(recordName,deep = 0) {
if(deep >5){
log(`walkTxtRecord too deep (#${deep}) , skip walk`)
return []
}
const txtRecords = []
try {
/* Default DNS resolver first */
log('从本地DNS服务器获取TXT解析记录');
const res = await walkDnsChallengeRecord(recordName,dns,deep);
if (res && res.length > 0) {
for (const item of res) {
txtRecords.push(item)
}
}
} catch (e) {
log(`本地获取TXT解析记录失败:${e.message}`)
}
try{
/* Authoritative DNS resolver */
log(`从域名权威服务器获取TXT解析记录`);
const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName,log);
const res = await walkDnsChallengeRecord(recordName, authoritativeResolver,deep);
if (res && res.length > 0) {
for (const item of res) {
txtRecords.push(item)
}
}
}catch (e) {
log(`权威服务器获取TXT解析记录失败:${e.message}`)
}
if (txtRecords.length === 0) {
throw new Error(`没有找到TXT解析记录(${recordName}`);
}
return txtRecords;
}
/**
* Verify ACME DNS challenge
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-8.4
*
* @param {object} authz Identifier authorization
* @param {object} challenge Authorization challenge
* @param {string} keyAuthorization Challenge key authorization
* @param {string} [prefix] DNS prefix
* @returns {Promise<boolean>}
*/
async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
const recordName = `${prefix}${authz.identifier.value}`;
log(`本地校验TXT记录): ${recordName}`);
let recordValues = await walkTxtRecord(recordName);
//去重
recordValues = [...new Set(recordValues)];
log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录:${recordValues}`);
if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
const err = `没有找到需要的DNS TXT记录: ${recordName},期望:${keyAuthorization},结果:${recordValues}`
throw new Error(err);
}
log(`关键授权匹配成功(${challenge.type}/${recordName}:${keyAuthorization},校验成功, ACME challenge verified`);
return true;
}
/**
* Verify ACME TLS ALPN challenge
*
* https://datatracker.ietf.org/doc/html/rfc8737
*
* @param {object} authz Identifier authorization
* @param {object} challenge Authorization challenge
* @param {string} keyAuthorization Challenge key authorization
* @returns {Promise<boolean>}
*/
async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
const tlsAlpnPort = axios.defaults.acmeSettings.tlsAlpnChallengePort || 443;
const host = authz.identifier.value;
log(`Establishing TLS connection with host: ${host}:${tlsAlpnPort}`);
const certificate = await util.retrieveTlsAlpnCertificate(host, tlsAlpnPort);
log('Certificate received from server successfully, matching key authorization in ALPN');
if (!isAlpnCertificateAuthorizationValid(certificate, keyAuthorization)) {
throw new Error(`Authorization not found in certificate from ${authz.identifier.value}`);
}
log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
return true;
}
return {
challenges:{
'http-01': verifyHttpChallenge,
'dns-01': verifyDnsChallenge,
'tls-alpn-01': verifyTlsAlpnChallenge,
},
walkTxtRecord,
}
}
+266
View File
@@ -0,0 +1,266 @@
// @ts-nocheck
/**
* ACME challenge verification
*/
import dnsSdk from "dns"
import https from 'https'
import { log as defaultLog } from './logger.js'
import axios from './axios.js'
import * as util from './util.js'
import { isAlpnCertificateAuthorizationValid } from './crypto/index.js'
import { utils } from '@certd/basic'
const dns = dnsSdk.promises
let walkFromAuthoritative = true
export function setWalkFromAuthoritative(value = true) {
walkFromAuthoritative = value
}
export function createChallengeFn(opts = {}) {
const logger = opts?.logger || { info: defaultLog, error: defaultLog, warn: defaultLog, debug: defaultLog }
const log = function (...args) {
logger.info(...args)
}
/**
* Verify ACME HTTP challenge
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-8.3
*
* @param {object} authz Identifier authorization
* @param {object} challenge Authorization challenge
* @param {string} keyAuthorization Challenge key authorization
* @param {string} [suffix] URL suffix
* @returns {Promise<boolean>}
*/
async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) {
async function doQuery(challengeUrl) {
log(`正在测试请求 ${challengeUrl} `)
// const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
// const challengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
/* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
const httpsAgent = new https.Agent({ rejectUnauthorized: false });
log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
let data = ""
try {
const resp = await axios.get(challengeUrl, { httpsAgent });
data = (resp.data || '').replace(/\s+$/, '');
} catch (e) {
log(`[error] HTTP request error from ${authz.identifier.value}`, e.message);
return false
}
if (!data || (data !== keyAuthorization)) {
log(`[error] Authorization not found in HTTP response from ${authz.identifier.value}`);
return false
}
return true
}
const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
let host = authz.identifier.value;
if (utils.domain.isIpv6(host)) {
host = `[${host}]`;
}
const challengeUrl = `http://${host}:${httpPort}${suffix}`;
if (!await doQuery(challengeUrl)) {
const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
const httpsChallengeUrl = `https://${host}:${httpsPort}${suffix}`;
const res = await doQuery(httpsChallengeUrl)
if (!res) {
throw new Error(`[error] 验证失败,请检查以上测试url是否可以正常访问`);
}
}
log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
return true;
}
/**
* Walk DNS until TXT records are found
*/
async function walkDnsChallengeRecord(recordName, resolver = dns, deep = 0) {
let records = [];
const isAuthoritative = resolver === dns
/* Resolve TXT records */
try {
log(`检查域名 ${recordName} 的TXT记录(from ${isAuthoritative ? '本地DNS' : '权威DNS服务器'})`);
const txtRecords = await resolver.resolveTxt(recordName);
if (txtRecords && txtRecords.length) {
log(`找到 ${txtRecords.length} 条 TXT记录( ${recordName}`);
log(`TXT records: ${JSON.stringify(txtRecords)}`);
records = records.concat(...txtRecords);
}
} catch (e) {
log(`解析 TXT 记录出错, ${recordName} :${e.message}`);
}
/* Resolve CNAME record first */
try {
log(`检查是否存在CNAME映射: ${recordName}`);
const cnameRecords = await resolver.resolveCname(recordName);
if (cnameRecords.length) {
const cnameRecord = cnameRecords[0];
log(`已找到${recordName}的CNAME记录,将检查: ${cnameRecord}`);
let res = await walkTxtRecord(cnameRecord, deep + 1);
if (res && res.length) {
log(`从CNAME中找到TXT记录: ${JSON.stringify(res)}`);
records = records.concat(...res);
}
} else {
log(`没有CNAME映射(${recordName}`);
}
} catch (e) {
log(`检查CNAME出错(${recordName} :${e.message}`);
}
return records
}
async function walkTxtRecord(recordName, deep = 0) {
if (deep > 5) {
log(`walkTxtRecord too deep (#${deep}) , skip walk`)
return []
}
const txtRecords = []
try {
/* Default DNS resolver first */
log('从本地DNS服务器获取TXT解析记录');
const res = await walkDnsChallengeRecord(recordName, dns, deep);
if (res && res.length > 0) {
for (const item of res) {
txtRecords.push(item)
}
}
} catch (e) {
log(`本地获取TXT解析记录失败:${e.message}`)
}
if (walkFromAuthoritative !==false) {
try {
/* Authoritative DNS resolver */
log(`从域名权威服务器获取TXT解析记录`);
const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName, log);
const res = await walkDnsChallengeRecord(recordName, authoritativeResolver, deep);
if (res && res.length > 0) {
for (const item of res) {
txtRecords.push(item)
}
}
} catch (e) {
log(`权威服务器获取TXT解析记录失败:${e.message}`)
}
}else{
log(`跳过从权威服务器获取TXT解析记录`);
}
if (txtRecords.length === 0) {
throw new Error(`没有找到TXT解析记录(${recordName}),请稍后重试`);
}
return txtRecords;
}
/**
* Verify ACME DNS challenge
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-8.4
*
* @param {object} authz Identifier authorization
* @param {object} challenge Authorization challenge
* @param {string} keyAuthorization Challenge key authorization
* @param {string} [prefix] DNS prefix
* @returns {Promise<boolean>}
*/
async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
const recordName = `${prefix}${authz.identifier.value}`;
log(`本地校验TXT记录): ${recordName}`);
let recordValues = await walkTxtRecord(recordName, 0, walkFromAuthoritative);
//去重
recordValues = [...new Set(recordValues)];
log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录:${recordValues}`);
if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
const err = `没有找到需要的DNS TXT记录: ${recordName},期望:${keyAuthorization},结果:${recordValues}`
throw new Error(err);
}
log(`关键授权匹配成功(${challenge.type}/${recordName}:${keyAuthorization},校验成功, ACME challenge verified`);
return true;
}
async function verifyDnsPersistChallenge(authz, challenge, keyAuthorization, prefix = '_validation-persist.') {
const recordName = `${prefix}${authz.identifier.value.replace(/^\*\./, '')}`;
log(`本地校验DNS持久验证TXT记录: ${recordName}`);
let recordValues = await walkTxtRecord(recordName, 0, walkFromAuthoritative);
recordValues = [...new Set(recordValues)];
const expected = challenge.expectedRecordValue;
if (!expected) {
log(`未提供dns-persist-01本地校验期望值,跳过精确匹配,仅确认TXT记录存在`);
return true;
}
log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录:${recordValues}`);
if (!recordValues.length || !recordValues.includes(expected)) {
throw new Error(`没有找到需要的DNS持久验证TXT记录: ${recordName},请稍后重试,期望:${expected},结果:${recordValues}`);
}
log(`DNS持久验证记录匹配成功(${challenge.type}/${recordName}:${expected}`);
return true;
}
/**
* Verify ACME TLS ALPN challenge
*
* https://datatracker.ietf.org/doc/html/rfc8737
*
* @param {object} authz Identifier authorization
* @param {object} challenge Authorization challenge
* @param {string} keyAuthorization Challenge key authorization
* @returns {Promise<boolean>}
*/
async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
const tlsAlpnPort = axios.defaults.acmeSettings.tlsAlpnChallengePort || 443;
const host = authz.identifier.value;
log(`Establishing TLS connection with host: ${host}:${tlsAlpnPort}`);
const certificate = await util.retrieveTlsAlpnCertificate(host, tlsAlpnPort);
log('Certificate received from server successfully, matching key authorization in ALPN');
if (!isAlpnCertificateAuthorizationValid(certificate, keyAuthorization)) {
throw new Error(`Authorization not found in certificate from ${authz.identifier.value}`);
}
log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
return true;
}
return {
challenges: {
'http-01': verifyHttpChallenge,
'dns-01': verifyDnsChallenge,
'dns-persist-01': verifyDnsPersistChallenge,
'tls-alpn-01': verifyTlsAlpnChallenge,
},
walkTxtRecord,
walkDnsChallengeRecord,
}
}
// createChallengeFn({logger:{info:console.log}}).walkDnsChallengeRecord("handsfree.work")
@@ -1,3 +1,4 @@
// @ts-nocheck
export async function wait(ms) {
return new Promise((resolve) => {
setTimeout(resolve, ms);
@@ -0,0 +1,7 @@
{
"extends": "./tsconfig.json",
"compilerOptions": {
"sourceMap": false,
"inlineSourceMap": false
}
}
+29
View File
@@ -0,0 +1,29 @@
{
"compileOnSave": true,
"compilerOptions": {
"target": "ESNext",
"module": "ESNext",
"moduleResolution": "node",
"esModuleInterop": true,
"inlineSourceMap": false,
"sourceMap": true,
"noImplicitThis": false,
"noUnusedLocals": false,
"stripInternal": true,
"skipLibCheck": true,
"pretty": true,
"declaration": true,
"allowSyntheticDefaultImports": true,
"forceConsistentCasingInFileNames": true,
"outDir": "dist",
"rootDir": "src",
"composite": false,
"useDefineForClassFields": false,
"strict": false,
"resolveJsonModule": true,
"isolatedModules": false,
"lib": ["ESNext", "DOM"]
},
"include": ["src/**/*.ts", "src/**/*.d.ts", "src/**/*.json"],
"exclude": ["dist", "node_modules", "src/**/*.test.ts", "test"]
}
@@ -0,0 +1,11 @@
{
"extends": "./tsconfig.json",
"compilerOptions": {
"outDir": "dist-test",
"declaration": false,
"declarationMap": false,
"emitDeclarationOnly": false
},
"include": ["src/**/*.ts"],
"exclude": ["dist", "dist-test", "node_modules", "test"]
}
+16 -5
View File
@@ -4,8 +4,6 @@
import { AxiosInstance } from 'axios';
import * as rfc8555 from './rfc8555';
import {CancelError} from '../src/error.js'
export * from '../src/error.js'
export type PrivateKeyBuffer = Buffer;
export type PublicKeyBuffer = Buffer;
@@ -59,7 +57,7 @@ export interface ClientExternalAccountBindingOptions {
export interface ClientAutoOptions {
csr: CsrBuffer | CsrString;
challengeCreateFn: (authz: Authorization, keyAuthorization: (challenge:rfc8555.Challenge)=>Promise<string>) => Promise<{recordReq?:any,recordRes?:any,dnsProvider?:any,challenge: rfc8555.Challenge,keyAuthorization:string}>;
challengeCreateFn: (authz: Authorization, keyAuthorization: (challenge:rfc8555.Challenge)=>Promise<string>) => Promise<{recordReq?:any,recordRes?:any,dnsProvider?:any,challenge: rfc8555.Challenge,keyAuthorization:string,httpUploader?:any}>;
challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any,httpUploader:any) => Promise<any>;
email?: string;
termsOfServiceAgreed?: boolean;
@@ -115,6 +113,15 @@ export const directory: {
zerossl: {
staging: string,
production: string
},
sslcom: {
staging: string,
production: string,
ec: string
},
litessl: {
staging: string,
production: string
}
};
@@ -211,12 +218,16 @@ export const agents: any;
* Logger
*/
export class CancelError extends Error {
constructor(message?: string);
}
export function setLogger(fn: (message: any, ...args: any[]) => void): void;
export function createChallengeFn(opts?: {logger?:any}): any;
// export function walkTxtRecord(record: any): Promise<string[]>;
export function getAuthoritativeDnsResolver(record:string): Promise<any>;
export const CancelError: typeof CancelError;
export function resolveDomainBySoaRecord(domain: string): Promise<string>;
export function resolveDomainBySoaRecord(domain: string): Promise<string>;
export function setWalkFromAuthoritative(value?: boolean): void;
@@ -2,7 +2,7 @@
* acme-client type definition tests
*/
import * as acme from 'acme-client';
import * as acme from '..';
(async () => {
/* Client */
@@ -10,6 +10,7 @@ import * as acme from 'acme-client';
const client = new acme.Client({
accountKey,
sslProvider: 'letsencrypt',
directoryUrl: acme.directory.letsencrypt.staging
});
@@ -52,7 +53,10 @@ import * as acme from 'acme-client';
/* Auto */
await client.auto({
csr: certCsr,
challengeCreateFn: async (authz, challenge, keyAuthorization) => {},
challengeCreateFn: async (authz, keyAuthorization) => ({
challenge: authz.challenges[0],
keyAuthorization: await keyAuthorization(authz.challenges[0])
}),
challengeRemoveFn: async (authz, challenge, keyAuthorization) => {}
});
@@ -63,7 +67,10 @@ import * as acme from 'acme-client';
skipChallengeVerification: false,
challengePriority: ['http-01', 'dns-01'],
preferredChain: 'DST Root CA X3',
challengeCreateFn: async (authz, challenge, keyAuthorization) => {},
challengeCreateFn: async (authz, keyAuthorization) => ({
challenge: authz.challenges[0],
keyAuthorization: await keyAuthorization(authz.challenges[0])
}),
challengeRemoveFn: async (authz, challenge, keyAuthorization) => {}
});
})();
+5 -1
View File
@@ -97,7 +97,11 @@ export interface DnsChallenge extends ChallengeAbstract {
token: string;
}
export type Challenge = HttpChallenge | DnsChallenge;
export interface DnsPersistChallenge extends ChallengeAbstract {
type: 'dns-persist-01';
}
export type Challenge = HttpChallenge | DnsChallenge | DnsPersistChallenge;
/**
* Certificate
+50
View File
@@ -3,6 +3,56 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.40.5](https://github.com/certd/certd/compare/v1.40.4...v1.40.5) (2026-05-26)
**Note:** Version bump only for package @certd/basic
## [1.40.4](https://github.com/certd/certd/compare/v1.40.3...v1.40.4) (2026-05-24)
**Note:** Version bump only for package @certd/basic
## [1.40.3](https://github.com/certd/certd/compare/v1.40.2...v1.40.3) (2026-05-21)
**Note:** Version bump only for package @certd/basic
## [1.40.2](https://github.com/certd/certd/compare/v1.40.1...v1.40.2) (2026-05-19)
**Note:** Version bump only for package @certd/basic
## [1.40.1](https://github.com/certd/certd/compare/v1.40.0...v1.40.1) (2026-05-18)
**Note:** Version bump only for package @certd/basic
# [1.40.0](https://github.com/certd/certd/compare/v1.39.16...v1.40.0) (2026-05-14)
**Note:** Version bump only for package @certd/basic
## [1.39.16](https://github.com/certd/certd/compare/v1.39.15...v1.39.16) (2026-05-13)
**Note:** Version bump only for package @certd/basic
## [1.39.15](https://github.com/certd/certd/compare/v1.39.14...v1.39.15) (2026-05-13)
### Performance Improvements
* **network:** 新增全局公共http请求 headers设置 ([aad9045](https://github.com/certd/certd/commit/aad9045de55e76cb2ad09cac74a7bd60a4b47124))
## [1.39.14](https://github.com/certd/certd/compare/v1.39.13...v1.39.14) (2026-05-11)
**Note:** Version bump only for package @certd/basic
## [1.39.13](https://github.com/certd/certd/compare/v1.39.12...v1.39.13) (2026-05-10)
### Performance Improvements
* 重构自动加载模块并优化EAB授权处理 ([4755216](https://github.com/certd/certd/commit/4755216505ad18555a50da9d8008c2207c48df86))
## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
### Performance Improvements
* 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
**Note:** Version bump only for package @certd/basic
+1 -1
View File
@@ -1 +1 @@
13:28
13:31
+8 -3
View File
@@ -1,7 +1,7 @@
{
"name": "@certd/basic",
"private": false,
"version": "1.39.11",
"version": "1.40.5",
"type": "module",
"main": "./dist/index.js",
"module": "./dist/index.js",
@@ -9,10 +9,11 @@
"scripts": {
"dev": "vite",
"before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
"build": "npm run before-build && tsc --skipLibCheck",
"build": "npm run before-build && tsc -p tsconfig.build.json --skipLibCheck",
"dev-build": "npm run build",
"preview": "vite preview",
"test": "mocha --loader=ts-node/esm",
"test:unit": "cross-env NODE_ENV=unittest mocha --node-option no-warnings --node-option loader=ts-node/esm \"src/**/*.test.ts\"",
"pub": "npm publish",
"compile": "tsc --skipLibCheck --watch"
},
@@ -39,13 +40,17 @@
"@typescript-eslint/eslint-plugin": "^8.26.1",
"@typescript-eslint/parser": "^8.26.1",
"chai": "4.3.10",
"cross-env": "^7.0.3",
"eslint": "^8.41.0",
"eslint-config-prettier": "^8.8.0",
"eslint-plugin-prettier": "^4.2.1",
"esmock": "^2.7.5",
"mocha": "^10.2.0",
"prettier": "^2.8.8",
"rimraf": "^5.0.5",
"ts-node": "^10.9.2",
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
"gitHead": "7ceb0f6306b8b5e9ab875b9f7c41cc7d56209ea4"
}
@@ -0,0 +1,31 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { amountUtils } from "./util.amount.js";
describe("amountUtils", () => {
describe("toCent", () => {
it("converts yuan values to cents", () => {
expect(amountUtils.toCent(1)).to.equal(100);
expect(amountUtils.toCent(12.34)).to.equal(1234);
});
it("rounds to the nearest cent", () => {
expect(amountUtils.toCent(1.235)).to.equal(124);
expect(amountUtils.toCent(1.234)).to.equal(123);
});
});
describe("toYuan", () => {
it("converts cent values to yuan", () => {
expect(amountUtils.toYuan(100)).to.equal(1);
expect(amountUtils.toYuan(1234)).to.equal(12.34);
});
it("rounds yuan values to two decimal places", () => {
expect(amountUtils.toYuan(1235)).to.equal(12.35);
expect(amountUtils.toYuan(1)).to.equal(0.01);
});
});
});
+2 -1
View File
@@ -11,9 +11,10 @@ export class LocalCache<V = any> {
cache: Map<string, { value: V; expiresAt: number }>;
constructor(opts: { clearInterval?: number } = {}) {
this.cache = new Map();
setInterval(() => {
const intervalId = setInterval(() => {
this.clearExpires();
}, opts.clearInterval ?? 5 * 60 * 1000);
intervalId.unref?.();
}
get(key: string): V | undefined {
@@ -0,0 +1,43 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { domainUtils } from "./util.domain.js";
describe("domainUtils", () => {
describe("match", () => {
it("matches exact domains", () => {
expect(domainUtils.match("example.com", ["example.com"])).to.equal(true);
expect(domainUtils.match("api.example.com", ["example.com"])).to.equal(false);
});
it("matches wildcard domains by suffix", () => {
expect(domainUtils.match("api.example.com", ["*.example.com"])).to.equal(true);
expect(domainUtils.match("deep.api.example.com", ["*.example.com"])).to.equal(false);
expect(domainUtils.match("example.com", ["*.example.com"])).to.equal(false);
});
it("requires every target domain to match", () => {
expect(domainUtils.match(["api.example.com", "admin.example.com"], ["*.example.com"])).to.equal(true);
expect(domainUtils.match(["api.example.com", "other.com"], ["*.example.com"])).to.equal(false);
});
});
describe("isIp", () => {
it("detects valid IPv4 addresses", () => {
expect(domainUtils.isIpv4("127.0.0.1")).to.equal(true);
expect(domainUtils.isIpv4("255.255.255.255")).to.equal(true);
});
it("rejects invalid IPv4 addresses", () => {
expect(domainUtils.isIpv4("999.1.1.1")).to.equal(false);
expect(domainUtils.isIpv4("1.2.3")).to.equal(false);
expect(domainUtils.isIpv4("example.com")).to.equal(false);
});
it("detects IPv6 addresses", () => {
expect(domainUtils.isIpv6("2001:db8::1")).to.equal(true);
expect(domainUtils.isIp("2001:db8::1")).to.equal(true);
});
});
});
+4 -1
View File
@@ -51,7 +51,10 @@ function isIpv4(d: string) {
return false;
}
const isIPv4Regex = /^(\d{1,3}\.){3}\d{1,3}$/;
return isIPv4Regex.test(d);
if (!isIPv4Regex.test(d)) {
return false;
}
return d.split(".").every(item => Number(item) <= 255);
}
function isIpv6(d: string) {
@@ -0,0 +1,42 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { isDev } from "./util.env.js";
describe("isDev", () => {
const originalNodeEnv = process.env.NODE_ENV;
afterEach(() => {
if (originalNodeEnv == null) {
delete process.env.NODE_ENV;
} else {
process.env.NODE_ENV = originalNodeEnv;
}
});
it("treats missing NODE_ENV as development", () => {
delete process.env.NODE_ENV;
expect(isDev()).to.equal(true);
});
it("detects development-like NODE_ENV values", () => {
process.env.NODE_ENV = "development";
expect(isDev()).to.equal(true);
process.env.NODE_ENV = "local";
expect(isDev()).to.equal(true);
process.env.NODE_ENV = "dev-test";
expect(isDev()).to.equal(true);
});
it("rejects production-like NODE_ENV values", () => {
process.env.NODE_ENV = "production";
expect(isDev()).to.equal(false);
process.env.NODE_ENV = "test";
expect(isDev()).to.equal(false);
});
});
@@ -0,0 +1,45 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { hashUtils } from "./util.hash.js";
describe("hashUtils", () => {
describe("digest helpers", () => {
it("generates md5 and sha256 hex digests by default", () => {
expect(hashUtils.md5("certd")).to.equal("3f3d9f715fcc63d54a4a224e0939a233");
expect(hashUtils.sha256("certd")).to.equal("26a6366060d2a6477185c05075155769cb438c6c71f61f509535b8516594ad92");
});
it("supports alternate digest encodings", () => {
expect(hashUtils.md5("certd", "base64")).to.equal("Pz2fcV/MY9VKSiJOCTmiMw==");
expect(hashUtils.sha256("certd", "base64")).to.equal("JqY2YGDSpkdxhcBQdRVXactDjGxx9h9QlTW4UWWUrZI=");
});
});
describe("hmac helpers", () => {
it("signs data with a provided key", () => {
expect(hashUtils.hmacSha256WithKey("secret", "certd")).to.equal("kh/kUD/Ji8FHfpt4vYUHZx+1BZvKSyyklZIiuS+Rzlg=");
});
it("uses an empty payload when only the key is provided", () => {
expect(hashUtils.hmacSha256("secret")).to.equal("+eZuF5tnR65UEI+C+K3os8Jddv0wr95sOVgixTAZYWk=");
});
});
describe("encoding helpers", () => {
it("round trips base64 values", () => {
const encoded = hashUtils.base64("证书-certd");
expect(encoded).to.equal("6K+B5LmmLWNlcnRk");
expect(hashUtils.base64Decode(encoded)).to.equal("证书-certd");
});
it("converts strings and numbers to hex", () => {
expect(hashUtils.toHex("certd")).to.equal("6365727464");
expect(hashUtils.hexToStr("6365727464")).to.equal("certd");
expect(hashUtils.toHex(255)).to.equal("ff");
expect(hashUtils.hexToNumber("ff")).to.equal(255);
});
});
});
@@ -0,0 +1,18 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { randomNumber, simpleNanoId } from "./util.id.js";
describe("id utils", () => {
it("generates a four digit random number string", () => {
expect(randomNumber()).to.match(/^\d{4}$/);
});
it("generates a twelve character simple nano id", () => {
const id = simpleNanoId();
expect(id).to.have.length(12);
expect(id).to.match(/^[0-9a-zA-Z]+$/);
});
});
@@ -0,0 +1,78 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { mergeUtils, UnMergeable } from "./util.merge.js";
describe("mergeUtils", () => {
describe("merge", () => {
it("deep merges plain objects", () => {
const target = { acme: { email: "admin@example.com" }, deploy: { retries: 1 } };
const result = mergeUtils.merge(target, { acme: { dnsProvider: "cloudflare" } });
expect(result).to.equal(target);
expect(result).to.deep.equal({
acme: { email: "admin@example.com", dnsProvider: "cloudflare" },
deploy: { retries: 1 },
});
});
it("replaces arrays instead of merging them by index", () => {
const result = mergeUtils.merge({ domains: ["old.example.com", "legacy.example.com"] }, { domains: ["new.example.com"] });
expect(result).to.deep.equal({ domains: ["new.example.com"] });
});
it("allows null to clear nested values", () => {
const result = mergeUtils.merge({ cert: { name: "certd" } }, { cert: null });
expect(result).to.deep.equal({ cert: null });
});
it("keeps undefined sources from overwriting existing nested values", () => {
const result = mergeUtils.merge({ cert: { name: "certd" } }, { cert: undefined });
expect(result).to.deep.equal({ cert: { name: "certd" } });
});
it("returns an UnMergeable source directly when it is merged at the top level", () => {
const source = new UnMergeable();
const result = mergeUtils.merge({ enabled: true }, source);
expect(result).to.equal(source);
});
it("replaces nested values marked as UnMergeable", () => {
const source = new UnMergeable();
const result = mergeUtils.merge({ plugin: { enabled: true } }, { plugin: source });
expect(result.plugin).to.equal(source);
});
});
describe("cloneDeep", () => {
it("deep clones plain values", () => {
const source = { acme: { email: "admin@example.com" }, domains: ["example.com"] };
const result = mergeUtils.cloneDeep(source);
expect(result).to.deep.equal(source);
expect(result).not.to.equal(source);
expect(result.acme).not.to.equal(source.acme);
expect(result.domains).not.to.equal(source.domains);
});
it("preserves references marked as not cloneable", () => {
const uncloneable = new UnMergeable();
const source = { plugin: uncloneable };
const result = mergeUtils.cloneDeep(source);
expect(result).not.to.equal(source);
expect(result.plugin).to.equal(uncloneable);
});
});
});
@@ -0,0 +1,40 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { optionsUtils } from "./util.options.js";
describe("optionsUtils", () => {
describe("groupByDomain", () => {
it("splits options by domain match", () => {
const matchedOption = { value: "matched", domain: "api.example.com" };
const wildcardMatchedOption = { value: "wildcard", domain: "admin.example.com" };
const unmatchedOption = { value: "unmatched", domain: "other.com" };
const result = optionsUtils.groupByDomain([matchedOption, wildcardMatchedOption, unmatchedOption], ["api.example.com", "*.example.com"]);
expect(result.matched).to.deep.equal([matchedOption, wildcardMatchedOption]);
expect(result.notMatched).to.deep.equal([unmatchedOption]);
});
it("treats options without matching domains as not matched", () => {
const optionWithoutDomain = { value: "empty" };
const result = optionsUtils.groupByDomain([optionWithoutDomain], ["example.com"]);
expect(result.matched).to.deep.equal([]);
expect(result.notMatched).to.deep.equal([optionWithoutDomain]);
});
});
describe("buildGroupOptions", () => {
it("builds disabled group labels around matched and unmatched options", () => {
const matchedOption = { value: "matched", domain: "api.example.com" };
const unmatchedOption = { value: "unmatched", domain: "other.com" };
const result = optionsUtils.buildGroupOptions([matchedOption, unmatchedOption], ["api.example.com"]);
expect(result).to.deep.equal([{ value: "matched", disabled: true, label: "----已匹配----" }, matchedOption, { value: "unmatched", disabled: true, label: "----未匹配----" }, unmatchedOption]);
});
});
});
@@ -0,0 +1,90 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { logger } from "./util.log.js";
import { promises } from "./util.promise.js";
describe("promises", () => {
describe("TimeoutPromise", () => {
it("resolves when the callback finishes before the timeout", async () => {
let completed = false;
await promises.TimeoutPromise(async () => {
completed = true;
}, 50);
expect(completed).to.equal(true);
});
it("rejects when the callback exceeds the timeout", async () => {
try {
await promises.TimeoutPromise(() => new Promise<void>(resolve => setTimeout(resolve, 30)), 5);
expect.fail("expected TimeoutPromise to reject");
} catch (e: any) {
expect(e.message).to.equal("Task timeout in 5 ms");
}
});
});
describe("safePromise", () => {
it("resolves values provided by the callback", async () => {
const result = await promises.safePromise<string>(resolve => {
resolve("ok");
});
expect(result).to.equal("ok");
});
it("rejects synchronous errors thrown by the callback", async () => {
const oldLevel = logger.level;
logger.level = "fatal";
try {
await promises.safePromise(() => {
throw new Error("boom");
});
expect.fail("expected safePromise to reject");
} catch (e: any) {
expect(e.message).to.equal("boom");
} finally {
logger.level = oldLevel;
}
});
});
describe("promisify", () => {
it("resolves callback data", async () => {
const readValue = promises.promisify((prefix: string, callback: (err: Error | null, data?: string) => void) => {
callback(null, `${prefix}-value`);
});
expect(await readValue("certd")).to.equal("certd-value");
});
it("rejects callback errors", async () => {
const failing = promises.promisify((callback: (err: Error) => void) => {
callback(new Error("callback failed"));
});
try {
await failing();
expect.fail("expected promisified function to reject");
} catch (e: any) {
expect(e.message).to.equal("callback failed");
}
});
it("rejects synchronous errors", async () => {
const failing = promises.promisify(() => {
throw new Error("sync failed");
});
try {
await failing();
expect.fail("expected promisified function to reject");
} catch (e: any) {
expect(e.message).to.equal("sync failed");
}
});
});
});
@@ -0,0 +1,53 @@
import { expect } from "chai";
import { createAxiosService, HttpClient, setGlobalHeaders } from "./util.request.js";
import { ILogger } from "./util.log.js";
const testLogger = {
info() {},
error() {},
} as unknown as ILogger;
describe("util.request", () => {
afterEach(() => {
setGlobalHeaders({});
});
it("should merge global headers without overriding request headers", async () => {
setGlobalHeaders({
"X-Common": "common",
"X-Override": "global",
});
const http = createAxiosService({ logger: testLogger }) as HttpClient;
const res = await http.request({
url: "http://example.com",
method: "get",
logReq: false,
logRes: false,
headers: {
"X-Override": "request",
"X-Request": "request",
},
adapter: async config => {
const headers = config.headers;
return {
config,
data: {
common: headers.get("X-Common"),
override: headers.get("X-Override"),
request: headers.get("X-Request"),
},
headers: {},
status: 200,
statusText: "OK",
};
},
});
expect(res).to.deep.equal({
common: "common",
override: "request",
request: "request",
});
});
});
+41 -6
View File
@@ -26,7 +26,7 @@ export class HttpError extends Error {
return;
}
let message = error?.message || error?.response.statusText || error?.code;
let message = error?.message || error?.response?.statusText || error?.code;
if (message && typeof message === "string" && message.indexOf) {
for (const key in errorMap) {
if (message.indexOf(key) > -1) {
@@ -82,6 +82,7 @@ export class HttpError extends Error {
export const HttpCommonError = HttpError;
let defaultAgents = createAgent();
let defaultHeaders: Record<string, string> = {};
export function setGlobalProxy(opts: { httpProxy?: string; httpsProxy?: string }) {
logger.info("setGlobalProxy:", opts);
@@ -92,6 +93,15 @@ export function getGlobalAgents() {
return defaultAgents;
}
export function setGlobalHeaders(headers: Record<string, string> = {}) {
logger.info("setGlobalHeaders:", Object.keys(headers));
defaultHeaders = { ...headers };
}
export function getGlobalHeaders() {
return defaultHeaders;
}
/**
* @description
*/
@@ -111,8 +121,13 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
if (config.logData == null) {
config.logData = false;
}
if (config.logReq == null) {
config.logReq = true;
}
logger.info(`http request:${config.url}method:${config.method}`);
if (config.logReq !== false) {
logger.info(`http request:${config.url}method:${config.method}`);
}
if (config.logParams !== false && config.params) {
logger.info(`params:${JSON.stringify(config.params)}`);
}
@@ -143,6 +158,12 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
config.httpsAgent = agents.httpsAgent;
config.httpAgent = agents.httpAgent;
if (Object.keys(defaultHeaders).length > 0) {
const headers = AxiosHeaders.from(defaultHeaders);
headers.set(config.headers || {});
config.headers = headers;
}
// const agent = new https.Agent({
// rejectUnauthorized: false // 允许自签名证书
// });
@@ -151,10 +172,11 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
config.retry = merge(
{
status: [421],
status: [421, 524],
count: 0,
max: 3,
delay: 1000,
delay: 2000,
includes: ["[524]"],
},
config.retry
);
@@ -261,7 +283,7 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
logger.error(`请求出错:${errorMessage} status:${status},statusText:${error.response?.statusText || error.code},url:${error.config?.url},method:${error.config?.method}`);
logger.error("返回数据:", JSON.stringify(error.response?.data));
if (error.response?.data) {
const message = error.response.data.message || error.response.data.msg || error.response.data.error;
const message = error.response?.data?.message || error.response?.data?.msg || error.response?.data?.error;
if (typeof message === "string") {
error.message = message;
}
@@ -273,7 +295,19 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
const originalRequest = error.config || {};
// logger.info(`config`, originalRequest);
const retry = originalRequest.retry || {};
if (retry.status && retry.status.includes(status)) {
const isRetryStatus = retry.status && retry.status.includes(status);
let isRetryMessage = false;
if (retry.includes) {
for (const item of retry.includes) {
if (error.message?.includes(item)) {
isRetryMessage = true;
break;
}
}
}
if (isRetryStatus || isRetryMessage) {
if (retry.max > 0 && retry.count < retry.max) {
// 重试次数增加
retry.count++;
@@ -301,6 +335,7 @@ export type HttpClientResponse<R> = any;
export type HttpRequestConfig<D = any> = {
skipSslVerify?: boolean;
skipCheckRes?: boolean;
logReq?: boolean;
logParams?: boolean;
logRes?: boolean;
logData?: boolean;
@@ -0,0 +1,36 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { stringUtils } from "./util.string.js";
describe("stringUtils", () => {
describe("maxLength", () => {
it("returns an empty string for empty input", () => {
expect(stringUtils.maxLength()).to.equal("");
expect(stringUtils.maxLength("")).to.equal("");
});
it("returns the original string when it is within the limit", () => {
expect(stringUtils.maxLength("certd", 5)).to.equal("certd");
expect(stringUtils.maxLength("certd", 6)).to.equal("certd");
});
it("truncates strings longer than the limit and appends ellipsis", () => {
expect(stringUtils.maxLength("certificate", 4)).to.equal("cert...");
});
});
describe("appendTimeSuffix", () => {
it("returns an empty string for empty input", () => {
expect(stringUtils.appendTimeSuffix()).to.equal("");
expect(stringUtils.appendTimeSuffix("")).to.equal("");
});
it("appends a millisecond timestamp suffix", () => {
const result = stringUtils.appendTimeSuffix("certd");
expect(result).to.match(/^certd-\d{17}$/);
});
});
});
+7
View File
@@ -0,0 +1,7 @@
{
"extends": "./tsconfig.json",
"compilerOptions": {
"sourceMap": false,
"inlineSourceMap": false
}
}
+6 -16
View File
@@ -7,8 +7,8 @@
"esModuleInterop": true,
"experimentalDecorators": true,
"emitDecoratorMetadata": true,
"inlineSourceMap":false,
"sourceMap": false,
"inlineSourceMap": false,
"sourceMap": true,
"noImplicitThis": true,
"noUnusedLocals": true,
"stripInternal": true,
@@ -22,21 +22,11 @@
"composite": false,
"useDefineForClassFields": true,
"strict": true,
"typeRoots": [ "./typings", "./node_modules/@types"],
"typeRoots": ["./typings", "./node_modules/@types"],
"resolveJsonModule": true,
"isolatedModules": false,
"lib": ["ESNext", "DOM"],
"lib": ["ESNext", "DOM"]
},
"include": [
"src/**/*.ts",
"src/**/*.json"
],
"exclude": [
"*.js",
"*.ts",
"*.spec.ts",
"dist",
"node_modules",
"test"
],
"include": ["src/**/*.ts", "src/**/*.json"],
"exclude": ["*.js", "*.ts", "*.spec.ts", "dist", "node_modules", "src/**/*.test.ts", "test"]
}
+55
View File
@@ -3,6 +3,61 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.40.5](https://github.com/certd/certd/compare/v1.40.4...v1.40.5) (2026-05-26)
### Bug Fixes
* 修复阿里云证书订单orderid 选择出错的问题 ([af9047b](https://github.com/certd/certd/commit/af9047bf3c54ce71b11727ccc6220288ed1f57be))
## [1.40.4](https://github.com/certd/certd/compare/v1.40.3...v1.40.4) (2026-05-24)
**Note:** Version bump only for package @certd/pipeline
## [1.40.3](https://github.com/certd/certd/compare/v1.40.2...v1.40.3) (2026-05-21)
**Note:** Version bump only for package @certd/pipeline
## [1.40.2](https://github.com/certd/certd/compare/v1.40.1...v1.40.2) (2026-05-19)
**Note:** Version bump only for package @certd/pipeline
## [1.40.1](https://github.com/certd/certd/compare/v1.40.0...v1.40.1) (2026-05-18)
**Note:** Version bump only for package @certd/pipeline
# [1.40.0](https://github.com/certd/certd/compare/v1.39.16...v1.40.0) (2026-05-14)
**Note:** Version bump only for package @certd/pipeline
## [1.39.16](https://github.com/certd/certd/compare/v1.39.15...v1.39.16) (2026-05-13)
**Note:** Version bump only for package @certd/pipeline
## [1.39.15](https://github.com/certd/certd/compare/v1.39.14...v1.39.15) (2026-05-13)
**Note:** Version bump only for package @certd/pipeline
## [1.39.14](https://github.com/certd/certd/compare/v1.39.13...v1.39.14) (2026-05-11)
**Note:** Version bump only for package @certd/pipeline
## [1.39.13](https://github.com/certd/certd/compare/v1.39.12...v1.39.13) (2026-05-10)
### Bug Fixes
* cnameProvider域名支持设置子域名托管 ([7266af1](https://github.com/certd/certd/commit/7266af17491a98338022cfb18cfedfb93ca6ef8f))
### Performance Improvements
* 重构自动加载模块并优化EAB授权处理 ([4755216](https://github.com/certd/certd/commit/4755216505ad18555a50da9d8008c2207c48df86))
## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
### Performance Improvements
* 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
* 优化流水线执行时的状态保存性能 ([e00830b](https://github.com/certd/certd/commit/e00830bebcfe6344499e490bc174de96f9fb22d6))
## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
### Performance Improvements
+9 -5
View File
@@ -1,7 +1,7 @@
{
"name": "@certd/pipeline",
"private": false,
"version": "1.39.11",
"version": "1.40.5",
"type": "module",
"main": "./dist/index.js",
"module": "./dist/index.js",
@@ -9,17 +9,18 @@
"scripts": {
"dev": "vite",
"before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
"build": "npm run before-build && tsc --skipLibCheck",
"build": "npm run before-build && tsc -p tsconfig.build.json --skipLibCheck",
"dev-build": "npm run build",
"build3": "rollup -c",
"preview": "vite preview",
"test": "mocha --loader=ts-node/esm",
"test:unit": "cross-env NODE_ENV=unittest mocha --no-config --node-option no-warnings --node-option loader=ts-node/esm \"src/**/*.test.ts\"",
"pub": "npm publish",
"compile": "tsc --skipLibCheck --watch"
},
"dependencies": {
"@certd/basic": "^1.39.11",
"@certd/plus-core": "^1.39.11",
"@certd/basic": "^1.40.5",
"@certd/plus-core": "^1.40.5",
"dayjs": "^1.11.7",
"lodash-es": "^4.17.21",
"reflect-metadata": "^0.1.13"
@@ -36,14 +37,17 @@
"@typescript-eslint/eslint-plugin": "^8.26.1",
"@typescript-eslint/parser": "^8.26.1",
"chai": "4.3.10",
"cross-env": "^7.0.3",
"eslint": "^8.41.0",
"eslint-config-prettier": "^8.8.0",
"eslint-plugin-prettier": "^4.2.1",
"esmock": "^2.7.5",
"mocha": "^10.2.0",
"prettier": "^2.8.8",
"rimraf": "^5.0.5",
"ts-node": "^10.9.2",
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
"gitHead": "7ceb0f6306b8b5e9ab875b9f7c41cc7d56209ea4"
}
+1
View File
@@ -19,6 +19,7 @@ export type AccessInputDefine = FormItemProps & {
};
export type AccessDefine = Registrable & {
icon?: string;
subtype?: string;
input?: {
[key: string]: AccessInputDefine;
};
+7 -3
View File
@@ -23,6 +23,7 @@ export type ExecutorOptions = {
pipeline: Pipeline;
storage: IStorage;
onChanged: (history: RunHistory) => Promise<void>;
onFinished: (history: RunHistory) => Promise<void>;
accessService: IAccessService;
emailService: IEmailService;
notificationService: INotificationService;
@@ -47,16 +48,19 @@ export class Executor {
lastRuntime!: RunHistory;
options: ExecutorOptions;
abort: AbortController = new AbortController();
_inited = false;
onChanged: (history: RunHistory) => Promise<void>;
onFinished: (history: RunHistory) => Promise<void>;
constructor(options: ExecutorOptions) {
this.options = options;
this.pipeline = cloneDeep(options.pipeline);
this.onChanged = async (history: RunHistory) => {
await options.onChanged(history);
};
this.onFinished = async (history: RunHistory) => {
await options.onFinished(history);
};
this.pipeline.userId = options.user.id;
this.contextFactory = new ContextFactory(options.storage);
this.logger = logger;
@@ -77,7 +81,7 @@ export class Executor {
async cancel() {
this.abort.abort();
this.runtime?.cancel(this.pipeline);
await this.onChanged(this.runtime);
await this.onFinished(this.runtime);
}
async run(runtimeId: any = 0, triggerType: string) {
@@ -111,7 +115,7 @@ export class Executor {
this.logger.error("pipeline 执行失败", e);
} finally {
clearInterval(intervalFlushLogId);
await this.onChanged(this.runtime);
await this.onFinished(this.runtime);
//保存之前移除logs
const lastRuntime: any = {
...this.runtime,
@@ -87,6 +87,7 @@ export type Notification = {
options?: EmailOptions;
notificationId: number;
title: string;
id: string;
};
export type Pipeline = Runnable & {
@@ -0,0 +1,23 @@
/// <reference types="mocha" />
import { expect } from "chai";
import { PluginGroup, pluginGroups } from "./group.js";
describe("PluginGroup", () => {
it("initializes a group with defaults", () => {
const group = new PluginGroup("custom", "Custom");
expect(group.key).to.equal("custom");
expect(group.title).to.equal("Custom");
expect(group.order).to.equal(0);
expect(group.icon).to.equal("");
expect(group.plugins).to.deep.equal([]);
});
it("exposes built-in groups with stable keys", () => {
expect(pluginGroups.cert.key).to.equal("cert");
expect(pluginGroups.host.key).to.equal("host");
expect(pluginGroups.other.order).to.equal(10);
});
});
@@ -3,6 +3,7 @@ import { IAccess } from "../access/index.js";
export type CnameProvider = {
id: any;
domain: string;
subdomain?: string;
title?: string;
dnsProviderType?: string;
access?: IAccess;
@@ -0,0 +1,7 @@
{
"extends": "./tsconfig.json",
"compilerOptions": {
"sourceMap": false,
"inlineSourceMap": false
}
}
+6 -17
View File
@@ -7,8 +7,8 @@
"esModuleInterop": true,
"experimentalDecorators": true,
"emitDecoratorMetadata": true,
"inlineSourceMap":false,
"sourceMap": false,
"inlineSourceMap": false,
"sourceMap": true,
"noImplicitThis": true,
"noUnusedLocals": true,
"importHelpers": true,
@@ -22,22 +22,11 @@
"composite": false,
"useDefineForClassFields": true,
"strict": true,
// "sourceMap": true,
// "sourceMap": true,
"resolveJsonModule": true,
"isolatedModules": false,
"lib": ["ESNext", "DOM"],
"lib": ["ESNext", "DOM"]
},
"include": [
"src/**/*.ts",
"src/**/*.d.ts",
"src/**/*.json"
],
"exclude": [
"*.js",
"*.ts",
"*.spec.ts",
"dist",
"node_modules",
"test"
],
"include": ["src/**/*.ts", "src/**/*.d.ts", "src/**/*.json"],
"exclude": ["*.js", "*.ts", "*.spec.ts", "dist", "node_modules", "src/**/*.test.ts", "test"]
}
+42
View File
@@ -3,6 +3,48 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.40.5](https://github.com/certd/certd/compare/v1.40.4...v1.40.5) (2026-05-26)
**Note:** Version bump only for package @certd/lib-huawei
## [1.40.4](https://github.com/certd/certd/compare/v1.40.3...v1.40.4) (2026-05-24)
**Note:** Version bump only for package @certd/lib-huawei
## [1.40.3](https://github.com/certd/certd/compare/v1.40.2...v1.40.3) (2026-05-21)
**Note:** Version bump only for package @certd/lib-huawei
## [1.40.2](https://github.com/certd/certd/compare/v1.40.1...v1.40.2) (2026-05-19)
**Note:** Version bump only for package @certd/lib-huawei
## [1.40.1](https://github.com/certd/certd/compare/v1.40.0...v1.40.1) (2026-05-18)
**Note:** Version bump only for package @certd/lib-huawei
# [1.40.0](https://github.com/certd/certd/compare/v1.39.16...v1.40.0) (2026-05-14)
**Note:** Version bump only for package @certd/lib-huawei
## [1.39.15](https://github.com/certd/certd/compare/v1.39.14...v1.39.15) (2026-05-13)
**Note:** Version bump only for package @certd/lib-huawei
## [1.39.14](https://github.com/certd/certd/compare/v1.39.13...v1.39.14) (2026-05-11)
**Note:** Version bump only for package @certd/lib-huawei
## [1.39.13](https://github.com/certd/certd/compare/v1.39.12...v1.39.13) (2026-05-10)
### Performance Improvements
* 重构自动加载模块并优化EAB授权处理 ([4755216](https://github.com/certd/certd/commit/4755216505ad18555a50da9d8008c2207c48df86))
## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
**Note:** Version bump only for package @certd/lib-huawei
## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
**Note:** Version bump only for package @certd/lib-huawei
+5 -2
View File
@@ -1,7 +1,7 @@
{
"name": "@certd/lib-huawei",
"private": false,
"version": "1.39.11",
"version": "1.40.5",
"main": "./dist/bundle.js",
"module": "./dist/bundle.js",
"types": "./dist/d/index.d.ts",
@@ -11,6 +11,7 @@
"build": "npm run before-build && rollup -c ",
"dev-build": "npm run build",
"preview": "vite preview",
"test:unit": "cross-env NODE_ENV=unittest echo no unit tests",
"pub": "npm publish"
},
"dependencies": {
@@ -21,8 +22,10 @@
"devDependencies": {
"@typescript-eslint/eslint-plugin": "^8.26.1",
"@typescript-eslint/parser": "^8.26.1",
"cross-env": "^7.0.3",
"esmock": "^2.7.5",
"prettier": "^2.8.8",
"tslib": "^2.8.1"
},
"gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
"gitHead": "7ceb0f6306b8b5e9ab875b9f7c41cc7d56209ea4"
}
@@ -9,6 +9,7 @@ module.exports = {
output: {
file: "dist/bundle.js",
format: "cjs",
sourcemap: false,
},
plugins: [
// 解析第三方依赖
@@ -22,10 +23,13 @@ module.exports = {
// ],
}),
Typescript({
tsconfig: "./tsconfig.build.json",
target: "esnext",
rootDir: "src",
declaration: true,
declarationDir: "dist/d",
sourceMap: false,
inlineSourceMap: false,
exclude: ["./node_modules/**", "./src/**/*.vue", "./src/**/*.spec.ts"],
allowSyntheticDefaultImports: true,
}),
@@ -0,0 +1,7 @@
{
"extends": "./tsconfig.json",
"compilerOptions": {
"sourceMap": false,
"inlineSourceMap": false
}
}
+1 -1
View File
@@ -21,7 +21,7 @@
"composite": false,
"useDefineForClassFields": true,
"strict": false,
"sourceMap": false,
"sourceMap": true,
"inlineSourceMap": false,
"resolveJsonModule": true,
"isolatedModules": false,
+42
View File
@@ -3,6 +3,48 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.40.5](https://github.com/certd/certd/compare/v1.40.4...v1.40.5) (2026-05-26)
**Note:** Version bump only for package @certd/lib-iframe
## [1.40.4](https://github.com/certd/certd/compare/v1.40.3...v1.40.4) (2026-05-24)
**Note:** Version bump only for package @certd/lib-iframe
## [1.40.3](https://github.com/certd/certd/compare/v1.40.2...v1.40.3) (2026-05-21)
**Note:** Version bump only for package @certd/lib-iframe
## [1.40.2](https://github.com/certd/certd/compare/v1.40.1...v1.40.2) (2026-05-19)
**Note:** Version bump only for package @certd/lib-iframe
## [1.40.1](https://github.com/certd/certd/compare/v1.40.0...v1.40.1) (2026-05-18)
**Note:** Version bump only for package @certd/lib-iframe
# [1.40.0](https://github.com/certd/certd/compare/v1.39.16...v1.40.0) (2026-05-14)
**Note:** Version bump only for package @certd/lib-iframe
## [1.39.15](https://github.com/certd/certd/compare/v1.39.14...v1.39.15) (2026-05-13)
**Note:** Version bump only for package @certd/lib-iframe
## [1.39.14](https://github.com/certd/certd/compare/v1.39.13...v1.39.14) (2026-05-11)
**Note:** Version bump only for package @certd/lib-iframe
## [1.39.13](https://github.com/certd/certd/compare/v1.39.12...v1.39.13) (2026-05-10)
### Performance Improvements
* 重构自动加载模块并优化EAB授权处理 ([4755216](https://github.com/certd/certd/commit/4755216505ad18555a50da9d8008c2207c48df86))
## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
**Note:** Version bump only for package @certd/lib-iframe
## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
**Note:** Version bump only for package @certd/lib-iframe
+6 -3
View File
@@ -1,7 +1,7 @@
{
"name": "@certd/lib-iframe",
"private": false,
"version": "1.39.11",
"version": "1.40.5",
"type": "module",
"main": "./dist/index.js",
"module": "./dist/index.js",
@@ -9,11 +9,12 @@
"scripts": {
"dev": "vite",
"before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
"build": "npm run before-build && tsc --skipLibCheck",
"build": "npm run before-build && tsc -p tsconfig.build.json --skipLibCheck",
"dev-build": "npm run build",
"build3": "rollup -c",
"build2": "vue-tsc --noEmit && vite build",
"preview": "vite preview",
"test:unit": "cross-env NODE_ENV=unittest echo no unit tests",
"pub": "npm publish"
},
"dependencies": {
@@ -23,13 +24,15 @@
"@types/chai": "^4.3.3",
"@typescript-eslint/eslint-plugin": "^8.26.1",
"@typescript-eslint/parser": "^8.26.1",
"cross-env": "^7.0.3",
"eslint": "^8.24.0",
"eslint-config-prettier": "^8.5.0",
"eslint-plugin-prettier": "^4.2.1",
"esmock": "^2.7.5",
"prettier": "^2.8.8",
"rimraf": "^5.0.5",
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
"gitHead": "7ceb0f6306b8b5e9ab875b9f7c41cc7d56209ea4"
}
@@ -0,0 +1,7 @@
{
"extends": "./tsconfig.json",
"compilerOptions": {
"sourceMap": false,
"inlineSourceMap": false
}
}
+1 -1
View File
@@ -8,6 +8,7 @@
"experimentalDecorators": true,
"emitDecoratorMetadata": true,
"inlineSourceMap":false,
"sourceMap": true,
"noImplicitThis": true,
"noUnusedLocals": true,
"stripInternal": true,
@@ -22,7 +23,6 @@
"composite": false,
"useDefineForClassFields": true,
"strict": false,
// "sourceMap": true,
"resolveJsonModule": true,
"isolatedModules": true,
"lib": ["ESNext", "DOM"],
+42
View File
@@ -3,6 +3,48 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.40.5](https://github.com/certd/certd/compare/v1.40.4...v1.40.5) (2026-05-26)
**Note:** Version bump only for package @certd/jdcloud
## [1.40.4](https://github.com/certd/certd/compare/v1.40.3...v1.40.4) (2026-05-24)
**Note:** Version bump only for package @certd/jdcloud
## [1.40.3](https://github.com/certd/certd/compare/v1.40.2...v1.40.3) (2026-05-21)
**Note:** Version bump only for package @certd/jdcloud
## [1.40.2](https://github.com/certd/certd/compare/v1.40.1...v1.40.2) (2026-05-19)
**Note:** Version bump only for package @certd/jdcloud
## [1.40.1](https://github.com/certd/certd/compare/v1.40.0...v1.40.1) (2026-05-18)
**Note:** Version bump only for package @certd/jdcloud
# [1.40.0](https://github.com/certd/certd/compare/v1.39.16...v1.40.0) (2026-05-14)
**Note:** Version bump only for package @certd/jdcloud
## [1.39.15](https://github.com/certd/certd/compare/v1.39.14...v1.39.15) (2026-05-13)
**Note:** Version bump only for package @certd/jdcloud
## [1.39.14](https://github.com/certd/certd/compare/v1.39.13...v1.39.14) (2026-05-11)
**Note:** Version bump only for package @certd/jdcloud
## [1.39.13](https://github.com/certd/certd/compare/v1.39.12...v1.39.13) (2026-05-10)
### Performance Improvements
* 重构自动加载模块并优化EAB授权处理 ([4755216](https://github.com/certd/certd/commit/4755216505ad18555a50da9d8008c2207c48df86))
## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
**Note:** Version bump only for package @certd/jdcloud
## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
**Note:** Version bump only for package @certd/jdcloud
+7 -4
View File
@@ -1,13 +1,15 @@
{
"name": "@certd/jdcloud",
"version": "1.39.11",
"version": "1.40.5",
"description": "jdcloud openApi sdk",
"main": "./dist/bundle.js",
"module": "./dist/bundle.js",
"types": "./dist/d/index.d.ts",
"scripts": {
"build": "rollup -c ",
"before-build": "node -e \"const fs=require('fs');fs.rmSync('dist',{recursive:true,force:true});fs.rmSync('tsconfig.tsbuildinfo',{force:true});fs.rmSync('.rollup.cache',{recursive:true,force:true});\"",
"build": "npm run before-build && rollup -c ",
"dev-build": "npm run build",
"test:unit": "cross-env NODE_ENV=unittest echo no unit tests",
"pub": "npm publish"
},
"author": "",
@@ -29,7 +31,8 @@
"@typescript-eslint/parser": "^8.26.1",
"chai": "^4.1.2",
"config": "^1.30.0",
"cross-env": "^5.1.4",
"cross-env": "^7.0.3",
"esmock": "^2.7.5",
"js-yaml": "^3.11.0",
"mocha": "^5.0.0",
"prettier": "^2.8.8",
@@ -56,5 +59,5 @@
"fetch"
]
},
"gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
"gitHead": "7ceb0f6306b8b5e9ab875b9f7c41cc7d56209ea4"
}
@@ -9,6 +9,7 @@ module.exports = {
output: {
file: "dist/bundle.js",
format: "cjs",
sourcemap: false,
},
plugins: [
// 解析第三方依赖
@@ -22,10 +23,13 @@ module.exports = {
// ],
}),
Typescript({
tsconfig: "./tsconfig.build.json",
target: "esnext",
rootDir: "src",
declaration: true,
declarationDir: "dist/d",
sourceMap: false,
inlineSourceMap: false,
exclude: ["./node_modules/**", "./src/**/*.vue", "./src/**/*.spec.ts"],
allowSyntheticDefaultImports: true,
}),
@@ -0,0 +1,7 @@
{
"extends": "./tsconfig.json",
"compilerOptions": {
"sourceMap": false,
"inlineSourceMap": false
}
}
+1 -1
View File
@@ -21,7 +21,7 @@
"composite": false,
"useDefineForClassFields": true,
"strict": false,
"sourceMap": false,
"sourceMap": true,
"inlineSourceMap": false,
"resolveJsonModule": true,
"isolatedModules": false,
+46
View File
@@ -3,6 +3,52 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.40.5](https://github.com/certd/certd/compare/v1.40.4...v1.40.5) (2026-05-26)
**Note:** Version bump only for package @certd/lib-k8s
## [1.40.4](https://github.com/certd/certd/compare/v1.40.3...v1.40.4) (2026-05-24)
**Note:** Version bump only for package @certd/lib-k8s
## [1.40.3](https://github.com/certd/certd/compare/v1.40.2...v1.40.3) (2026-05-21)
**Note:** Version bump only for package @certd/lib-k8s
## [1.40.2](https://github.com/certd/certd/compare/v1.40.1...v1.40.2) (2026-05-19)
**Note:** Version bump only for package @certd/lib-k8s
## [1.40.1](https://github.com/certd/certd/compare/v1.40.0...v1.40.1) (2026-05-18)
**Note:** Version bump only for package @certd/lib-k8s
# [1.40.0](https://github.com/certd/certd/compare/v1.39.16...v1.40.0) (2026-05-14)
**Note:** Version bump only for package @certd/lib-k8s
## [1.39.16](https://github.com/certd/certd/compare/v1.39.15...v1.39.16) (2026-05-13)
**Note:** Version bump only for package @certd/lib-k8s
## [1.39.15](https://github.com/certd/certd/compare/v1.39.14...v1.39.15) (2026-05-13)
**Note:** Version bump only for package @certd/lib-k8s
## [1.39.14](https://github.com/certd/certd/compare/v1.39.13...v1.39.14) (2026-05-11)
**Note:** Version bump only for package @certd/lib-k8s
## [1.39.13](https://github.com/certd/certd/compare/v1.39.12...v1.39.13) (2026-05-10)
### Performance Improvements
* 重构自动加载模块并优化EAB授权处理 ([4755216](https://github.com/certd/certd/commit/4755216505ad18555a50da9d8008c2207c48df86))
## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
**Note:** Version bump only for package @certd/lib-k8s
## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
**Note:** Version bump only for package @certd/lib-k8s
+7 -4
View File
@@ -1,7 +1,7 @@
{
"name": "@certd/lib-k8s",
"private": false,
"version": "1.39.11",
"version": "1.40.5",
"type": "module",
"main": "./dist/index.js",
"module": "./dist/index.js",
@@ -9,29 +9,32 @@
"scripts": {
"dev": "vite",
"before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
"build": "npm run before-build && tsc --skipLibCheck",
"build": "npm run before-build && tsc -p tsconfig.build.json --skipLibCheck",
"dev-build": "npm run build",
"build3": "rollup -c",
"build2": "vue-tsc --noEmit && vite build",
"preview": "vite preview",
"test:unit": "cross-env NODE_ENV=unittest echo no unit tests",
"pub": "npm publish",
"compile": "tsc --skipLibCheck --watch"
},
"dependencies": {
"@certd/basic": "^1.39.11",
"@certd/basic": "^1.40.5",
"@kubernetes/client-node": "0.21.0"
},
"devDependencies": {
"@types/chai": "^4.3.3",
"@typescript-eslint/eslint-plugin": "^8.26.1",
"@typescript-eslint/parser": "^8.26.1",
"cross-env": "^7.0.3",
"eslint": "^8.24.0",
"eslint-config-prettier": "^8.5.0",
"eslint-plugin-prettier": "^4.2.1",
"esmock": "^2.7.5",
"prettier": "^2.8.8",
"rimraf": "^5.0.5",
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
"gitHead": "7ceb0f6306b8b5e9ab875b9f7c41cc7d56209ea4"
}
@@ -0,0 +1,7 @@
{
"extends": "./tsconfig.json",
"compilerOptions": {
"sourceMap": false,
"inlineSourceMap": false
}
}

Some files were not shown because too many files have changed in this diff Show More