v1.39.8

https://github.com/certd/certd/issues/693

.github/workflows/build-image.yml

@@ -4,7 +4,7 @@ on:
     branches: ['v2-dev']
     paths:
       - "trigger/build.trigger"
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -21,7 +21,7 @@ jobs:
         with:
           fetch-depth: 0
           lfs: true
-
+          ref: 'v2-dev'
       - name: get_certd_version
         id: get_certd_version
         uses: actions/github-script@v6

.github/workflows/deploy-demo.yml

@@ -8,6 +8,8 @@ on:
     workflows: [ "build-image" ]
     types:
       - completed
+  workflow_dispatch:    # 添加手动触发
+
 
 
 #  schedule:
@@ -26,6 +28,7 @@ jobs:
         with:
           fetch-depth: 0
           ref: v2-dev
+          
       - name: get_certd_version
         id: get_certd_version
         uses: actions/github-script@v6
@@ -43,7 +46,7 @@ jobs:
         with:
           time: '10' # for 60 seconds
       - name: deploy-certd-demo
-        uses: tyrrrz/action-http-request@master
+        uses: tyrrrz/action-http-request@prime
         with:
           # 通过webhook 触发 certd-demo来部署
           url: ${{ secrets.WEBHOOK_CERTD_DEMO }}

.github/workflows/publish-atom.yaml

@@ -8,7 +8,7 @@ on:
     workflows: [ "build-image-for-release" ]
     types:
       - completed
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -19,13 +19,17 @@ permissions:
 jobs:
   publish-atomgit:
     runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
+      github.event_name == 'workflow_dispatch' || 
+      (github.event.workflow_run.conclusion == 'success')
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
           lfs: true
+          ref: 'v2-dev'
+
       - name: get_certd_version
         id: get_certd_version
         uses: actions/github-script@v6

.github/workflows/publish-gitee.yaml

@@ -8,7 +8,7 @@ on:
     workflows: [ "build-image-for-release" ]
     types:
       - completed
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -19,13 +19,16 @@ permissions:
 jobs:
   publish-gitee:
     runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
+      github.event_name == 'workflow_dispatch' || 
+      (github.event.workflow_run.conclusion == 'success')
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
           lfs: true
+          ref: 'v2-dev'
             
       - name: publish_to_gitee
         id: publish_to_gitee

.github/workflows/publish-github.yaml

@@ -8,7 +8,7 @@ on:
     workflows: [ "build-image-for-release" ]
     types:
       - completed
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -19,13 +19,16 @@ permissions:
 jobs:
   publish-github:
     runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
+      github.event_name == 'workflow_dispatch' || 
+      (github.event.workflow_run.conclusion == 'success')
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
           lfs: true
+          ref: 'v2-dev'
             
       - name: publish_to_github
         id: publish_to_github

.github/workflows/release-image.yml

@@ -4,6 +4,7 @@ on:
     branches: ['v2-dev']
     paths:
       - "trigger/release.trigger"
+  workflow_dispatch:    # 添加手动触发
 #  workflow_run:
 #    workflows: [ "deploy-demo" ]
 #    types:
@@ -25,6 +26,7 @@ jobs:
         with:
           fetch-depth: 0
           lfs: true
+          ref: 'v2-dev'
 
       - name: get_certd_version
         id: get_certd_version
@@ -118,7 +120,7 @@ jobs:
 #            greper/certd-agent:latest
 #            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
       - name: deploy-certd-doc
-        uses: tyrrrz/action-http-request@master
+        uses: tyrrrz/action-http-request@prime
         with:
           url: ${{ secrets.WEBHOOK_CERTD_DOC }}
           method: POST

.github/workflows/sync-to-atomgit-dev.yml

@@ -17,6 +17,7 @@ jobs:
         with:
           fetch-depth: 0
           lfs: true
+          ref: v2-dev
       - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
         run: |
           git config --global user.name "xiaojunnuo"

.github/workflows/sync-to-atomgit.yml

@@ -17,6 +17,7 @@ jobs:
         with:
           fetch-depth: 0
           lfs: true
+          ref: v2
       - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
         run: |
           git config --global user.name "xiaojunnuo"

.github/workflows/sync-to-cnb-dev.yml

@@ -0,0 +1,35 @@
+name: sync-to-cnb-dev
+on:
+  push:
+    branches: ['v2-dev']
+#  schedule:
+#    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
+#    - cron: '17 19 * * *'
+permissions:
+  contents: read
+
+jobs:
+  sync:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          lfs: true
+          ref: v2-dev
+      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
+        run: |
+          git config --global user.name "xiaojunnuo"
+          git config --global user.email "xiaojunnuo@qq.com"
+
+      - name: Set git token                 # 3. 给git命令设置token，用于push到目标仓库
+        uses: de-vri-es/setup-git-credentials@v2
+        with:                              # token 格式为： username:password
+          credentials: https://cnb:${{secrets.CNB_TOKEN}}@cnb.cool
+
+      - name: push to cnb               # 4. 执行同步
+        run: |
+          git remote add upstream https://cnb.cool/certd/certd.git
+          git push --set-upstream upstream v2-dev
+

.github/workflows/sync-to-cnb.yml

@@ -0,0 +1,34 @@
+name: sync-to-cnb
+on:
+  push:
+    branches: ['v2']
+#  schedule:
+#    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
+#    - cron: '17 19 * * *'
+permissions:
+  contents: read
+
+jobs:
+  sync:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          lfs: true
+      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
+        run: |
+          git config --global user.name "xiaojunnuo"
+          git config --global user.email "xiaojunnuo@qq.com"
+
+      - name: Set git token                 # 3. 给git命令设置token，用于push到目标仓库
+        uses: de-vri-es/setup-git-credentials@v2
+        with:                              # token 格式为： username:password
+          credentials: https://cnb:${{secrets.CNB_TOKEN}}@cnb.cool
+
+      - name: push to cnb               # 4. 执行同步
+        run: |
+          git remote add upstream https://cnb.cool/certd/certd.git
+          git push --set-upstream upstream v2
+

.github/workflows/sync-to-gitee-dev.yml

@@ -17,6 +17,7 @@ jobs:
         with:
           fetch-depth: 0
           lfs: true
+          ref: v2-dev
       - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
         run: |
           git config --global user.name "xiaojunnuo"

.trae/skills/access-plugin-dev/SKILL.md

@@ -65,6 +65,20 @@ demoKeyId = '';
   encrypt: true, //该属性是否需要加密
 })
 demoKeySecret = '';
+
+
+
+@AccessInput({
+  title: '另外一个授权Id',//标题
+  component: {
+    name:"access-selector", //access选择组件
+    vModel:"modelValue",
+    type: "ssh", // access类型，让用户固定选择这种类型的access
+  },
+  required: true,  //text组件可以省略
+})
+otherAccessId;
+
 ```
 
 ### 4. 实现测试方法
@@ -93,7 +107,7 @@ async onTestRequest() {
 
 ```typescript
 /**
- * 获api接口示例 取域名列表，
+ * api接口示例 获取域名列表，
  */
 async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
   //输出日志必须使用ctx.logger

.trae/skills/agent.md

@@ -0,0 +1,14 @@
+你是一名资深nodejs工程师，擅长开发Certd开源系统的任务插件。
+certd是一款全自动证书申请部署管理工具，基于流水线的方式，通过里面申请证书插件申请证书，然后将证书传递给下一个部署任务插件，不同的部署任务插件将证书部署到用户的各个应用系统当中。
+
+certd插件分成以下几种类型：
+Access：存储用户的第三放应用的授权数据，比如用户名密码，accessSecret 或 accessToken等。同时它里面的方法还负责对接第三方的api接口
+Task： 部署任务插件，它继承AbstractTaskPlugin类，被流水线调用execute方法，将证书部署到对应的应用上
+DnsProvider: DNS提供商插件，它用于在ACME申请证书时给域名添加txt解析记录。
+
+在开始工作前，请阅读并加载.trae/skills下面的技能，根据skills进行相应的插件开发
+当开发过程中遇到问题，需要参考plugins目录下的其他插件，或者用户提醒你更好的做法时，你需要总结经验，更新相应的skills，让skills越来越完善，能够在以后得新插件开发中具备指导意义。
+
+一般调用的api接口文档会比较复杂，你不知道接口是什么时，请务必询问用户，让用户提供API接口文档
+
+完成开发后无需测试，通知用户自己去测试

.trae/skills/plugin-converter/SKILL.md

@@ -2,7 +2,7 @@
 
 ## 什么是插件转换工具
 
-插件转换工具是一个用于将 Certd 插件转换为 YAML 配置文件的命令行工具。它可以分析单个插件文件，识别插件类型，并生成对应的 YAML 配置，方便插件的注册和管理。
+插件转换工具是一个用于将 Certd 插件转换为 YAML 配置文件的命令行工具。它可以分析单个插件文件，识别插件类型，并生成对应的 YAML 配置，可以让插件分发和在线注册。
 
 ## 工具位置
 

.trae/skills/task-plugin-dev/SKILL.md

@@ -80,7 +80,8 @@ certDomains!: string[];
   helper: 'demoAccess授权',
   component: {
     name: 'access-selector',
-    type: 'demo', // 固定授权类型
+    vModel:"modelValue",
+    type: "demo", // access类型，让用户固定选择这种类型的access
   },
   // rules: [{ required: true, message: '此项必填' }],
   // required: true, // 必填
@@ -88,16 +89,55 @@ certDomains!: string[];
 accessId!: string;
 ```
 
-### 4. 实现插件方法
+### 4. 动态显隐配置（mergeScript）
 
-#### 4.1 插件实例化时执行的方法
+使用 `mergeScript` 可以实现根据其他输入值动态控制当前输入项的显隐状态。
+
+```typescript
+@TaskInput({
+  title: '匹配模式',
+  component: {
+    name: 'select',
+    options: [
+      { label: '手动选择', value: 'manual' },
+      { label: '根据证书匹配', value: 'auto' },
+    ],
+  },
+  default: 'manual',
+})
+domainMatchMode!: 'manual' | 'auto';
+
+@TaskInput(
+  createRemoteSelectInputDefine({
+    title: 'DCDN加速域名',
+    helper: '你在阿里云上配置的DCDN加速域名',
+    action: DeployCertToAliyunDCDN.prototype.onGetDomainList.name,
+    watches: ['certDomains', 'accessId'],
+    required: true,
+    mergeScript: `
+      return {
+        show: ctx.compute(({form})=>{
+          return domainMatchMode === "manual"
+        })
+      }
+    `,
+  })
+)
+domainName!: string | string[];
+```
+
+`mergeScript` 中的 `ctx.compute` 函数接收一个回调函数，通过 `form` 参数可以访问表单中的其他字段值。
+
+### 5. 实现插件方法
+
+#### 5.1 插件实例化时执行的方法
 
 ```typescript
 // 插件实例化时执行的方法
 async onInstance() {}
 ```
 
-#### 4.2 插件执行方法
+#### 5.2 插件执行方法
 
 ```typescript
 // 插件执行方法
@@ -129,7 +169,9 @@ async execute(): Promise<void> {
 }
 ```
 
-#### 4.3 后端获取选项方法
+#### 5.3 后端获取选项方法
+
+使用 `createRemoteSelectInputDefine` 创建远程选择输入项，`action` 指向的方法接收 `PageSearch` 参数并返回 `{ list, total }` 格式。
 
 ```typescript
 @TaskInput(
@@ -144,8 +186,8 @@ async execute(): Promise<void> {
 )
 siteName!: string | string[];
 
-// 从后端获取选项的方法
-async onGetSiteList(req: PageSearch) {
+// 从后端获取选项的方法，接收PageSearch参数
+async onGetSiteList(data: PageSearch) {
   if (!this.accessId) {
     throw new Error('请选择Access授权');
   }
@@ -153,7 +195,7 @@ async onGetSiteList(req: PageSearch) {
   // @ts-ignore
   const access = await this.getAccess(this.accessId);
 
-  // const siteRes = await access.GetDomainList(req);
+  // const siteRes = await access.GetDomainList(data);
   // 以下是模拟数据
   const siteRes = [
     { id: 1, siteName: 'site1.com' },
@@ -168,8 +210,12 @@ async onGetSiteList(req: PageSearch) {
       domain: item.siteName,
     };
   });
-  // 将站点域名名称根据证书域名进行匹配分组，分成匹配的和不匹配的两组选项，返回给前端，供用户选择
-  return optionsUtils.buildGroupOptions(options, this.certDomains);
+  
+  // 返回{list, total}格式
+  return {
+    list: optionsUtils.buildGroupOptions(options, this.certDomains),
+    total: siteRes.length,
+  };
 }
 ```
 
@@ -382,7 +428,10 @@ export class DemoTest extends AbstractTaskPlugin {
       };
     });
     //将站点域名名称根据证书域名进行匹配分组，分成匹配的和不匹配的两组选项，返回给前端，供用户选择
-    return optionsUtils.buildGroupOptions(options, this.certDomains);
+    return {
+      list: optionsUtils.buildGroupOptions(options, this.certDomains),
+      total: siteRes.length,
+    };
   }
 }
 ```

.vscode/launch.json

@@ -79,5 +79,15 @@
                 "PLUS_SERVER_BASE_URL": "http://127.0.0.1:11007"
             }
         }
+    ],
+    "compounds": [
+        {
+            "name": "all",
+            "configurations": [
+                "server",
+                "client",
+            ],
+            "stopAll": false
+        },
     ]
 }

CHANGELOG.md

@@ -3,6 +3,138 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+### Bug Fixes
+
+* 修复某些情况下报没有匹配到任何校验方式的bug ([fe02ce7](https://github.com/certd/certd/commit/fe02ce7b64cf23c4dc4c30daccd5330059a35e9a))
+* 修复上传头像退出登录的bug ([6eb20a1](https://github.com/certd/certd/commit/6eb20a1f2e31d984d9135edbf39c97cdd15621f9))
+
+### Performance Improvements
+
+* 阿里云CDN部署支持根据证书域名自动匹配部署 ([a68301e](https://github.com/certd/certd/commit/a68301e4dcea8b7391ad751aa57555d566297ad9))
+* 阿里云dcdn支持根据证书域名匹配模式 ([df012de](https://github.com/certd/certd/commit/df012dec90590ecba85a69ed6355cfa8382c1da3))
+* 支持部署证书到百度CCE ([a19ea74](https://github.com/certd/certd/commit/a19ea7489c01cdbf795fb51f804bd6d00389f604))
+* dcdn自动匹配部署，支持新增域名感知 ([c6a988b](https://github.com/certd/certd/commit/c6a988bc925886bd7163c1270f2b7a10a57b1c5b))
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+### Bug Fixes
+
+* 修复cname校验报该授权无权限的bug ([b1eb706](https://github.com/certd/certd/commit/b1eb7069258d6ff2b128091911fa448eaffc5f33))
+
+### Performance Improvements
+
+* 支持部署到火山云tos自定义域名证书 ([af6deb9](https://github.com/certd/certd/commit/af6deb99cd24a69a189b1fdd1df51c8f7816dcda))
+* 支持部署证书到火山引擎vod ([f91d591](https://github.com/certd/certd/commit/f91d591b03c50166d9fa352ba11c62d963869aa5))
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+### Bug Fixes
+
+* 修复模版id不正确导致修改到错误的模版流水线bug ([b1ff163](https://github.com/certd/certd/commit/b1ff163a2828b205297408d5aed21cf1eff335e8))
+* 修复批量执行按钮无效的bug ([49703f0](https://github.com/certd/certd/commit/49703f08e55b303851086d9f36aca562d7999be6))
+* remote-select默认pageSize设置为50，阿里云WAF不支持pageSize100 ([285532d](https://github.com/certd/certd/commit/285532d4318b90d0d7f8154f070274c0a0ec0269))
+
+### Performance Improvements
+
+* 火山引擎部署alb证书插件支持部署扩展证书以及删除已过期扩展证书 ([ffd2e81](https://github.com/certd/certd/commit/ffd2e8149e3a06bf3eec456ff85dbed793af9e90))
+* 企业模式下面增加个人数据迁移的引导 ([431afd6](https://github.com/certd/certd/commit/431afd618f547cecf9a29433f46d4367619e2ecf))
+* 新增阿里云证书清理插件 ([4b7eeaa](https://github.com/certd/certd/commit/4b7eeaa6e0a14d2e461c7c473a920a0966b1fe8e))
+* 优化远程数据选择框，选择数据时不刷新闪烁 ([7f6a8bc](https://github.com/certd/certd/commit/7f6a8bc87e364685defe7f039264b2de064806c5))
+* 支持复制粘贴任务步骤 ([acc2df2](https://github.com/certd/certd/commit/acc2df29def017fb8165f931b41ef95414966afc))
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+### Bug Fixes
+
+* 修复修改分组报错的bug ([224db7d](https://github.com/certd/certd/commit/224db7da57dbdddf25bcac7faa0a29eb228c5a33))
+
+### Performance Improvements
+
+* 移除passkey的counter递增校验 ([68b669d](https://github.com/certd/certd/commit/68b669d3ff3e13b931939093320ce7237bb02b1b))
+* passkey 支持Bitwarden ([29f44c6](https://github.com/certd/certd/commit/29f44c67c808bed9ff1c9d4884d39a1a62d043a7))
+* passkey登录放到下方其他登录位置 ([1413e1a](https://github.com/certd/certd/commit/1413e1aff4aabcfd471716338c210fbcfd76c8f9))
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+### Bug Fixes
+
+* 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
+* 修复查看证书详情页面错位的bug ([7f37df4](https://github.com/certd/certd/commit/7f37df42274e657892d92e868ceac67e139f3bf2))
+* 修复选择插件页面无法滚动的bug ([d8425bc](https://github.com/certd/certd/commit/d8425bc9c5ee81bb669706c6de6bad69d7c38d8e))
+
+### Performance Improvements
+
+* 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+### Bug Fixes
+
+* 修复多选框只能单选的bug ([12700e1](https://github.com/certd/certd/commit/12700e1754319513ac02822ff1588d63420b964e))
+* 修复旧版1panel插件 报sslIds is not iterable的错误 ([50db6f0](https://github.com/certd/certd/commit/50db6f0765e7ec9a5698cd99540d90e188634fb1))
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复当证书更新后第一次站点检查会报与主站证书过期时间不一致错误的bug ([dd999b6](https://github.com/certd/certd/commit/dd999b60a4fe3507ff5e0109d637b4e891b28bdd))
+* 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
+* 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
+* 修复提示支付失败的bug ([12fed34](https://github.com/certd/certd/commit/12fed34e109f3254de664813954081a52513bd38))
+* 修复修改项目名称后，没有同步刷新的bug ([3abee72](https://github.com/certd/certd/commit/3abee72fee286864b665033b23b172ef0ea92d83))
+* cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
+
+### Performance Improvements
+
+* 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
+* 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
+* 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
+* 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
+* 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
+* 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
+* dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+### Bug Fixes
+
+* 修复企业管理模式下，切换用户登录后，丢失项目列表的bug ([d23c8b4](https://github.com/certd/certd/commit/d23c8b4a2a5f5ab17822c6ee1d4108ac7280b9d1))
+
+### Performance Improvements
+
+* 支持迁移个人数据到企业项目中 ([c6ca832](https://github.com/certd/certd/commit/c6ca83273779ed84de1b23b5e477063af043d015))
+* install tip ([853fdc7](https://github.com/certd/certd/commit/853fdc70a263b62d75c9ff3970607e6bf1c1593b))
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+### Bug Fixes
+
+* 修复部署到openwrt错误的bug ([2e3d0cc](https://github.com/certd/certd/commit/2e3d0cc57c16c48ad435bc8fde729bacaedde9f5))
+* 修复发件邮箱无法输入的bug ([27b0348](https://github.com/certd/certd/commit/27b0348e1d3d752f418f851965d6afbc26c0160c))
+* 修复复制流水线保存后丢失分组和排序号的问题 ([bc32648](https://github.com/certd/certd/commit/bc326489abc1d50a0930b4f47aa2d62d3a486798))
+* 修复获取群辉deviceid报错的bug ([79be392](https://github.com/certd/certd/commit/79be392775a2c91848dd5a66a2618adc4e4b48f6))
+* 修复京东云域名申请证书报错的bug ([d9c0130](https://github.com/certd/certd/commit/d9c0130b59997144a3c274d456635b800135e43f))
+* 修复偶尔下载证书报未授权的错误 ([316537e](https://github.com/certd/certd/commit/316537eb4dcbe5ec57784e8bf95ee3cdfd21dce7))
+* 修复dcdn多个域名同时部署时 可能会出现证书名称重复的bug ([78c2ced](https://github.com/certd/certd/commit/78c2ced43b1a73d142b0ed783b162b97f545ab06))
+* 优化dcdn部署上传多次证书 偶尔报 The CertName already exists的问题 ([72f850f](https://github.com/certd/certd/commit/72f850f675b500d12ebff2338d1b99d6fab476e1))
+* **cert-plugin:** 优化又拍云客户端错误处理逻辑，当域名已绑定证书时不再抛出异常。 ([92c9ac3](https://github.com/certd/certd/commit/92c9ac382692e6c84140ff787759ab6d39ccbe96))
+* esxi部署失败的bug ([1e44115](https://github.com/certd/certd/commit/1e441154617e6516a9a3610412bf597128c62696))
+
+### Features
+
+* 支持企业级管理模式，项目管理，细分权限 ([3734083](https://github.com/certd/certd/commit/37340838b6a61a94b86bfa13cf5da88b26f1315a))
+
+### Performance Improvements
+
+* 【破坏性更新】错误返回信息msg字段名统一改成message，与成功的返回结构一致 ([51ab6d6](https://github.com/certd/certd/commit/51ab6d6da1bb551b55b3a6a4a9a945c8d6ace806))
+* 当域名管理中没有域名时，创建流水线时不展开域名选择框 ([bb0afe1](https://github.com/certd/certd/commit/bb0afe1fa7b0fc52fde051d24fbe6be69d52f4cc))
+* 任务步骤页面增加串行执行提示说明 ([787f6ef](https://github.com/certd/certd/commit/787f6ef52893d8dc912ee2a7a5b8ce2b73c108c9))
+* 站点监控支持指定ip地址检查 ([83d81b6](https://github.com/certd/certd/commit/83d81b64b3adb375366039e07c87d1ad79121c13))
+* AI开发插件 skills 定义初步 ([1f68fad](https://github.com/certd/certd/commit/1f68faddb97a978c5a5e731a8895b4bb0587ad83))
+* http请求增加建立连接超时配置 ([3c85602](https://github.com/certd/certd/commit/3c85602ab1fc1953cdc06a6cd75a971d14119179))
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 ### Bug Fixes

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,124 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+### Bug Fixes
+
+* 修复cname校验报该授权无权限的bug ([b1eb706](https://github.com/certd/certd/commit/b1eb7069258d6ff2b128091911fa448eaffc5f33))
+
+### Performance Improvements
+
+* 支持部署到火山云tos自定义域名证书 ([af6deb9](https://github.com/certd/certd/commit/af6deb99cd24a69a189b1fdd1df51c8f7816dcda))
+* 支持部署证书到火山引擎vod ([f91d591](https://github.com/certd/certd/commit/f91d591b03c50166d9fa352ba11c62d963869aa5))
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+### Bug Fixes
+
+* 修复模版id不正确导致修改到错误的模版流水线bug ([b1ff163](https://github.com/certd/certd/commit/b1ff163a2828b205297408d5aed21cf1eff335e8))
+* 修复批量执行按钮无效的bug ([49703f0](https://github.com/certd/certd/commit/49703f08e55b303851086d9f36aca562d7999be6))
+* remote-select默认pageSize设置为50，阿里云WAF不支持pageSize100 ([285532d](https://github.com/certd/certd/commit/285532d4318b90d0d7f8154f070274c0a0ec0269))
+
+### Performance Improvements
+
+* 火山引擎部署alb证书插件支持部署扩展证书以及删除已过期扩展证书 ([ffd2e81](https://github.com/certd/certd/commit/ffd2e8149e3a06bf3eec456ff85dbed793af9e90))
+* 企业模式下面增加个人数据迁移的引导 ([431afd6](https://github.com/certd/certd/commit/431afd618f547cecf9a29433f46d4367619e2ecf))
+* 新增阿里云证书清理插件 ([4b7eeaa](https://github.com/certd/certd/commit/4b7eeaa6e0a14d2e461c7c473a920a0966b1fe8e))
+* 优化远程数据选择框，选择数据时不刷新闪烁 ([7f6a8bc](https://github.com/certd/certd/commit/7f6a8bc87e364685defe7f039264b2de064806c5))
+* 支持复制粘贴任务步骤 ([acc2df2](https://github.com/certd/certd/commit/acc2df29def017fb8165f931b41ef95414966afc))
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+### Bug Fixes
+
+* 修复修改分组报错的bug ([224db7d](https://github.com/certd/certd/commit/224db7da57dbdddf25bcac7faa0a29eb228c5a33))
+
+### Performance Improvements
+
+* 移除passkey的counter递增校验 ([68b669d](https://github.com/certd/certd/commit/68b669d3ff3e13b931939093320ce7237bb02b1b))
+* passkey 支持Bitwarden ([29f44c6](https://github.com/certd/certd/commit/29f44c67c808bed9ff1c9d4884d39a1a62d043a7))
+* passkey登录放到下方其他登录位置 ([1413e1a](https://github.com/certd/certd/commit/1413e1aff4aabcfd471716338c210fbcfd76c8f9))
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+### Bug Fixes
+
+* 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
+* 修复查看证书详情页面错位的bug ([7f37df4](https://github.com/certd/certd/commit/7f37df42274e657892d92e868ceac67e139f3bf2))
+* 修复选择插件页面无法滚动的bug ([d8425bc](https://github.com/certd/certd/commit/d8425bc9c5ee81bb669706c6de6bad69d7c38d8e))
+
+### Performance Improvements
+
+* 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+### Bug Fixes
+
+* 修复多选框只能单选的bug ([12700e1](https://github.com/certd/certd/commit/12700e1754319513ac02822ff1588d63420b964e))
+* 修复旧版1panel插件 报sslIds is not iterable的错误 ([50db6f0](https://github.com/certd/certd/commit/50db6f0765e7ec9a5698cd99540d90e188634fb1))
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复当证书更新后第一次站点检查会报与主站证书过期时间不一致错误的bug ([dd999b6](https://github.com/certd/certd/commit/dd999b60a4fe3507ff5e0109d637b4e891b28bdd))
+* 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
+* 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
+* 修复提示支付失败的bug ([12fed34](https://github.com/certd/certd/commit/12fed34e109f3254de664813954081a52513bd38))
+* 修复修改项目名称后，没有同步刷新的bug ([3abee72](https://github.com/certd/certd/commit/3abee72fee286864b665033b23b172ef0ea92d83))
+* cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
+
+### Performance Improvements
+
+* 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
+* 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
+* 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
+* 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
+* 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
+* 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
+* dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+### Bug Fixes
+
+* 修复企业管理模式下，切换用户登录后，丢失项目列表的bug ([d23c8b4](https://github.com/certd/certd/commit/d23c8b4a2a5f5ab17822c6ee1d4108ac7280b9d1))
+
+### Performance Improvements
+
+* 支持迁移个人数据到企业项目中 ([c6ca832](https://github.com/certd/certd/commit/c6ca83273779ed84de1b23b5e477063af043d015))
+* install tip ([853fdc7](https://github.com/certd/certd/commit/853fdc70a263b62d75c9ff3970607e6bf1c1593b))
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+### Bug Fixes
+
+* 修复部署到openwrt错误的bug ([2e3d0cc](https://github.com/certd/certd/commit/2e3d0cc57c16c48ad435bc8fde729bacaedde9f5))
+* 修复发件邮箱无法输入的bug ([27b0348](https://github.com/certd/certd/commit/27b0348e1d3d752f418f851965d6afbc26c0160c))
+* 修复复制流水线保存后丢失分组和排序号的问题 ([bc32648](https://github.com/certd/certd/commit/bc326489abc1d50a0930b4f47aa2d62d3a486798))
+* 修复获取群辉deviceid报错的bug ([79be392](https://github.com/certd/certd/commit/79be392775a2c91848dd5a66a2618adc4e4b48f6))
+* 修复京东云域名申请证书报错的bug ([d9c0130](https://github.com/certd/certd/commit/d9c0130b59997144a3c274d456635b800135e43f))
+* 修复偶尔下载证书报未授权的错误 ([316537e](https://github.com/certd/certd/commit/316537eb4dcbe5ec57784e8bf95ee3cdfd21dce7))
+* 修复dcdn多个域名同时部署时 可能会出现证书名称重复的bug ([78c2ced](https://github.com/certd/certd/commit/78c2ced43b1a73d142b0ed783b162b97f545ab06))
+* 优化dcdn部署上传多次证书 偶尔报 The CertName already exists的问题 ([72f850f](https://github.com/certd/certd/commit/72f850f675b500d12ebff2338d1b99d6fab476e1))
+* **cert-plugin:** 优化又拍云客户端错误处理逻辑，当域名已绑定证书时不再抛出异常。 ([92c9ac3](https://github.com/certd/certd/commit/92c9ac382692e6c84140ff787759ab6d39ccbe96))
+* esxi部署失败的bug ([1e44115](https://github.com/certd/certd/commit/1e441154617e6516a9a3610412bf597128c62696))
+
+### Features
+
+* 支持企业级管理模式，项目管理，细分权限 ([3734083](https://github.com/certd/certd/commit/37340838b6a61a94b86bfa13cf5da88b26f1315a))
+
+### Performance Improvements
+
+* 【破坏性更新】错误返回信息msg字段名统一改成message，与成功的返回结构一致 ([51ab6d6](https://github.com/certd/certd/commit/51ab6d6da1bb551b55b3a6a4a9a945c8d6ace806))
+* 当域名管理中没有域名时，创建流水线时不展开域名选择框 ([bb0afe1](https://github.com/certd/certd/commit/bb0afe1fa7b0fc52fde051d24fbe6be69d52f4cc))
+* 任务步骤页面增加串行执行提示说明 ([787f6ef](https://github.com/certd/certd/commit/787f6ef52893d8dc912ee2a7a5b8ce2b73c108c9))
+* 站点监控支持指定ip地址检查 ([83d81b6](https://github.com/certd/certd/commit/83d81b64b3adb375366039e07c87d1ad79121c13))
+* AI开发插件 skills 定义初步 ([1f68fad](https://github.com/certd/certd/commit/1f68faddb97a978c5a5e731a8895b4bb0587ad83))
+* http请求增加建立连接超时配置 ([3c85602](https://github.com/certd/certd/commit/3c85602ab1fc1953cdc06a6cd75a971d14119179))
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 ### Bug Fixes

docs/guide/install/1panel/index.md

@@ -16,7 +16,6 @@ https://1panel.cn/docs/installation/online_installation/
 
    ![](./images/store-1.png)
 
-
    ![](./images/store-2.png)
 
 #### 1.2 访问测试：
@@ -40,6 +39,9 @@ admin/123456
 1. 打开`docker-compose.yaml`，整个内容复制下来    
    https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
 
+::: tip
+默认使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](../database.md)
+:::
 
 2. 然后到 `1Panel->容器->编排->新建编排`
    输入名称，粘贴`docker-compose.yaml`原文内容
@@ -49,7 +51,10 @@ admin/123456
    ![](./images/2.png)
 
 > 默认使用sqlite数据库，数据保存在`/data/certd`目录下，您可以手动备份该目录   
-> certd还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
+
+
+
+
 
 #### 2.2 访问测试
 

docs/guide/install/baota/index.md

@@ -30,7 +30,9 @@
 点击确定，等待启动完成
 ![](./images/2.png)
 
-> certd默认使用sqlite数据库，另外支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
+::: tip
+默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](../database.md)
+:::
 
 
 ## 二、访问应用

docs/guide/install/docker/index.md

@@ -42,8 +42,9 @@ docker compose up -d
 > 如果提示 没有docker compose命令,请安装docker-compose   
 > https://docs.docker.com/compose/install/linux/   
 
-> certd默认使用sqlite数据库，另外还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
-
+::: tip
+默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](../database.md)
+:::
 
 ### 3. 访问测试
 

docs/guide/plugins/access.md

@@ -20,58 +20,59 @@
 | 16.| **APISIX授权** |  | 
 | 17.| **亚马逊云aws授权** |  | 
 | 18.| **亚马逊云科技（国区）授权** |  | 
-| 19.| **CacheFly** | CacheFly | 
-| 20.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
-| 21.| **google cloud** | 谷歌云授权 | 
-| 22.| **cloudflare授权** |  | 
-| 23.| **中国移动CND授权** |  | 
-| 24.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
-| 25.| **dns.la授权** |  | 
-| 26.| **多吉云** |  | 
-| 27.| **Dokploy授权** |  | 
-| 28.| **farcdn授权** |  | 
-| 29.| **FlexCDN授权** |  | 
-| 30.| **Gcore** | Gcore | 
-| 31.| **Github授权** |  | 
-| 32.| **godaddy授权** |  | 
-| 33.| **金山云授权** |  | 
-| 34.| **FTP授权** |  | 
-| 35.| **七牛OSS授权** |  | 
-| 36.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
-| 37.| **s3/minio授权** | S3/minio oss授权 | 
-| 38.| **namesilo授权** |  | 
-| 39.| **Next Terminal 授权** | 用于访问 Next Terminal API 的授权配置 | 
-| 40.| **1panel授权** | 账号和密码 | 
-| 41.| **支付宝** |  | 
-| 42.| **白山云授权** |  | 
-| 43.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
-| 44.| **cdnfly授权** |  | 
-| 45.| **k8s授权** |  | 
-| 46.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 47.| **LeCDN授权** |  | 
-| 48.| **lucky** |  | 
-| 49.| **猫云授权** |  | 
-| 50.| **plesk授权** |  | 
-| 51.| **长亭雷池授权** |  | 
-| 52.| **群晖登录授权** |  | 
-| 53.| **uniCloud** | unicloud授权 | 
-| 54.| **微信支付** |  | 
-| 55.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
-| 56.| **易发云短信** | sms.yfyidc.cn/ | 
-| 57.| **易盾DCDN授权** | https://user.yiduncdn.com | 
-| 58.| **易支付** |  | 
-| 59.| **proxmox** |  | 
-| 60.| **UCloud授权** | 优刻得授权 | 
-| 61.| **又拍云** |  | 
-| 62.| **网宿授权** |  | 
-| 63.| **西部数码授权** |  | 
-| 64.| **我爱云授权** | 我爱云CDN | 
-| 65.| **新网授权（代理方式）** |  | 
-| 66.| **新网授权** |  | 
-| 67.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
-| 68.| **Zenlayer授权** | Zenlayer授权 | 
-| 69.| **GoEdge授权** |  | 
-| 70.| **雨云授权** | https://app.rainyun.com/ | 
+| 19.| **BIND9 DNS 授权** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
+| 20.| **CacheFly** | CacheFly | 
+| 21.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 22.| **google cloud** | 谷歌云授权 | 
+| 23.| **cloudflare授权** |  | 
+| 24.| **中国移动CND授权** |  | 
+| 25.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
+| 26.| **dns.la授权** |  | 
+| 27.| **多吉云** |  | 
+| 28.| **Dokploy授权** |  | 
+| 29.| **farcdn授权** |  | 
+| 30.| **FlexCDN授权** |  | 
+| 31.| **Gcore** | Gcore | 
+| 32.| **Github授权** |  | 
+| 33.| **godaddy授权** |  | 
+| 34.| **金山云授权** |  | 
+| 35.| **FTP授权** |  | 
+| 36.| **七牛OSS授权** |  | 
+| 37.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 38.| **s3/minio授权** | S3/minio oss授权 | 
+| 39.| **namesilo授权** |  | 
+| 40.| **Next Terminal 授权** | 用于访问 Next Terminal API 的授权配置 | 
+| 41.| **1panel授权** | 账号和密码 | 
+| 42.| **支付宝** |  | 
+| 43.| **白山云授权** |  | 
+| 44.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
+| 45.| **cdnfly授权** |  | 
+| 46.| **k8s授权** |  | 
+| 47.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 48.| **LeCDN授权** |  | 
+| 49.| **lucky** |  | 
+| 50.| **猫云授权** |  | 
+| 51.| **plesk授权** |  | 
+| 52.| **长亭雷池授权** |  | 
+| 53.| **群晖登录授权** |  | 
+| 54.| **uniCloud** | unicloud授权 | 
+| 55.| **微信支付** |  | 
+| 56.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 57.| **易发云短信** | sms.yfyidc.cn/ | 
+| 58.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 59.| **易支付** |  | 
+| 60.| **proxmox** |  | 
+| 61.| **UCloud授权** | 优刻得授权 | 
+| 62.| **又拍云** |  | 
+| 63.| **网宿授权** |  | 
+| 64.| **西部数码授权** |  | 
+| 65.| **我爱云授权** | 我爱云CDN | 
+| 66.| **新网授权（代理方式）** |  | 
+| 67.| **新网授权** |  | 
+| 68.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
+| 69.| **Zenlayer授权** | Zenlayer授权 | 
+| 70.| **GoEdge授权** |  | 
+| 71.| **雨云授权** | https://app.rainyun.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/deploy.md

@@ -1,5 +1,5 @@
 # 任务插件
-共 `125` 款任务插件    
+共 `129` 款任务插件    
 ## 1. 证书申请
 
 | 序号 | 名称 | 说明 |
@@ -81,22 +81,23 @@
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **阿里云-部署到Ack** | 部署到阿里云Ack集群Ingress等通过Secret管理证书的应用 | 
-| 2.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
-| 3.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
-| 4.| **阿里云-部署至云原生API网关/AI网关** | 自动部署域名证书至云原生API网关、AI网关 | 
-| 5.| **阿里云-部署证书至API网关** | 自动部署域名证书至阿里云API网关（APIGateway） | 
-| 6.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
-| 7.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
-| 8.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速)，自动删除过期证书 | 
-| 9.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0） | 
-| 10.| **阿里云-部署至GA** | 部署证书到阿里云GA(全球加速)，支持更新默认证书和扩展证书 | 
-| 11.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
-| 12.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
-| 13.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
-| 14.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
-| 15.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
-| 16.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 1.| **阿里云-删除即将过期证书** | 仅删除未使用的证书 | 
+| 2.| **阿里云-部署到Ack** | 部署到阿里云Ack集群Ingress等通过Secret管理证书的应用 | 
+| 3.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
+| 4.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
+| 5.| **阿里云-部署至云原生API网关/AI网关** | 自动部署域名证书至云原生API网关、AI网关 | 
+| 6.| **阿里云-部署证书至API网关** | 自动部署域名证书至阿里云API网关（APIGateway） | 
+| 7.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
+| 8.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
+| 9.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速)，自动删除过期证书 | 
+| 10.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0） | 
+| 11.| **阿里云-部署至GA** | 部署证书到阿里云GA(全球加速)，支持更新默认证书和扩展证书 | 
+| 12.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
+| 13.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
+| 14.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
+| 15.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
+| 16.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
+| 17.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
 ## 6. 华为云
 
 | 序号 | 名称 | 说明 |
@@ -112,9 +113,9 @@
 | 1.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
 | 2.| **腾讯云-部署证书到任意云资源** | 支持负载均衡、CDN、DDoS、直播、点播、Web应用防火墙、API网关、TEO、容器服务、对象存储、轻应用服务器、云原生微服务、云开发 | 
 | 3.| **腾讯云-部署到CDN（废弃）** | 已废弃，请使用v2版 | 
-| 4.| **腾讯云-部署到CDN-v2** | 推荐使用 | 
+| 4.| **腾讯云-部署到CDN-v2** | 推荐使用，支持CDN域名以及COS加速域名 | 
 | 5.| **腾讯云-部署到CLB** | 暂时只支持单向认证证书，暂时只支持通用负载均衡 | 
-| 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
+| 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书，注意是源站域名，加速域名请使用腾讯云CDN v2插件【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
 | 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EdgeOne(EO) | 
 | 8.| **腾讯云-部署到腾讯云直播** | https://console.cloud.tencent.com/live/ | 
 | 9.| **腾讯云-部署到TKE** | 修改TKE集群密钥配置，支持Opaque和TLS证书类型。注意： 1. serverless集群请使用K8S部署插件； 2. Opaque类型需要【上传到腾讯云】作为前置任务； 3. ApiServer需要开通公网访问（或者certd可访问），实际上底层仍然是通过KubeClient进行部署 | 
@@ -130,8 +131,9 @@
 | 3.| **火山引擎-部署证书至CLB** | 部署至火山引擎负载均衡 | 
 | 4.| **火山引擎-部署证书至DCDN** | 部署至火山引擎全站加速 | 
 | 5.| **火山引擎-部署证书至Live** | 部署至火山引擎视频直播 | 
-| 6.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播(暂不可用) | 
-| 7.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
+| 6.| **火山引擎-部署证书至TOS自定义域名** | 仅限TOS自定义域名，加速域名请选择火山引擎的CDN插件 | 
+| 7.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播 | 
+| 8.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
 ## 9. 京东云
 
 | 序号 | 名称 | 说明 |
@@ -153,8 +155,9 @@
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **百度云-部署证书到负载均衡** | 部署到百度云负载均衡，包括BLB、APPBLB | 
-| 2.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
-| 3.| **百度云-上传到证书托管** | 上传证书到百度云证书托管中心 | 
+| 2.| **百度云-部署到CCE** | 部署到百度云CCE集群Ingress等通过Secret管理证书的应用 | 
+| 3.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
+| 4.| **百度云-上传到证书托管** | 上传证书到百度云证书托管中心 | 
 ## 12. 七牛云
 
 | 序号 | 名称 | 说明 |

docs/guide/plugins/dns-provider.md

@@ -9,18 +9,19 @@
 | 5.| **京东云** | 京东云DNS解析提供商 | 
 | 6.| **新网(代理方式)** | 新网域名解析(代理方式) | 
 | 7.| **新网** | 新网域名解析 | 
-| 8.| **cloudflare** | cloudflare dns provider | 
-| 9.| **dns.la** | dns.la | 
-| 10.| **godaddy** | GoDaddy | 
-| 11.| **华为云** | 华为云DNS解析提供商 | 
-| 12.| **namesilo** | namesilo dns provider | 
-| 13.| **雨云** | 雨云DNS解析提供商 | 
-| 14.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
-| 15.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
-| 16.| **西部数码** | west dns provider | 
-| 17.| **Dns提供商Demo** | dns provider示例 | 
-| 18.| **51dns** | 51DNS | 
-| 19.| **新网互联** | 新网互联 | 
+| 8.| **BIND9 DNS** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
+| 9.| **cloudflare** | cloudflare dns provider | 
+| 10.| **dns.la** | dns.la | 
+| 11.| **godaddy** | GoDaddy | 
+| 12.| **华为云** | 华为云DNS解析提供商 | 
+| 13.| **namesilo** | namesilo dns provider | 
+| 14.| **雨云** | 雨云DNS解析提供商 | 
+| 15.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 16.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
+| 17.| **西部数码** | west dns provider | 
+| 18.| **Dns提供商Demo** | dns provider示例 | 
+| 19.| **51dns** | 51DNS | 
+| 20.| **新网互联** | 新网互联 | 
 
 <style module>
 table th:first-of-type {

docs/guide/start.md

@@ -28,6 +28,11 @@ https://certd.handsfree.work/
 2. [Docker方式部署](./install/docker/)
 3. [源码方式部署](./install/source/)
 
+::: tip
+默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](./install/database.md)
+:::
+
+
 
 ### 2. 访问测试
 

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.38.12"
+  "version": "1.39.8"
 }

package.json

@@ -37,6 +37,7 @@
     "docs:preview": "vitepress preview docs",
     "pub": "echo 1",
     "dev": "pnpm run -r --parallel  compile ",
+    "pub_all":"pnpm run -r --parallel pub ",
     "release": "time /t >trigger/release.trigger && git add trigger/release.trigger && git commit -m \"build: release\" && git push",
     "publish_to_atomgit": "node --experimental-json-modules ./scripts/publish-atomgit.js",
     "publish_to_gitee": "node --experimental-json-modules ./scripts/publish-gitee.js",

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,44 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/publishlab/node-acme-client/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.39.7](https://github.com/publishlab/node-acme-client/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.39.6](https://github.com/publishlab/node-acme-client/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.39.5](https://github.com/publishlab/node-acme-client/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.39.4](https://github.com/publishlab/node-acme-client/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.39.3](https://github.com/publishlab/node-acme-client/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.39.2](https://github.com/publishlab/node-acme-client/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复京东云报错不准确的bug ([10dd89a](https://github.com/publishlab/node-acme-client/commit/10dd89ae62e438a211a15e729559af823a096583))
+
+## [1.39.1](https://github.com/publishlab/node-acme-client/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.39.0](https://github.com/publishlab/node-acme-client/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.38.12](https://github.com/publishlab/node-acme-client/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.38.12",
+    "version": "1.39.8",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.38.12",
+        "@certd/basic": "^1.39.8",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.9.0",
@@ -70,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+    "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/core/acme-client/src/auto.js

@@ -174,7 +174,7 @@ export default async (client, userOpts) => {
 
 
         } catch (e) {
-            log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
+            log(`[auto] [${d}] challengeCreateFn threw error: ${e.message || e}`);
             await deactivateAuth(e);
             throw e;
         }

packages/core/acme-client/src/client.js

@@ -588,7 +588,8 @@ class AcmeClient {
 
             if (invalidStates.includes(resp.data.status)) {
                 abort();
-                throw new Error(util.formatResponseError(resp));
+                this.log(`[${d}] : 检查状态 = ${resp.data.status} ： ${JSON.stringify(resp.data)}`);
+                throw new Error("校验失败：" + util.formatResponseError(resp));
             }
             else if (pendingStates.includes(resp.data.status)) {
                 throw new Error(`[${d}] Operation is pending or processing（当前仍然在等待状态）`);

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,50 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+### Bug Fixes
+
+* esxi部署失败的bug ([1e44115](https://github.com/certd/certd/commit/1e441154617e6516a9a3610412bf597128c62696))
+
+### Performance Improvements
+
+* http请求增加建立连接超时配置 ([3c85602](https://github.com/certd/certd/commit/3c85602ab1fc1953cdc06a6cd75a971d14119179))
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-23:18
+23:54

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.38.12",
+  "version": "1.39.8",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -47,5 +47,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/core/basic/src/utils/util.log.ts

@@ -19,6 +19,7 @@ export function resetLogConfigure() {
 }
 resetLogConfigure();
 export const logger: ILogger = log4js.getLogger("default") as any;
+logger.addSecret = (secret: string) => {};
 
 export function resetLogFilePath(filePath: string) {
   logFilePath = filePath;
@@ -106,8 +107,8 @@ export class PipelineLogger implements ILogger {
   logger: ILogger;
   customWriter!: (text: string) => void;
 
-  constructor(name: string, write: (text: string) => void) {
-    this.customWriter = write;
+  constructor(name: string, write?: (text: string) => void) {
+    this.customWriter = write || (() => {});
     //@ts-ignore
     this.logger = log4js.getLogger(name);
   }

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,48 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+### Performance Improvements
+
+* 阿里云CDN部署支持根据证书域名自动匹配部署 ([a68301e](https://github.com/certd/certd/commit/a68301e4dcea8b7391ad751aa57555d566297ad9))
+* 阿里云dcdn支持根据证书域名匹配模式 ([df012de](https://github.com/certd/certd/commit/df012dec90590ecba85a69ed6355cfa8382c1da3))
+* dcdn自动匹配部署，支持新增域名感知 ([c6a988b](https://github.com/certd/certd/commit/c6a988bc925886bd7163c1270f2b7a10a57b1c5b))
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.38.12",
+  "version": "1.39.8",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -18,8 +18,8 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.38.12",
-    "@certd/plus-core": "^1.38.12",
+    "@certd/basic": "^1.39.8",
+    "@certd/plus-core": "^1.39.8",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/core/pipeline/src/core/executor.ts

@@ -334,7 +334,7 @@ export class Executor {
       //参数没有变化
       inputChanged = false;
     }
-    if (step.strategy?.runStrategy === RunStrategy.SkipWhenSucceed) {
+    if (step.strategy?.runStrategy === RunStrategy.SkipWhenSucceed && define.runStrategy !== RunStrategy.AlwaysRun) {
       if (lastResult != null && lastResult === ResultType.success && !inputChanged) {
         step.status!.output = lastNode?.status?.output;
         step.status!.files = lastNode?.status?.files;

packages/core/pipeline/src/plugin/api.ts

@@ -1,16 +1,16 @@
-import { Registrable } from "../registry/index.js";
-import { FileItem, FormItemProps, Pipeline, Runnable, Step } from "../dt/index.js";
-import { FileStore } from "../core/file-store.js";
-import { accessRegistry, IAccessService } from "../access/index.js";
-import { ICnameProxyService, IEmailService, IServiceGetter, IUrlService } from "../service/index.js";
-import { CancelError, IContext, RunHistory, RunnableCollection } from "../core/index.js";
-import { HttpRequestConfig, ILogger, logger, utils } from "@certd/basic";
-import { HttpClient } from "@certd/basic";
+import { domainUtils, HttpClient, HttpRequestConfig, ILogger, logger, utils } from "@certd/basic";
 import dayjs from "dayjs";
-import { IPluginConfigService } from "../service/config.js";
-import { upperFirst } from "lodash-es";
+import { cloneDeep, upperFirst } from "lodash-es";
+import { accessRegistry, IAccessService } from "../access/index.js";
+import { PageSearch } from "../context/index.js";
+import { FileStore } from "../core/file-store.js";
+import { CancelError, IContext, RunHistory, RunnableCollection } from "../core/index.js";
+import { FileItem, FormItemProps, Pipeline, Runnable, Step } from "../dt/index.js";
 import { INotificationService } from "../notification/index.js";
+import { Registrable } from "../registry/index.js";
+import { IPluginConfigService } from "../service/config.js";
 import { TaskEmitter } from "../service/emit.js";
+import { ICnameProxyService, IEmailService, IServiceGetter, IUrlService } from "../service/index.js";
 
 export type PluginRequestHandleReq<T = any> = {
   typeName: string;
@@ -18,6 +18,7 @@ export type PluginRequestHandleReq<T = any> = {
   input: T;
   data: any;
   record: { id: number; type: string; title: string };
+  fromType?: "sys" | "user"; // sys、user
 };
 
 export type UserInfo = {
@@ -63,6 +64,7 @@ export type PluginDefine = Registrable & {
   onlyAdmin?: boolean;
   needPlus?: boolean;
   showRunStrategy?: boolean;
+  runStrategy?: any;
   pluginType?: string; //类型
   type?: string; //来源
 };
@@ -80,6 +82,12 @@ export type TaskResult = {
   pipelineVars: Record<string, any>;
   pipelinePrivateVars?: Record<string, any>;
 };
+
+export type CertTargetItem = {
+  value: string;
+  label: string;
+  domain: string | string[];
+};
 export type TaskInstanceContext = {
   //流水线定义
   pipeline: Pipeline;
@@ -170,9 +178,7 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     }
 
     if (this.ctx?.define?.onlyAdmin) {
-      if (!this.isAdmin()) {
-        throw new Error("只有管理员才能运行此任务");
-      }
+      this.checkAdmin();
     }
   }
 
@@ -284,6 +290,12 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     return this.ctx.user.role === "admin";
   }
 
+  checkAdmin() {
+    if (!this.isAdmin()) {
+      throw new Error("只有“管理员”或“系统级项目”才有权限运行此插件任务");
+    }
+  }
+
   getStepFromPipeline(stepId: string) {
     let found: any = null;
     RunnableCollection.each(this.ctx.pipeline.stages, step => {
@@ -310,6 +322,103 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
   getLastOutput(key: string) {
     return this.getLastStatus().status?.output?.[key];
   }
+
+  isDomainMatched(domainList: string | string[], certDomains: string[]): boolean {
+    const matched = domainUtils.match(domainList, certDomains);
+    return matched;
+  }
+
+  isNotChanged() {
+    const lastResult = this.ctx?.lastStatus?.status?.status;
+    return !this.ctx.inputChanged && lastResult === "success";
+  }
+
+  async getAutoMatchedTargets(req: {
+    targetName: string;
+    certDomains: string[];
+    pageSize: number;
+    getDeployTargetList: (req: PageSearch) => Promise<{ list: CertTargetItem[]; total: number }>;
+  }): Promise<CertTargetItem[]> {
+    const matchedDomains: CertTargetItem[] = [];
+    let pageNo = 1;
+    const { certDomains } = req;
+
+    const pageSize = req.pageSize || 100;
+    while (true) {
+      const result = await req.getDeployTargetList({
+        pageNo,
+        pageSize,
+      });
+      const pageData = result.list;
+      this.logger.info(`获取到 ${pageData.length} 个 ${req.targetName}`);
+
+      if (!pageData || pageData.length === 0) {
+        break;
+      }
+
+      for (const item of pageData) {
+        const domainName = item.domain;
+        if (this.isDomainMatched(domainName, certDomains)) {
+          matchedDomains.push(item);
+        }
+      }
+
+      const totalCount = result.total || 0;
+      if (pageNo * pageSize >= totalCount || matchedDomains.length == 0) {
+        break;
+      }
+
+      pageNo++;
+    }
+
+    return matchedDomains;
+  }
+
+  async autoMatchedDeploy(req: {
+    targetName: string;
+    getCertDomains: () => Promise<string[]>;
+    uploadCert: () => Promise<any>;
+    deployOne: (req: { target: CertTargetItem; cert: any }) => Promise<void>;
+    getDeployTargetList: (req: PageSearch) => Promise<{ list: CertTargetItem[]; total: number }>;
+  }): Promise<{ result: string; deployedList: string[] }> {
+    this.logger.info("证书匹配模式部署");
+    const certDomains = await req.getCertDomains();
+    const certTargetList = await this.getAutoMatchedTargets({
+      targetName: req.targetName,
+      pageSize: 200,
+      certDomains,
+      getDeployTargetList: req.getDeployTargetList,
+    });
+    if (certTargetList.length === 0) {
+      this.logger.warn(`未找到匹配的${req.targetName}`);
+      return { result: "skip", deployedList: [] };
+    }
+    this.logger.info(`找到 ${certTargetList.length} 个匹配的${req.targetName}`);
+
+    //开始部署，检查是否已经部署过
+    const deployedList = cloneDeep(this.getLastStatus()?.status?.output?.deployedList || []);
+    const unDeployedTargets = certTargetList.filter(item => !deployedList.includes(item.value));
+    const count = unDeployedTargets.length;
+    const deployedCount = certTargetList.length - count;
+    if (deployedCount > 0) {
+      this.logger.info(`跳过 ${deployedCount} 个已部署过的${req.targetName}`);
+    }
+    this.logger.info(`需要部署 ${count} 个${req.targetName}`);
+    if (count === 0) {
+      return { result: "skip", deployedList };
+    }
+    this.logger.info(`开始部署`);
+    const aliCrtId = await req.uploadCert();
+    for (const target of unDeployedTargets) {
+      await req.deployOne({
+        cert: aliCrtId,
+        target,
+      });
+      deployedList.push(target.value);
+    }
+    this.logger.info(`本次成功部署 ${count} 个${req.targetName}`);
+    return { result: "success", deployedList };
+  }
 }
 
 export type OutputVO = {

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,42 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.38.12",
+  "version": "1.39.8",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,42 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.38.12",
+  "version": "1.39.8",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,42 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.38.12",
+  "version": "1.39.8",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -56,5 +56,5 @@
       "fetch"
     ]
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,44 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+### Performance Improvements
+
+* 支持部署证书到百度CCE ([a19ea74](https://github.com/certd/certd/commit/a19ea7489c01cdbf795fb51f804bd6d00389f604))
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.38.12",
+  "version": "1.39.8",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -14,10 +14,11 @@
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
     "preview": "vite preview",
-    "pub": "npm publish"
+    "pub": "npm publish",
+    "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.38.12",
+    "@certd/basic": "^1.39.8",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +33,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/libs/lib-k8s/src/lib/k8s.client.ts

@@ -59,9 +59,9 @@ export class K8sClient {
     const yml = loadYaml<KubernetesObject>(manifest);
     const client = this.getKubeClient();
     try {
+      this.logger.info("apply yaml:", yml);
       await client.create(yml);
     } catch (e) {
-      this.logger.error("apply error", e.response?.body);
       if (e.response?.body?.reason === "AlreadyExists") {
         //patch
         this.logger.info("patch existing resource: ", yml.metadata?.name);
@@ -70,13 +70,26 @@ export class K8sClient {
           yml.metadata = {};
         }
         yml.metadata.resourceVersion = existing.body.metadata.resourceVersion;
-        await client.patch(yml);
-        return;
+        const res = await client.patch(yml);
+        return res?.body;
       }
       throw e;
     }
   }
 
+  async applyPatch(manifest: string) {
+    const yml = loadYaml<KubernetesObject>(manifest);
+    const client = this.getKubeClient();
+    this.logger.info("patch yaml:", yml);
+    const existing = await client.read(yml as any);
+    if (!yml.metadata) {
+      yml.metadata = {};
+    }
+    yml.metadata.resourceVersion = existing.body.metadata.resourceVersion;
+    const res = await client.patch(yml);
+    return res?.body;
+  }
+
   /**
    *
    * @param localRecords {  [domain]:{ip:'xxx.xx.xxx'} }
@@ -112,6 +125,7 @@ export class K8sClient {
    */
   async createSecret(opts: { namespace: string; body: V1Secret }) {
     const namespace = opts.namespace || "default";
+    this.logger.info("create secret:", opts.body.metadata);
     const created = await this.client.createNamespacedSecret(namespace, opts.body);
     this.logger.info("new secrets:", opts.body.metadata);
     return created.body;
@@ -152,6 +166,8 @@ export class K8sClient {
           this.logger.info(`secret ${secretName} 已创建`);
           return res;
         }
+
+        throw new Error(`secret ${secretName} 不存在`);
       }
       throw e;
     }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,54 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+### Bug Fixes
+
+* 修复cname校验报该授权无权限的bug ([b1eb706](https://github.com/certd/certd/commit/b1eb7069258d6ff2b128091911fa448eaffc5f33))
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
+
+### Performance Improvements
+
+* 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
+* 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
+* 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/lib-server
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+### Performance Improvements
+
+* 【破坏性更新】错误返回信息msg字段名统一改成message，与成功的返回结构一致 ([51ab6d6](https://github.com/certd/certd/commit/51ab6d6da1bb551b55b3a6a4a9a945c8d6ace806))
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.38.12",
+  "version": "1.39.8",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -28,11 +28,11 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.38.12",
-    "@certd/basic": "^1.38.12",
-    "@certd/pipeline": "^1.38.12",
-    "@certd/plugin-lib": "^1.38.12",
-    "@certd/plus-core": "^1.38.12",
+    "@certd/acme-client": "^1.39.8",
+    "@certd/basic": "^1.39.8",
+    "@certd/pipeline": "^1.39.8",
+    "@certd/plugin-lib": "^1.39.8",
+    "@certd/plus-core": "^1.39.8",
     "@midwayjs/cache": "3.14.0",
     "@midwayjs/core": "3.20.11",
     "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/libs/lib-server/src/basic/base-controller.ts

@@ -83,7 +83,7 @@ export abstract class BaseController {
     let userId = this.getUserId()
     const projectId = await this.getProjectId(permission)
     if(projectId){
-      userId = 0
+      userId = -1 // 企业管理模式下，用户id固定-1
     }
     return {
       projectId,userId
@@ -115,11 +115,17 @@ export abstract class BaseController {
     if (projectId) {
       await authService.checkProjectId(service, id, projectId);
     }else{
-      if(allowAdmin){
-        await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
+
+      if(userId === Constants.systemUserId){
+        //系统级别，不检查权限
       }else{
-        await authService.checkUserId(this.ctx, service, id);
+        if(allowAdmin){
+          await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
+        }else{
+          await authService.checkUserId( service, id, userId);
+        }
       }
+     
     }
     return {projectId,userId}
   }

packages/libs/lib-server/src/basic/base-service.ts

@@ -4,6 +4,7 @@ import { Inject } from '@midwayjs/core';
 import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
 import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
 import { FindManyOptions } from 'typeorm';
+import { Constants } from './constants.js';
 
 export type PageReq<T = any> = {
   page?: { offset: number; limit: number };
@@ -258,12 +259,12 @@ export abstract class BaseService<T> {
 
 export function checkUserProjectParam(userId: number, projectId: number) {
   if (projectId != null ){
-    if( userId !==0) {
+    if( userId !== Constants.enterpriseUserId) {
       throw new ValidateException('userId projectId 错误');
     }
     return true
   }else{
-    if( userId > 0) {
+    if( userId != null) {
       return true
     }
      throw new ValidateException('userId不能为空');

packages/libs/lib-server/src/basic/constants.ts

@@ -120,4 +120,6 @@ export const Constants = {
       message: '用户邮箱还未配置',
     },
   },
+  systemUserId: 0, // 系统级别userid固定为0
+  enterpriseUserId:  -1 // 企业模式用户id固定为-1
 };

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -88,6 +88,10 @@ export class SysPrivateSettings extends BaseSettings {
 
   pipelineMaxRunningCount?: number;
 
+
+  environmentVars?: string = '';
+
+
   sms?: {
     type?: string;
     config?: any;

packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts

@@ -9,8 +9,10 @@ import { cache, logger, mergeUtils, setGlobalProxy } from '@certd/basic';
 import * as dns from 'node:dns';
 import { BaseService, setAdminMode } from '../../../basic/index.js';
 import { executorQueue } from '../../basic/service/executor-queue.js';
-import { isComm } from '@certd/plus-core';
+import { isComm, isPlus } from '@certd/plus-core';
 const { merge } = mergeUtils;
+
+let lastSaveEnvVars = {};
 /**
  * 设置
  */
@@ -117,12 +119,12 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
   }
 
   async savePublicSettings(bean: SysPublicSettings) {
-    if(isComm()){
-      if(bean.adminMode === 'enterprise'){
+    if (isComm()) {
+      if (bean.adminMode === 'enterprise') {
         throw new Error("商业版不支持使用企业管理模式")
       }
     }
-    
+
     await this.saveSetting(bean);
     //让设置生效
     await this.reloadPublicSettings();
@@ -153,7 +155,9 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
 
   async reloadPublicSettings() {
     const publicSetting = await this.getPublicSettings()
-    setAdminMode(publicSetting.adminMode)
+    if (isPlus()){
+      setAdminMode(publicSetting.adminMode  ) 
+    }
   }
 
   async reloadPrivateSettings() {
@@ -173,6 +177,44 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
     }
 
     setSslProviderReverseProxies(privateSetting.reverseProxies);
+
+    //加载环境变量
+    this.setEnvironmentVars(privateSetting.environmentVars);
+  }
+
+  setEnvironmentVars(vars: string) {
+    const envVars = {}
+    if (typeof vars !== 'string') {
+      vars = ""
+    }
+    vars.split('\n').forEach(line => {
+      line = line.trim();
+      if (!line || line.startsWith('#')) {
+        return
+      }
+
+      const arr = line.split("#")
+      if (arr.length > 0) {
+        line = arr[0].trim();
+      }
+      if (!line.includes("=")) {
+        return
+      }
+
+      const [key, value] = line.split('=');
+      if (key && value) {
+        envVars[key.trim()] = value.trim();
+      }
+    });
+    //先删除旧环境变量
+    if (lastSaveEnvVars) {
+      for (const key in lastSaveEnvVars) {
+          delete process.env[key];
+      }
+    }
+
+    merge(process.env, envVars);
+    lastSaveEnvVars = envVars;
   }
 
   async updateByKey(key: string, setting: any) {

packages/libs/lib-server/src/user/access/entity/access.ts

@@ -7,8 +7,12 @@ import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
 export class AccessEntity {
   @PrimaryGeneratedColumn()
   id: number;
+  @Column({ name: 'key_id', comment: 'key_id', length: 100 })
+  keyId: string;
+
   @Column({ name: 'user_id', comment: '用户id' })
-  userId: number;
+  userId: number; // 0为系统级别, -1为企业，大于1为用户
+
   @Column({ comment: '名称', length: 100 })
   name: string;
 
@@ -24,9 +28,6 @@ export class AccessEntity {
   @Column({ name: 'project_id', comment: '项目id' })
   projectId: number;
 
-  @Column({ comment: '权限等级', length: 100 })
-  level: string; // user common system
-
   @Column({
     name: 'create_time',
     comment: '创建时间',

packages/libs/lib-server/src/user/access/service/access-getter.ts

@@ -3,8 +3,8 @@ import { IAccessService } from '@certd/pipeline';
 export class AccessGetter implements IAccessService {
   userId: number;
   projectId?: number;
-  getter: <T>(id: any, userId?: number, projectId?: number) => Promise<T>;
-  constructor(userId: number, projectId: number, getter: (id: any, userId: number, projectId?: number) => Promise<any>) {
+  getter: <T>(id: any, userId?: number, projectId?: number, ignorePermission?: boolean) => Promise<T>;
+  constructor(userId: number, projectId: number, getter: (id: any, userId: number, projectId?: number, ignorePermission?: boolean) => Promise<any>) {
     this.userId = userId;
     this.projectId = projectId;
     this.getter = getter;

packages/libs/lib-server/src/user/access/service/access-service.ts

@@ -5,6 +5,7 @@ import {AccessGetter, BaseService, PageReq, PermissionException, ValidateExcepti
 import {AccessEntity} from '../entity/access.js';
 import {AccessDefine, accessRegistry, newAccess} from '@certd/pipeline';
 import {EncryptService} from './encrypt-service.js';
+import { logger, utils } from '@certd/basic';
 
 /**
  * 授权
@@ -46,6 +47,7 @@ export class AccessService extends BaseService<AccessEntity> {
     }
     delete param._copyFrom
     this.encryptSetting(param, oldEntity);
+    param.keyId = "ac_" + utils.id.simpleNanoId();
     return await super.add(param);
   }
 
@@ -117,6 +119,7 @@ export class AccessService extends BaseService<AccessEntity> {
       throw new ValidateException('该授权配置不存在,请确认是否已被删除');
     }
     this.encryptSetting(param, oldEntity);
+    delete param.keyId
     return await super.update(param);
   }
 
@@ -215,4 +218,37 @@ export class AccessService extends BaseService<AccessEntity> {
     });
 
   }
+
+  /**
+   * 复制授权到其他项目
+   * @param accessId 
+   * @param projectId 
+   */
+  async copyTo(accessId: number,projectId?: number) {
+    const access = await this.info(accessId);
+    if (access == null) {
+      throw new Error(`该授权配置不存在,请确认是否已被删除:id=${accessId}`);
+    }
+    
+    const keyId = access.keyId;
+    //检查目标项目里是否已经有相同keyId的配置
+    const existAccess = await this.repository.findOne({
+      where: {
+        keyId,
+        projectId,
+      },
+    });
+    if (existAccess) {
+      logger.info(`目标项目已存在相同keyId的授权配置,跳过复制:keyId=${keyId}`);
+      return existAccess.id;
+    }
+    const newAccess = {
+      ...access,
+      userId:-1,
+      id: undefined,
+      projectId,
+    }
+    await this.repository.save(newAccess);
+    return newAccess.id;
+  }
 }

packages/libs/lib-server/src/user/addon/entity/addon.ts

@@ -6,6 +6,8 @@ import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
 export class AddonEntity {
   @PrimaryGeneratedColumn()
   id: number;
+  @Column({ name: 'key_id', comment: 'key_id', length: 100 })
+  keyId: string;
   @Column({ name: 'user_id', comment: '用户id' })
   userId: number;
   @Column({ comment: '名称', length: 100 })

packages/libs/lib-server/src/user/addon/service/addon-service.ts

@@ -4,6 +4,7 @@ import { In, Repository } from "typeorm";
 import { AddonDefine, BaseService, PageReq, ValidateException } from "../../../index.js";
 import { addonRegistry } from "../api/index.js";
 import { AddonEntity } from "../entity/addon.js";
+import { utils } from "@certd/basic";
 
 /**
  * Addon
@@ -43,6 +44,7 @@ export class AddonService extends BaseService<AddonEntity> {
     } else {
       param.isSystem = false;
     }
+    param.keyId = "ad_" + utils.id.simpleNanoId();
     delete param._copyFrom;
     return await super.add(param);
   }
@@ -57,6 +59,7 @@ export class AddonService extends BaseService<AddonEntity> {
     if (oldEntity == null) {
       throw new ValidateException("该Addon配置不存在,请确认是否已被删除");
     }
+    delete param.keyId
     return await super.update(param);
   }
 
@@ -67,6 +70,7 @@ export class AddonService extends BaseService<AddonEntity> {
     }
     return {
       id: entity.id,
+      keyId: entity.keyId,
       name: entity.name,
       userId: entity.userId,
       addonType: entity.addonType,
@@ -100,6 +104,7 @@ export class AddonService extends BaseService<AddonEntity> {
       },
       select: {
         id: true,
+        keyId: true,
         name: true,
         addonType: true,
         type: true,
@@ -132,6 +137,7 @@ export class AddonService extends BaseService<AddonEntity> {
     const setting = JSON.parse(res.setting);
     return {
       id: res.id,
+      keyId: res.keyId,
       addonType: res.addonType,
       type: res.type,
       name: res.name,

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,42 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.38.12",
+  "version": "1.39.8",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,42 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/plugin-cert

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.38.12",
+  "version": "1.39.8",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.38.12",
-    "@certd/basic": "^1.38.12",
-    "@certd/pipeline": "^1.38.12",
-    "@certd/plugin-lib": "^1.38.12",
+    "@certd/acme-client": "^1.39.8",
+    "@certd/basic": "^1.39.8",
+    "@certd/pipeline": "^1.39.8",
+    "@certd/plugin-lib": "^1.39.8",
     "psl": "^1.9.0",
     "punycode.js": "^2.3.1"
   },
@@ -38,5 +38,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,49 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+### Performance Improvements
+
+* dcdn自动匹配部署，支持新增域名感知 ([c6a988b](https://github.com/certd/certd/commit/c6a988bc925886bd7163c1270f2b7a10a57b1c5b))
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+### Bug Fixes
+
+* 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Performance Improvements
+
+* 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
+* dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 **Note:** Version bump only for package @certd/plugin-lib

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.38.12",
+  "version": "1.39.8",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -22,10 +22,10 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.11",
     "@aws-sdk/client-s3": "^3.964.0",
-    "@certd/acme-client": "^1.38.12",
-    "@certd/basic": "^1.38.12",
-    "@certd/pipeline": "^1.38.12",
-    "@certd/plus-core": "^1.38.12",
+    "@certd/acme-client": "^1.39.8",
+    "@certd/basic": "^1.39.8",
+    "@certd/pipeline": "^1.39.8",
+    "@certd/plus-core": "^1.39.8",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -57,5 +57,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "adc3e6118b941818926705c3536babfca117c247"
 }

packages/plugins/plugin-lib/src/cert/cert-reader.ts

@@ -2,6 +2,7 @@ import fs from "fs";
 import os from "os";
 import path from "path";
 import { CertificateInfo, crypto } from "@certd/acme-client";
+import cryptoLib from "crypto";
 import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
 import { uniq } from "lodash-es";
@@ -42,6 +43,12 @@ const formats = {
   jks: ["jks"],
   p7b: ["p7b", "key"],
 };
+
+export type SimpleCertDetail = {
+  notBefore: Date;
+  notAfter: Date;
+  domains: string[];
+};
 export class CertReader {
   cert: CertInfo;
 
@@ -115,13 +122,41 @@ export class CertReader {
     return CertReader.readCertDetail(crt);
   }
 
+  getSimpleDetail() {
+    const { detail } = this.getCrtDetail();
+    return {
+      notBefore: detail.notBefore,
+      notAfter: detail.notAfter,
+      domains: this.getAllDomains(),
+    };
+  }
+
   static readCertDetail(crt: string) {
     const detail = crypto.readCertificateInfo(crt.toString());
     const effective = detail.notBefore;
     const expires = detail.notAfter;
+    const fingerprints = CertReader.getFingerprintX509(crt);
+    // @ts-ignore
+    detail.fingerprints = fingerprints;
     return { detail, effective, expires };
   }
 
+  static getFingerprintX509(crt: string) {
+    try {
+      // 创建X509Certificate实例
+      const cert = new cryptoLib.X509Certificate(crt);
+      // 获取指纹
+      return {
+        fingerprint: cert.fingerprint,
+        fingerprint256: cert.fingerprint256,
+        fingerprint512: cert.fingerprint512,
+      };
+    } catch (error) {
+      console.error("处理证书失败:", error.message);
+      return null;
+    }
+  }
+
   getAllDomains() {
     const { detail } = this.getCrtDetail();
     const domains = [];

packages/plugins/plugin-lib/src/cert/dns-provider/api.ts

@@ -1,5 +1,5 @@
 import { HttpClient, ILogger, utils } from "@certd/basic";
-import { IAccess, IServiceGetter, PageRes, PageSearch, Registrable } from "@certd/pipeline";
+import { IAccess, IAccessService, IServiceGetter, PageRes, PageSearch, Registrable } from "@certd/pipeline";
 
 export type DnsProviderDefine = Registrable & {
   accessType: string;
@@ -26,6 +26,7 @@ export type DnsProviderContext = {
   utils: typeof utils;
   domainParser: IDomainParser;
   serviceGetter: IServiceGetter;
+  accessGetter?: IAccessService;
 };
 
 export type DomainRecord = {

packages/plugins/plugin-lib/src/cert/dns-provider/base.ts

@@ -1,5 +1,5 @@
 import { HttpClient, ILogger } from "@certd/basic";
-import { PageRes, PageSearch } from "@certd/pipeline";
+import { IAccessService, PageRes, PageSearch } from "@certd/pipeline";
 import punycode from "punycode.js";
 import { CreateRecordOptions, DnsProviderContext, DnsProviderDefine, DomainRecord, IDnsProvider, RemoveRecordOptions } from "./api.js";
 import { dnsProviderRegistry } from "./registry.js";
@@ -59,6 +59,11 @@ export async function createDnsProvider(opts: { dnsProviderType: string; context
   if (dnsProviderDefine.deprecated) {
     context.logger.warn(dnsProviderDefine.deprecated);
   }
+
+  if (!context.accessGetter) {
+    const accessGetter: IAccessService = await context.serviceGetter.get("accessService");
+    context.accessGetter = accessGetter;
+  }
   // @ts-ignore
   const dnsProvider: IDnsProvider = new DnsProviderClass();
   dnsProvider.setCtx(context);

packages/plugins/plugin-lib/src/common/util.ts

@@ -43,6 +43,7 @@ export function createRemoteSelectInputDefine(opts?: {
   pager?: boolean;
   component?: any;
   value?: any;
+  pageSize?: number;
 }) {
   const title = opts?.title || "请选择";
   const certDomainsInputKey = opts?.certDomainsInputKey || "certDomains";
@@ -54,13 +55,11 @@ export function createRemoteSelectInputDefine(opts?: {
   const helper = opts?.helper || "请选择";
   const search = opts?.search ?? false;
   const pager = opts?.pager ?? false;
-  let mode = "tags";
-  if (opts.multi === false) {
-    mode = undefined;
-  } else {
-    mode = opts?.mode ?? "tags";
+  let mode = "default";
+  const multi = opts?.multi ?? true;
+  if (multi) {
+    mode = "tags";
   }
-
   const item = {
     title,
     component: {
@@ -72,6 +71,8 @@ export function createRemoteSelectInputDefine(opts?: {
       action,
       search,
       pager,
+      multi,
+      pageSize: opts?.pageSize,
       watches: [certDomainsInputKey, accessIdInputKey, ...watches],
       ...opts.component,
     },

packages/ui/Dockerfile

@@ -38,6 +38,10 @@ COPY ./patch/ssh2/*.js /app/node_modules/.pnpm/node_modules/ssh2/lib/protocol/
 
 ENV LEGO_VERSION=4.30.1
 ENV LEGO_DOWNLOAD_DIR=/app/tools/lego
+
+ENV ALIYUN_CLIENT_CONNECT_TIMEOUT=10000
+ENV ALIYUN_CLIENT_READ_TIMEOUT=20000
+
 RUN mkdir -p $LEGO_DOWNLOAD_DIR
 
 # 根据架构下载不同的文件

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,110 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
+
+### Bug Fixes
+
+* 修复上传头像退出登录的bug ([6eb20a1](https://github.com/certd/certd/commit/6eb20a1f2e31d984d9135edbf39c97cdd15621f9))
+
+### Performance Improvements
+
+* 阿里云dcdn支持根据证书域名匹配模式 ([df012de](https://github.com/certd/certd/commit/df012dec90590ecba85a69ed6355cfa8382c1da3))
+* dcdn自动匹配部署，支持新增域名感知 ([c6a988b](https://github.com/certd/certd/commit/c6a988bc925886bd7163c1270f2b7a10a57b1c5b))
+
+## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
+
+**Note:** Version bump only for package @certd/ui-client
+
+## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
+
+### Bug Fixes
+
+* 修复模版id不正确导致修改到错误的模版流水线bug ([b1ff163](https://github.com/certd/certd/commit/b1ff163a2828b205297408d5aed21cf1eff335e8))
+* remote-select默认pageSize设置为50，阿里云WAF不支持pageSize100 ([285532d](https://github.com/certd/certd/commit/285532d4318b90d0d7f8154f070274c0a0ec0269))
+
+### Performance Improvements
+
+* 企业模式下面增加个人数据迁移的引导 ([431afd6](https://github.com/certd/certd/commit/431afd618f547cecf9a29433f46d4367619e2ecf))
+* 优化远程数据选择框，选择数据时不刷新闪烁 ([7f6a8bc](https://github.com/certd/certd/commit/7f6a8bc87e364685defe7f039264b2de064806c5))
+* 支持复制粘贴任务步骤 ([acc2df2](https://github.com/certd/certd/commit/acc2df29def017fb8165f931b41ef95414966afc))
+
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+### Bug Fixes
+
+* 修复修改分组报错的bug ([224db7d](https://github.com/certd/certd/commit/224db7da57dbdddf25bcac7faa0a29eb228c5a33))
+
+### Performance Improvements
+
+* passkey 支持Bitwarden ([29f44c6](https://github.com/certd/certd/commit/29f44c67c808bed9ff1c9d4884d39a1a62d043a7))
+* passkey登录放到下方其他登录位置 ([1413e1a](https://github.com/certd/certd/commit/1413e1aff4aabcfd471716338c210fbcfd76c8f9))
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+### Bug Fixes
+
+* 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
+* 修复查看证书详情页面错位的bug ([7f37df4](https://github.com/certd/certd/commit/7f37df42274e657892d92e868ceac67e139f3bf2))
+* 修复选择插件页面无法滚动的bug ([d8425bc](https://github.com/certd/certd/commit/d8425bc9c5ee81bb669706c6de6bad69d7c38d8e))
+
+### Performance Improvements
+
+* 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+### Bug Fixes
+
+* 修复多选框只能单选的bug ([12700e1](https://github.com/certd/certd/commit/12700e1754319513ac02822ff1588d63420b964e))
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
+* 修复提示支付失败的bug ([12fed34](https://github.com/certd/certd/commit/12fed34e109f3254de664813954081a52513bd38))
+* 修复修改项目名称后，没有同步刷新的bug ([3abee72](https://github.com/certd/certd/commit/3abee72fee286864b665033b23b172ef0ea92d83))
+* cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
+
+### Performance Improvements
+
+* 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
+* 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
+* 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
+* 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
+* 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
+* 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
+* dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
+
+## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
+
+### Bug Fixes
+
+* 修复企业管理模式下，切换用户登录后，丢失项目列表的bug ([d23c8b4](https://github.com/certd/certd/commit/d23c8b4a2a5f5ab17822c6ee1d4108ac7280b9d1))
+
+### Performance Improvements
+
+* 支持迁移个人数据到企业项目中 ([c6ca832](https://github.com/certd/certd/commit/c6ca83273779ed84de1b23b5e477063af043d015))
+
+# [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
+
+### Bug Fixes
+
+* 修复发件邮箱无法输入的bug ([27b0348](https://github.com/certd/certd/commit/27b0348e1d3d752f418f851965d6afbc26c0160c))
+* 修复复制流水线保存后丢失分组和排序号的问题 ([bc32648](https://github.com/certd/certd/commit/bc326489abc1d50a0930b4f47aa2d62d3a486798))
+* 修复获取群辉deviceid报错的bug ([79be392](https://github.com/certd/certd/commit/79be392775a2c91848dd5a66a2618adc4e4b48f6))
+* 修复偶尔下载证书报未授权的错误 ([316537e](https://github.com/certd/certd/commit/316537eb4dcbe5ec57784e8bf95ee3cdfd21dce7))
+
+### Features
+
+* 支持企业级管理模式，项目管理，细分权限 ([3734083](https://github.com/certd/certd/commit/37340838b6a61a94b86bfa13cf5da88b26f1315a))
+
+### Performance Improvements
+
+* 当域名管理中没有域名时，创建流水线时不展开域名选择框 ([bb0afe1](https://github.com/certd/certd/commit/bb0afe1fa7b0fc52fde051d24fbe6be69d52f4cc))
+* 任务步骤页面增加串行执行提示说明 ([787f6ef](https://github.com/certd/certd/commit/787f6ef52893d8dc912ee2a7a5b8ce2b73c108c9))
+
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 
 ### Bug Fixes

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.38.12",
+  "version": "1.39.8",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -106,8 +106,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.38.12",
-    "@certd/pipeline": "^1.38.12",
+    "@certd/lib-iframe": "^1.39.8",
+    "@certd/pipeline": "^1.39.8",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/components/plugins/common/api-test.vue

@@ -19,6 +19,7 @@ defineOptions({
   name: "ApiTest",
 });
 
+const fromType: any = inject("getFromType");
 const getScope: any = inject("get:scope");
 const getPluginType: any = inject("get:plugin:type", () => {
   return "access";
@@ -55,6 +56,7 @@ const doTest = async () => {
         action: props.action,
         input,
         record,
+        fromType,
       },
       {
         onError(err: any) {

packages/ui/certd-client/src/components/plugins/common/remote-select.vue

@@ -1,7 +1,7 @@
 <template>
   <div class="remote-select">
     <div class="flex flex-row">
-      <a-select class="remote-select-input" show-search :filter-option="filterOption" :options="optionsRef" :value="value" v-bind="attrs" @click="onClick" @update:value="emit('update:value', $event)">
+      <a-select ref="selectRef" class="remote-select-input" show-search :filter-option="filterOption" :options="optionsRef" :value="value" v-bind="attrs" @click="onClick" @update:value="updateValue($event)">
         <template #dropdownRender="{ menuNode: menu }">
           <template v-if="search">
             <div class="flex w-full" style="padding: 4px 8px">
@@ -44,6 +44,8 @@ defineOptions({
   name: "RemoteSelect",
 });
 
+const selectRef = ref(null);
+
 const VNodes = defineComponent({
   props: {
     vnodes: {
@@ -61,6 +63,8 @@ const props = defineProps<
     watches?: string[];
     search?: boolean;
     pager?: boolean;
+    multi?: boolean;
+    pageSize?: number;
   } & ComponentPropsType
 >();
 
@@ -68,6 +72,18 @@ const emit = defineEmits<{
   "update:value": any;
 }>();
 
+function updateValue(value: any) {
+  // if (props.multi !== false) {
+  //   emit("update:value", value);
+  // } else {
+  //   const last = value?.[value.length - 1];
+  //   emit("update:value", last);
+  //   selectRef.value.blur();
+  // }
+
+  emit("update:value", value);
+}
+
 const attrs = useAttrs();
 
 const getCurrentPluginDefine: any = inject("getCurrentPluginDefine", () => {
@@ -88,7 +104,7 @@ const loading = ref(false);
 const pagerRef: Ref = ref({
   pageNo: 1,
   total: 0,
-  pageSize: 100,
+  pageSize: props.pageSize || 50,
 });
 const getOptions = async () => {
   if (loading.value) {
@@ -166,7 +182,7 @@ const getOptions = async () => {
         pagerRef.value.pageNo = res.pageNo ?? 1;
       }
       if (res.pageSize != null) {
-        pagerRef.value.pageSize = res.pageSize ?? 100;
+        pagerRef.value.pageSize = res.pageSize ?? pageSize;
       }
       if (res.total != null) {
         pagerRef.value.total = res.total ?? list.length;
@@ -221,7 +237,7 @@ watch(
     let changed = oldForm == null || optionsRef.value.length == 0;
     if (props.watches && props.watches.length > 0) {
       for (const key of props.watches) {
-        if (oldForm && form[key] != oldForm[key]) {
+        if (oldForm && JSON.stringify(form[key]) != JSON.stringify(oldForm[key])) {
           changed = true;
           break;
         }

packages/ui/certd-client/src/components/plugins/lib/index.ts

@@ -13,11 +13,12 @@ export type RequestHandleReq<T = any> = {
   data?: any;
   input: T;
   record?: any;
+  fromType?: string; // sys、user
 };
 
 export async function doRequest(req: RequestHandleReq, opts: any = {}) {
   const url = `/pi/handle/${req.type}`;
-  const { typeName, action, data, input, record } = req;
+  const { typeName, action, data, input, record, fromType } = req;
   const res = await request({
     url,
     method: "post",
@@ -27,6 +28,7 @@ export async function doRequest(req: RequestHandleReq, opts: any = {}) {
       data,
       input,
       record,
+      fromType,
     },
     ...opts,
   });

packages/ui/certd-client/src/components/project-selector/index.vue

@@ -18,7 +18,8 @@
     </template>
     <div class="rounded pl-3 pr-3 px-2 py-1 flex-center flex pointer items-center bg-accent h-10 button-text" title="当前项目">
       <!-- <fs-icon icon="ion:apps" class="mr-1"></fs-icon> -->
-      当前项目：{{ projectStore.currentProject?.name || "..." }}
+      <span class="hidden md:flex"> 当前项目：</span>
+      <span class="text-ellipsis">{{ projectStore.currentProject?.name || "..." }}</span>
       <fs-icon :icon="currentIcon" class="ml-5"></fs-icon>
     </div>
   </a-dropdown>
@@ -58,7 +59,7 @@ const currentIcon = computed(() => {
 <style lang="less">
 .project-selector {
   &.button-text {
-    min-width: 150px;
+    min-width: 100px;
     max-width: 250px;
     overflow: hidden;
     text-overflow: ellipsis;

packages/ui/certd-client/src/components/vip-button/vip-modal-content.vue

@@ -90,7 +90,7 @@
     <div class="mt-10">
       <div class="w-100 flex-col md:flex-row">
         <span>{{ t("vip.site_id") }}：</span>
-        <fs-copyable v-model="computedSiteId" class="mr-2"></fs-copyable>
+        <fs-copyable v-model="computedSiteId" class="mr-2 inline-flex"></fs-copyable>
         <a @click="goBindAccount">{{ t("vip.not_effective") }}</a>
       </div>
     </div>

packages/ui/certd-client/src/layout/components/user-info/index.vue

@@ -1,6 +1,6 @@
 <template>
   <a-dropdown>
-    <div class="fs-user-info">{{ t("user.greeting") }}，{{ userStore.getUserInfo?.nickName || userStore.getUserInfo?.username }}</div>
+    <div class="fs-user-info" @click="goUserProfile">{{ t("user.greeting") }}，{{ userStore.getUserInfo?.nickName || userStore.getUserInfo?.username }}</div>
     <template #overlay>
       <a-menu>
         <a-menu-item>

packages/ui/certd-client/src/layout/layout-basic.vue

@@ -48,6 +48,9 @@ const avatar = computed(() => {
 async function handleLogout() {
   await userStore.logout(true);
 }
+function goUserProfile() {
+  router.push("/certd/mine/user-profile");
+}
 
 const settingStore = useSettingStore();
 
@@ -90,7 +93,7 @@ const projectStore = useProjectStore();
       </div>
     </template>
     <template #user-dropdown>
-      <UserDropdown :avatar="avatar" :menus="menus" :text="userStore.userInfo?.nickName || userStore.userInfo?.username" description="" tag-text="" @logout="handleLogout" />
+      <UserDropdown :avatar="avatar" :menus="menus" :text="userStore.userInfo?.nickName || userStore.userInfo?.username" description="" tag-text="" @logout="handleLogout" @user-profile="goUserProfile" />
     </template>
     <template #lock-screen>
       <LockScreen :avatar @to-login="handleLogout" />

packages/ui/certd-client/src/locales/langs/en-US/authentication.ts

@@ -68,6 +68,14 @@ export default {
 
   smsTab: "Login via SMS code",
   passwordTab: "Password login",
+  passkeyTab: "Passkey Login",
+  passkeyLogin: "Passkey Login",
+  passkeyHelper: "Login with your biometric or security key",
+  passkeyNotSupported: "Your browser does not support Passkey",
+  passkeyRegister: "Register Passkey",
+  passkeyRegistered: "Passkey Registered",
+  passkeyRegisterSuccess: "Passkey registered successfully",
+  passkeyRegisterFailed: "Passkey registration failed",
   title: "Change Password",
   weakPasswordWarning: "For your account security, please change your password immediately",
   changeNow: "Change Now",
@@ -90,4 +98,11 @@ export default {
   updateProfile: "Update Profile",
   oauthLoginTitle: "Other ways of login",
   oauthOnlyLoginTitle: "Login",
+  registerPasskey: "Register Passkey",
+  deviceName: "Device Name",
+  deviceNameHelper: "Please enter the device name， used to identify the device",
+  passkeyRegisterHelper: "Site domain change will invalidate passkey",
+  userInfo: "User Info",
+  securitySettingTip: "2FA Setting",
+  securitySetting: "2FA Setting",
 };

packages/ui/certd-client/src/locales/langs/en-US/certd.ts

@@ -220,6 +220,7 @@ export default {
     myProjectDetail: "Project Detail",
     projectJoin: "Join Project",
     currentProject: "Current Project",
+    projectMemberManager: "Project Member",
   },
   certificateRepo: {
     title: "Certificate Repository",
@@ -726,7 +727,7 @@ export default {
       paymentSetting: "Payment Settings",
       captchaSetting: "Captcha Setting",
       pipelineSetting: "Pipeline Settings",
-      oauthSetting: "OAuth2 Settings",
+      oauthSetting: "Login Settings",
       networkSetting: "Network Settings",
       adminModeSetting: "Admin Mode Settings",
       adminModeHelper: "enterprise mode : allow to create and manage pipelines, roles, users, etc.\n saas mode : only allow to create and manage pipelines",
@@ -768,6 +769,10 @@ export default {
       oauthAutoRedirectHelper: "Whether to auto redirect to OAuth2 login when login (using the first enabled OAuth2 login type)",
       oauthOnly: "OAuth2 Login Only",
       oauthOnlyHelper: "Whether to only allow OAuth2 login, disable password login",
+      enablePasskey: "Enable Passkey Login",
+      passkeyHostnameNotSame: "Passkey hostname must be the same as the main domain",
+      passkeyEnabledHelper:
+        "1、Site must enable https \n2、Domain name must not change, otherwise the registered passkey will be invalid \n3、Domain name must be the same as the main domain, otherwise the registered passkey will be invalid",
 
       email: {
         templates: "Email Templates",
@@ -788,6 +793,10 @@ export default {
       reverseProxyHelper: "Reverse proxy for ACME address, used when applying for certificate",
       reverseProxyPlaceholder: "http://le.px.handfree.work",
       reverseProxyEmpty: "No reverse proxy list configured",
+      environmentVars: "Environment Variables",
+      environmentVarsHelper: "configure the runtime environment variables, one per line, format: KEY=VALUE",
+
+      bindUrl: "Bind URL",
     },
   },
   modal: {
@@ -822,6 +831,9 @@ export default {
       admin: "Admin",
     },
     projectMemberStatus: "Member Status",
+
+    isSystem: "Is System Project",
+    isSystemHelper: "System-level projects allow running admin plugins",
   },
   project: {
     noProjectJoined: "You haven't joined any projects yet",
@@ -839,6 +851,7 @@ export default {
     applyJoinConfirm: "Are you sure you want to apply to join this project?",
     leaveConfirm: "Are you sure you want to leave this project?",
     viewDetail: "View Detail",
+    projectManage: "Project Manage",
   },
   addonSelector: {
     select: "Select",

packages/ui/certd-client/src/locales/langs/zh-CN/authentication.ts

@@ -68,6 +68,14 @@ export default {
 
   smsTab: "手机号登录/注册",
   passwordTab: "密码登录",
+  passkeyTab: "Passkey登录",
+  passkeyLogin: "Passkey登录",
+  passkeyHelper: "使用您的生物识别或安全密钥登录",
+  passkeyNotSupported: "您的浏览器不支持Passkey",
+  passkeyRegister: "注册Passkey",
+  passkeyRegistered: "Passkey已注册",
+  passkeyRegisterSuccess: "Passkey注册成功",
+  passkeyRegisterFailed: "Passkey注册失败",
 
   title: "修改密码",
   weakPasswordWarning: "为了您的账户安全，请立即修改密码",
@@ -88,8 +96,15 @@ export default {
   nickName: "昵称",
   phoneNumber: "手机号",
   changePassword: "修改密码",
-  updateProfile: "修改个人信息",
+  updateProfile: "修改信息",
 
   oauthLoginTitle: "其他登录方式",
   oauthOnlyLoginTitle: "登录",
+  registerPasskey: "注册Passkey",
+  deviceName: "设备名称",
+  deviceNameHelper: "请输入当前设备名称，绑定多个时好做区分",
+  passkeyRegisterHelper: "1、站点域名变更会导致passkey失效;\n2、同一设备同一个用户绑定多次只有最后一次的有效，之前绑定的会失效，需要手动删除",
+  userInfo: "账号信息",
+  securitySettingTip: "2FA设置",
+  securitySetting: "2FA设置",
 };

packages/ui/certd-client/src/locales/langs/zh-CN/certd.ts

@@ -220,12 +220,12 @@ export default {
     netTest: "网络测试",
     enterpriseManager: "企业管理设置",
     projectManager: "项目管理",
-    projectDetail: "项目详情",
     enterpriseSetting: "企业设置",
     myProjectManager: "我的项目",
     myProjectDetail: "项目详情",
     projectJoin: "加入项目",
     currentProject: "当前项目",
+    projectMemberManager: "项目成员管理",
   },
   certificateRepo: {
     title: "证书仓库",
@@ -589,11 +589,11 @@ export default {
   userValidityPeriodHelper: "有效期内用户可正常使用，失效后用户的流水线将被停用",
   enableUsernameRegistration: "开启用户名注册",
   enableEmailRegistration: "开启邮箱注册",
-  proFeature: "专业版功能",
+  proFeature: "Certd专业版功能",
   emailServerSetup: "设置邮箱服务器",
   enableSmsLoginRegister: "开启手机号登录、注册",
   defaultLoginType: "默认登录方式",
-  commFeature: "商业版功能",
+  commFeature: "Certd商业版功能",
   smsProvider: "短信提供商",
   aliyunSms: "阿里云短信",
   tencentSms: "腾讯云短信",
@@ -780,7 +780,9 @@ export default {
       oauthAutoRedirectHelper: "是否自动跳转第三方登录（使用第一个已启用的第三方登录类型）",
       oauthOnly: "仅使用第三方登录",
       oauthOnlyHelper: "是否仅使用第三方登录，关闭密码登录（注意：请务必在测试第三方登录功能正常后再开启，否则会导致无法登录）\n 如果无法登录，请访问 http://你的certd地址/#/login?oauthOnly=false 来临时关闭此模式",
-
+      enablePasskey: "启用Passkey登录",
+      passkeyHostnameNotSame: "当前域名与主绑定域名不同",
+      passkeyEnabledHelper: "1、站点必须启用https \n2、passkey的rpId以主绑定域名为准，当前主域名:{0} \n3、站点域名不能变，否则会导致已注册的passkey失效。",
       email: {
         templates: "邮件模板",
         templateType: "模板类型",
@@ -800,6 +802,9 @@ export default {
       reverseProxyHelper: "证书颁发机构ACME地址的反向代理，在申请证书时自动使用",
       reverseProxyPlaceholder: "http://le.px.handfree.work",
       reverseProxyEmpty: "未配置反向代理",
+      environmentVars: "环境变量",
+      environmentVarsHelper: "配置运行时环境变量，每行一个，格式：KEY=VALUE",
+      bindUrl: "绑定URL",
     },
   },
   modal: {
@@ -808,7 +813,7 @@ export default {
   },
   domain: {
     domainManager: "域名管理",
-    domainDescription: "管理域名的校验方式，用于申请证书时自动选择验证方式",
+    domainDescription: "流水线校验方式选择“自动选择”时此处配置才有用，支持自动导入；注意：这里只需要管理主域名即可，子域名不要填写（子域名托管和免费二级子域名除外）",
     domain: "域名",
     challengeType: "校验类型",
     dnsProviderType: "DNS提供商类型",
@@ -838,6 +843,9 @@ export default {
       admin: "管理员",
     },
     projectMemberStatus: "成员状态",
+
+    isSystem: "是否系统项目",
+    isSystemHelper: "系统级项目允许运行管理员插件",
   },
   project: {
     noProjectJoined: "您还没有加入任何项目",
@@ -855,5 +863,6 @@ export default {
     applyJoinConfirm: "确认加入项目？",
     leaveConfirm: "确认退出项目？",
     viewDetail: "查看详情",
+    projectManage: "项目管理",
   },
 };

packages/ui/certd-client/src/locales/langs/zh-CN/vip.ts

@@ -88,13 +88,13 @@ export default {
   activation_code_one_use: "激活码使用过一次之后，不可再次使用，如果要更换站点，请",
   bind_account: "绑定账号",
   transfer_vip: '然后"转移VIP"即可',
-  needVipTip: "此为专业版功能，请先开通专业版",
+  needVipTip: "此为Certd专业版功能，请先开通Certd专业版",
   manual_activation: "激活码手动激活",
   close: "关闭",
   have_activation_code: "已经有激活码了？",
   buy: "立即购买",
-  already_plus: "已经是专业版了，是否升级为商业版？注意：专业版时长将被覆盖",
-  already_comm: "已经是商业版了，不能降级为专业版",
+  already_plus: "已经是Certd专业版了，是否升级为商业版？注意：Certd专业版时长将被覆盖",
+  already_comm: "已经是Certd商业版了，不能降级为专业版",
   already_perpetual_plus: "您已经是永久专业版了，无法继续升级",
   confirm: "确认",
   not_effective: "VIP没有生效/时长未同步?",

packages/ui/certd-client/src/router/source/modules/certd.ts

@@ -29,21 +29,6 @@ export const certdResources = [
           auth: true,
         },
       },
-      {
-        title: "certd.sysResources.currentProject",
-        name: "CurrentProject",
-        path: "/certd/project/detail",
-        component: "/certd/project/detail/index.vue",
-        meta: {
-          show: () => {
-            const projectStore = useProjectStore();
-            return projectStore.isEnterprise;
-          },
-          isMenu: true,
-          icon: "ion:apps",
-          auth: true,
-        },
-      },
       {
         title: "certd.sysResources.projectJoin",
         name: "ProjectJoin",
@@ -142,6 +127,21 @@ export const certdResources = [
           keepAlive: true,
         },
       },
+      {
+        title: "certd.sysResources.currentProject",
+        name: "ProjectMemberManager",
+        path: "/certd/project/detail",
+        component: "/certd/project/detail/index.vue",
+        meta: {
+          show: () => {
+            const projectStore = useProjectStore();
+            return projectStore.isEnterprise;
+          },
+          isMenu: true,
+          icon: "ion:apps",
+          auth: true,
+        },
+      },
       {
         title: "certd.settings",
         name: "MineSetting",
@@ -275,7 +275,7 @@ export const certdResources = [
             meta: {
               icon: "ion:person-outline",
               auth: true,
-              isMenu: false,
+              isMenu: true,
             },
           },
         ],

packages/ui/certd-client/src/store/project/index.ts

@@ -15,11 +15,18 @@ export type ProjectItem = {
 export const useProjectStore = defineStore("app.project", () => {
   const myProjects = ref([]);
   const inited = ref(false);
+  const currentProjectId = ref(); // 直接调用
+
+  function $reset() {
+    myProjects.value = [];
+    currentProjectId.value = "";
+    inited.value = false;
+  }
   const userStore = useUserStore();
   const userId = userStore.getUserInfo?.id;
   const lastProjectIdCacheKey = "currentProjectId:" + userId;
   const lastProjectId = LocalStorage.get(lastProjectIdCacheKey);
-  const currentProjectId = ref(lastProjectId); // 直接调用
+  currentProjectId.value = lastProjectId;
 
   const projects = computed(() => {
     return myProjects.value;
@@ -118,11 +125,6 @@ export const useProjectStore = defineStore("app.project", () => {
     return false;
   }
 
-  function $reset() {
-    myProjects.value = [];
-    currentProjectId.value = "";
-  }
-
   return {
     projects,
     myProjects,

packages/ui/certd-client/src/store/settings/api.basic.ts

@@ -38,6 +38,7 @@ export type SysPublicSetting = {
   passwordLoginEnabled?: boolean;
   smsLoginEnabled?: boolean;
   defaultLoginType?: string;
+  passkeyEnabled?: boolean;
   selfServicePasswordRetrievalEnabled?: boolean;
 
   limitUserPipelineCount?: number;
@@ -101,6 +102,8 @@ export type SysPrivateSetting = {
   commonCnameEnabled?: boolean;
   // 同一个用户同时最大运行流水线数量
   pipelineMaxRunningCount?: number;
+  // 环境变量
+  environmentVars?: string;
 
   sms?: {
     type?: string;

packages/ui/certd-client/src/store/settings/index.tsx

@@ -272,14 +272,27 @@ export const useSettingStore = defineStore({
     },
     async checkUrlBound() {
       const userStore = useUserStore();
-      const settingStore = useSettingStore();
       if (!userStore.isAdmin) {
         return;
       }
+      const bindUrl = this.installInfo.bindUrl;
+      const bindUrl2 = this.installInfo.bindUrl2;
+      if (!bindUrl) {
+        //绑定url
+        await this.doBindUrl("url");
+      } else {
+        //检查当前url 是否与绑定的url一致
+        const url = window.location.href;
+        if (!url.startsWith(bindUrl) && !url.startsWith(bindUrl2)) {
+          this.openBindUrlModal();
+        }
+      }
+    },
+
+    openBindUrlModal() {
       const event: any = { ModalRef: null };
       mitter.emit("getModal", event);
       const Modal = event.ModalRef;
-      let modalRef: any = null;
       const bindUrl = this.installInfo.bindUrl;
       const bindUrl2 = this.installInfo.bindUrl2;
 
@@ -289,57 +302,47 @@ export const useSettingStore = defineStore({
           modalRef.destroy();
         }
       };
-
-      if (!bindUrl) {
-        //绑定url
-        await this.doBindUrl("url");
-      } else {
-        //检查当前url 是否与绑定的url一致
-        const url = window.location.href;
-        if (!url.startsWith(bindUrl) && !url.startsWith(bindUrl2)) {
-          modalRef = Modal.warning({
-            title: "URL地址未绑定，是否绑定此地址？",
-            width: 500,
-            keyboard: false,
-            content: () => {
-              return (
-                <div class="p-4">
-                  <div class="flex items-center justify-between">
-                    <span>
-                      绑定地址1：
-                      <a-tag color="green">{bindUrl || "未占用"}</a-tag>
-                    </span>
-                    <a-button type="primary" onClick={() => doBindRequest("url")}>
-                      绑定到地址1
-                    </a-button>
-                  </div>
-                  <div class="flex items-center justify-between mt-3">
-                    <span>
-                      绑定地址2：
-                      <a-tag color="green">{bindUrl2 || "未占用"}</a-tag>
-                    </span>
-                    <a-button type="primary" onClick={() => doBindRequest("url2")}>
-                      绑定到地址2
-                    </a-button>
-                  </div>
-                </div>
-              );
-            },
-            onOk: async () => {
-              // await this.doBindUrl();
-              window.location.href = bindUrl;
-            },
-            okButtonProps: {
-              danger: true,
-            },
-            okText: "不，回到原来的地址",
-            cancelText: "不，回到原来的地址",
-            onCancel: () => {
-              window.location.href = bindUrl;
-            },
-          });
-        }
-      }
+      const modalRef: any = Modal.warning({
+        title: "URL地址未绑定，是否绑定此地址？",
+        width: 500,
+        keyboard: false,
+        content: () => {
+          return (
+            <div class="p-4">
+              <div class="flex items-center justify-between">
+                <span>
+                  绑定地址1：
+                  <a-tag color="green">{bindUrl || "未占用"}</a-tag>
+                </span>
+                <a-button type="primary" onClick={() => doBindRequest("url")}>
+                  绑定到地址1
+                </a-button>
+              </div>
+              <div class="flex items-center justify-between mt-3">
+                <span>
+                  绑定地址2：
+                  <a-tag color="green">{bindUrl2 || "未占用"}</a-tag>
+                </span>
+                <a-button type="primary" onClick={() => doBindRequest("url2")}>
+                  绑定到地址2
+                </a-button>
+              </div>
+            </div>
+          );
+        },
+        onOk: async () => {
+          // await this.doBindUrl();
+          window.location.href = bindUrl;
+        },
+        okButtonProps: {
+          danger: true,
+        },
+        okText: "不，回到原来的地址",
+        cancelText: "不，回到原来的地址",
+        onCancel: () => {
+          window.location.href = bindUrl;
+        },
+      });
     },
     async loadProductInfo() {
       try {

packages/ui/certd-client/src/store/user/api.user.ts

@@ -107,3 +107,41 @@ export async function OauthProviders() {
     method: "post",
   });
 }
+
+export async function generatePasskeyRegistrationOptions() {
+  return await request({
+    url: "/passkey/generateRegistration",
+    method: "post",
+  });
+}
+
+export async function verifyPasskeyRegistration(response: any, challenge: string) {
+  return await request({
+    url: "/passkey/verifyRegistration",
+    method: "post",
+    data: { response, challenge },
+  });
+}
+
+export async function generatePasskeyAuthenticationOptions() {
+  return await request({
+    url: "/passkey/generateAuthentication",
+    method: "post",
+  });
+}
+
+export async function loginByPasskey(form: { credential: any; challenge: string }) {
+  return await request({
+    url: "/loginByPasskey",
+    method: "post",
+    data: form,
+  });
+}
+
+export async function registerPasskey(form: { response: any; challenge: string }) {
+  return await request({
+    url: "/passkey/register",
+    method: "post",
+    data: form,
+  });
+}

packages/ui/certd-client/src/store/user/index.ts

@@ -92,6 +92,16 @@ export const useUserStore = defineStore({
       const loginRes = await UserApi.loginByTwoFactor(form);
       return await this.onLoginSuccess(loginRes);
     },
+
+    async loginByPasskey(form: any) {
+      const loginRes = await UserApi.loginByPasskey(form);
+      return await this.onLoginSuccess(loginRes);
+    },
+
+    async registerPasskey(form: any) {
+      return await UserApi.registerPasskey(form);
+    },
+
     async getUserInfoAction(): Promise<UserInfoRes> {
       const userInfo = await UserApi.mine();
       this.setUserInfo(userInfo);

packages/ui/certd-client/src/style/certd.less

@@ -118,3 +118,16 @@ span.fs-icon-svg {
   }
 }
 
+
+button.ant-btn.ant-btn-default.isPlus{
+  color: #c5913f;
+  border: 1px solid #c5913f;
+
+  &:disabled {
+    cursor: not-allowed;
+    border-color: hsl(240 5.9% 90%);
+    color: rgba(50, 54, 57, 0.25);
+    background-color: rgba(50, 54, 57, 0.04);
+    box-shadow: none;
+  }
+}

packages/ui/certd-client/src/style/common.less

@@ -21,8 +21,10 @@ div#app {
   height: 100%;
 }
 
-pre.pre {
-  font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
+pre{
+  &.pre,&.helper{
+   font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji" !important;
+  }
 }
 
 h1,
@@ -110,10 +112,10 @@ h6 {
   flex: 0;
 }
 
-.flex-col {
-  display: flex;
-  flex-direction: column;
-}
+// .flex-col {
+//   display: flex;
+//   flex-direction: column;
+// }
 
 .align-left {
   text-align: left;
@@ -295,10 +297,13 @@ h6 {
 }
 
 .helper {
-  color: #aeaeae;
+  color: #8f8f8f;
   font-size: 12px;
   margin-top: 3px;
   margin-bottom: 3px;
+  white-space: pre-wrap;
+  word-wrap: break-word;
+  word-break: break-word;
 
   &.error {
     color: #ff4d4f;

packages/ui/certd-client/src/use/use-dialog.ts

@@ -1,4 +1,5 @@
 import { useFormWrapper } from "@fast-crud/fast-crud";
+import { merge } from "lodash-es";
 
 export type FormOptionReq = {
   title: string;
@@ -7,6 +8,7 @@ export type FormOptionReq = {
   body?: any;
   initialForm?: any;
   zIndex?: number;
+  wrapper?: any;
 };
 
 export function useFormDialog() {
@@ -14,19 +16,23 @@ export function useFormDialog() {
 
   async function openFormDialog(req: FormOptionReq) {
     function createCrudOptions() {
+      const warpper = merge(
+        {
+          zIndex: req.zIndex,
+          title: req.title,
+          saveRemind: false,
+          slots: {
+            "form-body-top": req.body,
+          },
+        },
+        req.wrapper
+      );
       return {
         crudOptions: {
           columns: req.columns,
           form: {
             initialForm: req.initialForm,
-            wrapper: {
-              zIndex: req.zIndex,
-              title: req.title,
-              saveRemind: false,
-              slots: {
-                "form-body-top": req.body,
-              },
-            },
+            wrapper: warpper,
             async afterSubmit() {},
             async doSubmit({ form }: any) {
               if (req.onSubmit) {

packages/ui/certd-client/src/use/use-refrence.tsx

@@ -1,5 +1,5 @@
-import * as _ from "lodash-es";
 import { asyncCompute, compute } from "@fast-crud/fast-crud";
+import { merge } from "lodash-es";
 import { computed } from "vue";
 
 export type MergeScriptContext = {
@@ -18,7 +18,7 @@ export function useReference(formItem: any) {
     const script = formItem.mergeScript;
     const func = new Function("ctx", script);
     const merged = func(ctx);
-    _.merge(formItem, merged);
+    merge(formItem, merged);
 
     delete formItem.mergeScript;
   }

packages/ui/certd-client/src/vben/layouts/widgets/user-dropdown/user-dropdown.vue

@@ -67,7 +67,7 @@ const props = withDefaults(defineProps<Props>(), {
   hoverDelay: 500,
 });
 
-const emit = defineEmits<{ logout: [] }>();
+const emit = defineEmits<{ logout: []; userProfile: [] }>();
 
 const { globalLockScreenShortcutKey, globalLogoutShortcutKey } = usePreferences();
 const lockStore = useLockStore();
@@ -132,6 +132,11 @@ function handleSubmitLogout() {
   logoutModalApi.close();
 }
 
+function handleUserProfile() {
+  emit("userProfile");
+  openPopover.value = false;
+}
+
 if (enableShortcutKey.value) {
   const keys = useMagicKeys();
   whenever(keys["Alt+KeyQ"]!, () => {
@@ -173,7 +178,7 @@ if (enableShortcutKey.value) {
     </DropdownMenuTrigger>
     <DropdownMenuContent class="mr-2 min-w-[240px] p-0 pb-1">
       <div ref="refContent">
-        <DropdownMenuLabel class="flex items-center p-3">
+        <DropdownMenuLabel class="flex items-center p-3 pointer" @click="handleUserProfile">
           <VbenAvatar :alt="text" :src="avatar" class="size-12" dot dot-class="bottom-0 right-1 border-2 size-4 bg-green-500" />
           <div class="ml-2 w-full">
             <div v-if="tagText || text || $slots.tagText" class="text-foreground mb-1 flex items-center text-sm font-medium">

packages/ui/certd-client/src/views/certd/access/access-selector/access/crud.tsx

@@ -18,6 +18,8 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
     const { form, row } = req;
     form.id = row.id;
     form.type = props.type;
+    delete form.access;
+    delete form.keyId;
     const res = await context.api.UpdateObj(form);
     lastResRef.value = res;
     return res;
@@ -30,6 +32,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
   const addRequest = async (req: AddReq) => {
     const { form } = req;
     form.type = props.type;
+    delete form.access;
     const res = await context.api.AddObj(form);
     lastResRef.value = res;
     return res;
@@ -70,6 +73,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           width: "1050px",
         },
       },
+
       rowHandle: {
         width: 200,
       },
@@ -89,6 +93,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             }, // 点击行
           };
         },
+        remove: {
+          confirmMessage: "授权如果已经被使用，可能会导致流水线无法正常运行，请谨慎操作",
+        },
       },
       columns: {
         id: {
@@ -143,7 +150,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             order: 10,
           },
           valueBuilder: ({ row, key, value }) => {
-            row[key] = row.userId > 0 ? "user" : "sys";
+            row[key] = row.userId != 0 ? "user" : "sys";
           },
         },
         ...commonColumnsDefine,

packages/ui/certd-client/src/views/certd/access/api.ts

@@ -3,6 +3,7 @@ import { request } from "/src/api/service";
 export function createAccessApi(from = "user") {
   const apiPrefix = from === "sys" ? "/sys/access" : "/pi/access";
   return {
+    from,
     async GetList(query: any) {
       if (query?.query) {
         delete query.query.access;

packages/ui/certd-client/src/views/certd/access/common.tsx

@@ -6,6 +6,7 @@ import SecretPlainGetter from "/@/views/certd/access/access-selector/access/secr
 import { utils } from "/@/utils";
 
 export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
+  provide("getFromType", api.from);
   provide("accessApi", api);
   provide("get:plugin:type", () => {
     return "access";

packages/ui/certd-client/src/views/certd/access/crud.tsx

@@ -15,6 +15,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
   const editRequest = async (req: EditReq) => {
     const { form, row } = req;
     form.id = row.id;
+    delete form.access;
     const res = await api.UpdateObj(form);
     return res;
   };
@@ -25,6 +26,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
 
   const addRequest = async (req: AddReq) => {
     const { form } = req;
+    delete form.access;
     const res = await api.AddObj(form);
     return res;
   };
@@ -121,7 +123,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             order: 10,
           },
           valueBuilder: ({ row, key, value }) => {
-            row[key] = row.userId > 0 ? "user" : "sys";
+            row[key] = row.userId != 0 ? "user" : "sys";
           },
         },
         ...commonColumnsDefine,