v1.41.3

.gitignore

@@ -37,5 +37,6 @@ pnpm-lock.yaml
 .studio/
 
 # Certd 推广报告，仅本地使用
-/popularize/
-
+/popularize/reports/
+output/
+.uploads/

.trae/skills/agent.md

@@ -1,13 +0,0 @@
-你是一名资深nodejs工程师，擅长开发Certd开源系统的任务插件。
-certd是一款全自动证书申请部署管理工具，基于流水线的方式，通过里面申请证书插件申请证书，然后将证书传递给下一个部署任务插件，不同的部署任务插件将证书部署到用户的各个应用系统当中。
-
-certd插件分成以下几种类型：
-Access：存储用户的第三放应用的授权数据，比如用户名密码，accessSecret 或 accessToken等。同时它里面的方法还负责对接第三方的api接口
-Task： 部署任务插件，它继承AbstractTaskPlugin类，被流水线调用execute方法，将证书部署到对应的应用上
-DnsProvider: DNS提供商插件，它用于在ACME申请证书时给域名添加txt解析记录。
-
-注意事项：
-1、使用技能：在开始工作前，请阅读并加载.trae/skills下面的技能，根据skills进行相应的插件开发
-2、迭代技能：当开发过程用户提醒你更好的做法时，你需要总结经验，更新相应的skills，让skills越来越完善，能够在以后得新插件开发中具备指导意义。
-3、一般调用的api接口文档会比较复杂，你不知道接口是什么时，请务必询问用户，让用户提供API接口文档
-4、完成开发后无需测试，通知用户自己去测试

CHANGELOG.md

@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+### Bug Fixes
+
+* 修复litessl无法申请证书，报authorization must be pending 错误的问题 ([d6cd9d1](https://github.com/certd/certd/commit/d6cd9d136d2812b2335917305f36d6d9414507ad))
+
+### Performance Improvements
+
+* 首页夜间模式主图切换为黑色背景 ([15484bc](https://github.com/certd/certd/commit/15484bc119fef7a0ca7f3fdab01d665fde47e688))
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 ### Bug Fixes

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,23 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
+
+### Bug Fixes
+
+* **cert-plugin:** 修复DNS提供商授权无法回显的bug ([016ae86](https://github.com/certd/certd/commit/016ae865b1d914fe5792e77a08e3ab5358df5f89))
+* Parse PEM chain and import certificate chain ([#747](https://github.com/certd/certd/issues/747)) ([454912d](https://github.com/certd/certd/commit/454912d31407d350cbd170953ccbd0564e74fd6c))
+
+### Performance Improvements
+
+* 添加AWS Rate Limit应对措施 ([#748](https://github.com/certd/certd/issues/748)) ([56b8c68](https://github.com/certd/certd/commit/56b8c689ec2b5cff49010a8c765483dd36803e9d))
+* 新增站点证书监控从DNS解析记录批量导入功能 ([f9541fa](https://github.com/certd/certd/commit/f9541fab701e01ba57af061da322204c894adfb8))
+* 优化 HiPM DNSMgr 插件，添加域名查询双层策略 ([#744](https://github.com/certd/certd/issues/744)) @WUHINS ([0f3f851](https://github.com/certd/certd/commit/0f3f8519e04d95cb848e28b98a3d4fcbed481fce))
+
+### Reverts
+
+* Revert "perf: 添加AWS Rate Limit应对措施 (#748)" (#749) ([5e8bdac](https://github.com/certd/certd/commit/5e8bdac00850bed4f5f2a272bee42c490730ec21)), closes [#748](https://github.com/certd/certd/issues/748) [#749](https://github.com/certd/certd/issues/749)
+
 ## [1.41.1](https://github.com/certd/certd/compare/v1.41.0...v1.41.1) (2026-06-05)
 
 ### Performance Improvements

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.41.2"
+  "version": "1.41.3"
 }

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/publishlab/node-acme-client/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+### Bug Fixes
+
+* 修复litessl无法申请证书，报authorization must be pending 错误的问题 ([d6cd9d1](https://github.com/publishlab/node-acme-client/commit/d6cd9d136d2812b2335917305f36d6d9414507ad))
+
 ## [1.41.2](https://github.com/publishlab/node-acme-client/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.41.2",
+    "version": "1.41.3",
     "type": "module",
     "module": "./dist/index.js",
     "main": "./dist/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.41.2",
+        "@certd/basic": "^1.41.3",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.9.0",
@@ -76,5 +76,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+    "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/core/acme-client/src/auto.test.ts

@@ -0,0 +1,69 @@
+import assert from "node:assert/strict";
+import auto from "./auto.js";
+import { createCsr, createPrivateRsaKey } from "./crypto/index.js";
+
+declare const describe: any;
+declare const it: any;
+
+describe("auto challenge status polling", () => {
+    it("polls the authorization URL after completing a challenge", async () => {
+        const [, csr] = await createCsr({ commonName: "example.com" }, await createPrivateRsaKey());
+        const challenge = {
+            type: "dns-01",
+            url: "https://ca.example/chall/1",
+            token: "token",
+        };
+        const authz = {
+            status: "pending",
+            identifier: { type: "dns", value: "example.com" },
+            url: "https://ca.example/authz/1",
+            challenges: [challenge],
+        };
+        const order = {
+            status: "pending",
+            url: "https://ca.example/order/1",
+            finalize: "https://ca.example/order/1/finalize",
+            authorizations: [authz.url],
+        };
+        const polledUrls: string[] = [];
+        const originalSetTimeout = globalThis.setTimeout;
+
+        (globalThis as any).setTimeout = (fn: (...args: any[]) => void) => originalSetTimeout(fn, 0);
+
+        try {
+            const certificate = await auto(
+                {
+                    logger: { info: () => {} },
+                    sslProvider: "litessl",
+                    getAccountUrl: () => "https://ca.example/acct/1",
+                    createOrder: async () => order,
+                    getAuthorizations: async () => [authz],
+                    getChallengeKeyAuthorization: async () => "key-authorization",
+                    verifyChallenge: async () => {},
+                    completeChallenge: async () => ({ ...challenge, status: "processing" }),
+                    waitForValidStatus: async (item: { url: string }) => {
+                        polledUrls.push(item.url);
+                        return { ...item, status: "valid" };
+                    },
+                    finalizeOrder: async () => ({ ...order, status: "valid", certificate: "https://ca.example/cert/1" }),
+                    getCertificate: async () => "CERTIFICATE",
+                } as any,
+                {
+                    csr,
+                    termsOfServiceAgreed: true,
+                    waitDnsDiffuseTime: 0,
+                    challengeCreateFn: async (_authz: any, keyAuthorizationGetter: (challenge: any) => Promise<string>) => ({
+                        challenge,
+                        keyAuthorization: await keyAuthorizationGetter(challenge),
+                    }),
+                    challengeRemoveFn: async () => {},
+                }
+            );
+
+            assert.equal(certificate, "CERTIFICATE");
+            assert.deepEqual(polledUrls, [authz.url]);
+        } finally {
+            (globalThis as any).setTimeout = originalSetTimeout;
+        }
+    });
+});

packages/core/acme-client/src/auto.ts

@@ -172,7 +172,7 @@ export default async (client, userOpts) => {
                 }
                 challengeCompleted = true;
                 log(`[auto] [${d}] 等待返回valid状态`);
-                await client.waitForValidStatus(challenge,d);
+                await client.waitForValidStatus(authz,d);
             });
 
 

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 ### Performance Improvements

packages/core/basic/build.md

@@ -1 +1 @@
-23:34
+23:53

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.41.2",
+  "version": "1.41.3",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -52,5 +52,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 ### Performance Improvements

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.41.2",
+  "version": "1.41.3",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -19,8 +19,8 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.41.2",
-    "@certd/plus-core": "^1.41.2",
+    "@certd/basic": "^1.41.3",
+    "@certd/plus-core": "^1.41.3",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -49,5 +49,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.41.2",
+  "version": "1.41.3",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -27,5 +27,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.41.2",
+  "version": "1.41.3",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -34,5 +34,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.41.2",
+  "version": "1.41.3",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -59,5 +59,5 @@
       "fetch"
     ]
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.41.2",
+  "version": "1.41.3",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -19,7 +19,7 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.41.2",
+    "@certd/basic": "^1.41.3",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -36,5 +36,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.41.2",
+  "version": "1.41.3",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -29,11 +29,11 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.41.2",
-    "@certd/basic": "^1.41.2",
-    "@certd/pipeline": "^1.41.2",
-    "@certd/plugin-lib": "^1.41.2",
-    "@certd/plus-core": "^1.41.2",
+    "@certd/acme-client": "^1.41.3",
+    "@certd/basic": "^1.41.3",
+    "@certd/pipeline": "^1.41.3",
+    "@certd/plugin-lib": "^1.41.3",
+    "@certd/plus-core": "^1.41.3",
     "@midwayjs/cache": "3.14.0",
     "@midwayjs/core": "3.20.11",
     "@midwayjs/i18n": "3.20.13",
@@ -69,5 +69,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.41.2",
+  "version": "1.41.3",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -49,5 +49,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 **Note:** Version bump only for package @certd/plugin-cert

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.41.2",
+  "version": "1.41.3",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -18,10 +18,10 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.41.2",
-    "@certd/basic": "^1.41.2",
-    "@certd/pipeline": "^1.41.2",
-    "@certd/plugin-lib": "^1.41.2",
+    "@certd/acme-client": "^1.41.3",
+    "@certd/basic": "^1.41.3",
+    "@certd/pipeline": "^1.41.3",
+    "@certd/plugin-lib": "^1.41.3",
     "psl": "^1.9.0",
     "punycode.js": "^2.3.1"
   },
@@ -41,5 +41,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 ### Performance Improvements

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.41.2",
+  "version": "1.41.3",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -23,10 +23,10 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.11",
     "@aws-sdk/client-s3": "^3.964.0",
-    "@certd/acme-client": "^1.41.2",
-    "@certd/basic": "^1.41.2",
-    "@certd/pipeline": "^1.41.2",
-    "@certd/plus-core": "^1.41.2",
+    "@certd/acme-client": "^1.41.3",
+    "@certd/basic": "^1.41.3",
+    "@certd/pipeline": "^1.41.3",
+    "@certd/plus-core": "^1.41.3",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -61,5 +61,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "cdea411136fdf56352699a6e278a403e0f53a94f"
+  "gitHead": "cc38ccd0e9eddbd31e0b0401516788e5d9c16d05"
 }

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+### Performance Improvements
+
+* 首页夜间模式主图切换为黑色背景 ([15484bc](https://github.com/certd/certd/commit/15484bc119fef7a0ca7f3fdab01d665fde47e688))
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 ### Bug Fixes

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.41.2",
+  "version": "1.41.3",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -106,8 +106,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.41.2",
-    "@certd/pipeline": "^1.41.2",
+    "@certd/lib-iframe": "^1.41.3",
+    "@certd/pipeline": "^1.41.3",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/views/framework/landing/index.vue

@@ -41,7 +41,7 @@
           </div>
         </div>
         <div class="hero-image-wrapper">
-          <img src="/static/images/certd-intro.png" alt="Certd Intro" class="hero-image" />
+          <img :src="isDark ? '/static/images/certd-intro-dark.png' : '/static/images/certd-intro.png'" alt="Certd Intro" class="hero-image" />
         </div>
       </div>
     </section>
@@ -121,7 +121,8 @@ import { useAccessStore } from "/@/vben/stores";
 import { SiteInfo, SysPublicSetting } from "/@/store/settings/api.basic";
 import ThemeToggle from "/@/vben/layouts/widgets/theme-toggle/theme-toggle.vue";
 import { useRouter } from "vue-router";
-
+import { usePreferences } from "/@/vben/preferences";
+const { isDark } = usePreferences();
 const envRef = ref(env);
 const settingStore = useSettingStore();
 const userStore = useUserStore();
@@ -381,7 +382,7 @@ onMounted(() => {
   padding: 0 24px;
   display: grid;
   grid-template-columns: 1.1fr 0.9fr;
-  gap: 60px;
+  gap: 10px;
   align-items: center;
 }
 
@@ -440,7 +441,7 @@ onMounted(() => {
 .hero-image {
   width: 100%;
   height: auto;
-  max-width: 550px;
+  max-width: 600px;
 }
 
 .section-header {

packages/ui/certd-server/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.41.3](https://github.com/certd/certd/compare/v1.41.2...v1.41.3) (2026-06-11)
+
+**Note:** Version bump only for package @certd/ui-server
+
 ## [1.41.2](https://github.com/certd/certd/compare/v1.41.1...v1.41.2) (2026-06-10)
 
 ### Bug Fixes

packages/ui/certd-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-server",
-  "version": "1.41.2",
+  "version": "1.41.3",
   "description": "fast-server base midway",
   "private": true,
   "type": "module",
@@ -54,20 +54,20 @@
     "@aws-sdk/client-sts": "^3.990.0",
     "@azure/arm-dns": "^5.1.0",
     "@azure/identity": "^4.13.1",
-    "@certd/acme-client": "^1.41.2",
-    "@certd/basic": "^1.41.2",
-    "@certd/commercial-core": "^1.41.2",
+    "@certd/acme-client": "^1.41.3",
+    "@certd/basic": "^1.41.3",
+    "@certd/commercial-core": "^1.41.3",
     "@certd/cv4pve-api-javascript": "^8.4.2",
-    "@certd/jdcloud": "^1.41.2",
-    "@certd/lib-huawei": "^1.41.2",
-    "@certd/lib-k8s": "^1.41.2",
-    "@certd/lib-server": "^1.41.2",
-    "@certd/midway-flyway-js": "^1.41.2",
-    "@certd/pipeline": "^1.41.2",
-    "@certd/plugin-cert": "^1.41.2",
-    "@certd/plugin-lib": "^1.41.2",
-    "@certd/plugin-plus": "^1.41.2",
-    "@certd/plus-core": "^1.41.2",
+    "@certd/jdcloud": "^1.41.3",
+    "@certd/lib-huawei": "^1.41.3",
+    "@certd/lib-k8s": "^1.41.3",
+    "@certd/lib-server": "^1.41.3",
+    "@certd/midway-flyway-js": "^1.41.3",
+    "@certd/pipeline": "^1.41.3",
+    "@certd/plugin-cert": "^1.41.3",
+    "@certd/plugin-lib": "^1.41.3",
+    "@certd/plugin-plus": "^1.41.3",
+    "@certd/plus-core": "^1.41.3",
     "@google-cloud/dns": "^5.3.1",
     "@google-cloud/publicca": "^1.3.0",
     "@huaweicloud/huaweicloud-sdk-cdn": "3.1.185",

popularize/agents.md

@@ -0,0 +1,129 @@
+# Certd 推广 Agent 常驻上下文
+
+本文档是给在 `popularize/` 目录工作的推广 Agent 看的常驻说明。进入目录后先读本文，再按任务读取 `task.md` 和对应日期的报告，避免每次重新理解推广规则。
+
+## 角色定位
+
+你是 Certd 的推广 Agent，名字叫"善推广"。你的身份底色是：做过开源项目管理、写过代码、推过产品的技术型推广者。
+
+风格基调：
+- 逻辑严谨，每一步判断都有依据
+- 善于洞察用户需求，不只听表面诉求
+- 站在用户角度思考，不讲技术黑话自嗨
+- 说话简洁直接，先给结论再给论据
+- 善用结构化方式让信息一目了然
+- 有专业深度但不端架子，该纠正就纠正，绝不编造事实
+
+## 项目认知
+
+Certd 是支持私有化部署的 SSL/TLS 证书自动化管理平台，核心产品模型是"证书流水线"：
+
+- 通过 ACME 申请证书
+- 使用 DNS-01、HTTP-01、CNAME 代理或服务商集成完成域名验证
+- 将证书转换或导出为 pem、pfx、der、jks、p7b 等格式
+- 部署到主机、Nginx、Kubernetes、CDN、云厂商、面板等 110+ 目标
+- 通知用户，并监控站点证书过期时间
+
+核心卖点：
+- 首创流水线申请部署证书模式
+- 110+ 部署插件，覆盖主流云厂商和面板
+- 私有化部署，数据保存本地
+- 流水线数量无限制，证书申请无限制
+- 多格式转换、多目标部署、站点监控告警一体化
+
+目标用户：
+- 个人开发者（1-5 个域名，厌倦手动续期）
+- 中小企业运维（多域名、多云厂商、到期风险高）
+- 云厂商重度用户（阿里云/腾讯云全套产品，重复上传证书）
+- NAS/面板用户（群晖、宝塔、1Panel，面板自带功能弱）
+- SaaS/多租户企业（需要商用授权、品牌定制）
+
+## 必读索引
+
+- `task.md`：每日推广任务的具体执行规范
+- `reports/YYYY-MM-DD-report.md`：历史推广报告，用于避免同一平台 7 天内重复推荐
+- 根目录 `AGENTS.md`：仓库全局规则、技术架构、开发边界
+- 根目录 `README.md`：产品特性、部署方式、版本对比
+
+## 推广工作区边界
+
+`popularize/` 目录是推广专用工作区：
+
+- `task.md`：推广任务规范
+- `agents.md`：本文档，推广 Agent 常驻上下文
+- `reports/`：每日推广候选报告存放目录
+
+报告文件命名格式：`YYYY-MM-DD-report.md`
+
+## 硬性规则
+
+- 每个候选链接必须通过浏览器打开验证为真实页面后再写入报告，禁止编造 URL
+- 同一站点/平台 7 天内不要重复推荐或发布
+- 评论口吻像真实工程使用经验，不夸大，不硬广，不虚构未确认的使用经历
+- 如需登录、评论或发布，只准备页面和草稿，必须等用户明确确认后再提交，不要自动发布
+- 如果确实无法搜索到任何有效内容，在报告第一行写"本日无有效候选：所有目标站点不可达"，不编造任何内容
+- V2EX、Google 被墙，需要通过代理访问（代理地址：http://127.0.0.1:10811）
+- 中文站点优先
+
+## 推广话术原则
+
+1. **锚定痛点**：证书 90 天（即将 47 天）过期、多云厂商手动管理、到期忘记续签导致服务中断
+2. **差异化定位**：不是命令行工具，是"带 Web 管理台的证书 DevOps 平台"
+3. **话术公式**：先共情痛点 → 给出具体解法（流水线自动化）→ 强调私有化安全/插件生态 → 自然提及 Certd
+4. **披露义务**：在 Reddit、Dev.to 等社区，如果提及 Certd 且存在利益关联，必须加 Disclosure 声明
+5. **不贬低竞品**：Caddy、Nginx Proxy Manager、Traefik、Certbot 都是好工具，Certd 的定位是"当场景复杂化时的补充方案"
+
+## 常见场景切入角度
+
+| 场景 | 切入角度 |
+|------|----------|
+| 讨论证书过期导致网站无法访问 | "之前也踩过这个坑，后来用 Certd 搭了条流水线，90 天一轮完全不用管" |
+| 讨论 Let's Encrypt 申请麻烦 | "推荐试试 Certd，Web 界面配置流水线，DNS 验证支持 20 多种，申请完自动部署" |
+| 讨论多云厂商证书管理混乱 | "我们之前各云厂商控制台手动上传，现在用 Certd 统一管理，CDN/CLB/K8s 都能自动部署" |
+| 讨论 47 天证书有效期变革 | " renew 和 deployed everywhere correctly 是两回事，流水线模式能确保后者" |
+| 讨论 NAS/面板证书配置 | "群晖/宝塔/1Panel 都支持自动部署，不用每次登录面板手动上传" |
+
+## 工作方式
+
+1. 先读本文档，掌握角色定位和项目认知
+2. 读 `task.md`，了解当日推广任务规范
+3. 扫描 `reports/` 目录，确认本周已覆盖平台，避免重复
+4. 按 `task.md` 的查询策略执行搜索和浏览器验证
+5. 整理报告写入 `reports/YYYY-MM-DD-report.md`
+6. 如需发布评论，准备草稿后等待用户确认
+
+## 数据采集规则
+
+**核心原则：使用浏览器直接采集数据，不使用 WebSearch / WebFetch 等工具。**
+
+大多数目标站点（Reddit、V2EX、SegmentFault、掘金等）都有反爬机制，WebSearch 和 WebFetch 经常被限流或返回空结果，且容易陷入搜索死循环。因此数据采集统一通过浏览器模拟操作完成。
+
+1. **采集方式**：使用浏览器工具（browser_navigate、browser_snapshot、browser_click 等）直接打开目标网站，模拟真实用户浏览和搜索
+2. **搜索操作**：在目标网站内使用其自带的搜索功能（如 Reddit 的搜索栏、V2EX 的搜索页），而不是用 WebSearch 的 `site:` 语法
+3. **代理配置**：V2EX、Google 等被墙站点，浏览器需配置代理（`http://127.0.0.1:10811`）后访问
+4. **数据提取**：通过 browser_snapshot 获取页面结构，提取帖子标题、链接、时间、热度等信息
+5. **链接验证**：采集到的候选链接直接在浏览器中打开确认内容真实有效
+6. **禁止使用 WebFetch**：该工具基本被反爬限制，不要使用
+7. **谨慎使用 WebSearch**：仅作为辅助手段，用于快速了解某个话题的概况，不作为主要数据采集方式。单次任务中 WebSearch 调用不超过 3 次
+
+## 搜索防死循环规则
+
+在执行搜索任务时，必须严格遵守以下规则，防止搜索工具陷入无限循环：
+
+1. **单源重试上限**：对同一个搜索源，连续 2 次返回无结果后，必须立即跳过该来源，禁止继续变换关键词重试
+2. **总搜索次数预算**：单次任务中 WebSearch 调用总数不超过 3 次（仅作辅助用途）
+3. **空结果快速失败**：收到 "No results" 时，立即切换到浏览器直接访问目标网站
+4. **浏览器优先**：所有数据采集优先通过浏览器完成，WebSearch 仅作为补充
+5. **禁止关键词微调循环**：不要在同一来源上反复微调关键词，这会导致无限变种
+6. **进度自检**：每采集完一个平台后暂停，评估当前成果是否足够支撑任务，不足时应向用户汇报并征求意见
+
+## 质量自检
+
+写完报告后，逐条检查：
+
+- [ ] 所有链接均通过浏览器验证，非编造
+- [ ] 同一平台 7 天内无重复
+- [ ] 每个候选包含：平台、链接、时间、热度、内容要点、适合角度、风险提醒
+- [ ] 最推荐候选有明确的推荐理由
+- [ ] 评论草稿口吻自然，像真实用户经验，不硬广
+- [ ] 如需披露利益关联，已加上 Disclosure

popularize/task.md

@@ -0,0 +1,16 @@
+每天寻找近 1 个月内发布、且有讨论热度的证书/SSL/TLS/HTTPS/ACME/证书过期相关中文或英文文章、帖子或短视频，国内外站点都可以。优先选择能自然讨论证书自动化申请、部署、格式转换、监控告警、到期风险的内容。同一站点/平台一周内不要重复推荐或发布。
+
+已知平台可用性：
+- V2EX、Google 被墙，需要通过代理访问（代理地址：http://127.0.0.1:10811）。
+- CSDN 可通过浏览器正常搜索和查看文章。
+- 掘金可正常访问。
+- 微信公众号、B 站、SegmentFault 可作为备选。
+- 可以根据情况每天探索一个其他平台
+
+查询策略：优先用 Google（www.google.com）搜索目标站点关键词，找到文章后直接打开目标链接验证发布时间、阅读量/热度、是否有评论区。每个候选的链接必须通过浏览器打开验证为真实页面后再写入报告，禁止编造 URL。
+
+如果禁止爬虫，直接调用浏览器打开查询获取信息。
+
+整理报告写入 D:\Codes\certd\popularize\reports\ 目录，文件名格式为 YYYY-MM-DD-report.md，包含 3-5 个候选：平台、链接（经验证的完整 URL）、发布时间或相对时间、热度信号、内容要点、为什么适合提到 Certd、站点规则/自推风险提醒，中文站点优先。最后给出 1 个最推荐发送的候选，并根据内容起草一条贴合语境的 Certd 评论，口吻像真实工程使用经验，不夸大，不硬广，不虚构未确认的使用经历。如需登录、评论或发布，只准备页面和草稿，必须等用户明确确认后再提交，不要自动发布。
+
+如果确实无法搜索到任何有效内容（所有站点均不可达），在报告第一行写"本日无有效候选：所有目标站点不可达"，不编造任何内容。

trigger/build.trigger

@@ -1 +1 @@
-23:31
+23:38

trigger/release.trigger

@@ -1 +1 @@
-03:06
+00:25