v1.38.0

ssh、aliyun、tencent、qiniu、oss等 access和client需要转移import

.github/workflows/base-image-build.yml

@@ -0,0 +1,45 @@
+name: build-node-base-image
+# 废弃，比默认的占用内存更多
+on:
+  push:
+    branches: ['v2-dev1']
+    paths:
+      - "scripts/build/Dockerfile"
+#  schedule:
+#    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
+#    - cron: '17 19 * * *'
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  build-node-base-image:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          lfs: true
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.dockerhub_username }}
+          password: ${{ secrets.dockerhub_password }}
+
+      - name: Build default platforms
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          push: true
+          context: ./scripts/build/
+          tags: |
+            greper/node-base:22-alpine-2
+     

.github/workflows/publish-atom.yaml

@@ -0,0 +1,60 @@
+name: publish-atomgit
+on:
+  push:
+    branches: ['v2-dev']
+    paths:
+      - "trigger/publish.trigger"
+#  workflow_run:
+#    workflows: [ "deploy-demo" ]
+#    types:
+#      - completed
+
+#  schedule:
+#    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
+#    - cron: '17 19 * * *'
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  publish-atomgit:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          lfs: true
+      - name: get_certd_version
+        id: get_certd_version
+        uses: actions/github-script@v6
+        with:
+          result-encoding: string
+          script: |
+            const fs = require('fs');
+            const path = require('path');
+            const pnpmWorkspace = "./pnpm-workspace.yaml";
+            fs.unlinkSync(pnpmWorkspace)
+            const jsonFilePath = "./packages/ui/certd-server/package.json";
+            const jsonContent = fs.readFileSync(jsonFilePath, 'utf-8');
+            const pkg = JSON.parse(jsonContent)
+            console.log("certd_version:",pkg.version);
+            return pkg.version
+      - run: |
+          npm install -g pnpm
+          pnpm install
+          npm run build
+        working-directory: ./packages/ui/certd-client
+            
+      - name: publish_to_atomgit
+        id: publish_to_atomgit
+        run: |
+          rootDir=$(pwd)
+          rm -rf ./packages/ui/certd-client/dist/**/*.gz 
+          cd ./packages/ui/certd-client/dist && zip -r ../ui.zip .
+          cd $rootDir
+          export ATOMGIT_TOKEN=${{ secrets.ATOMGIT_TOKEN }}
+          pnpm install
+          npm run publish_to_atomgit
+        working-directory: ./
+     

.github/workflows/release-image.yml

@@ -117,7 +117,6 @@ jobs:
 #            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
 #            greper/certd-agent:latest
 #            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
-
       - name: deploy-certd-doc
         uses: tyrrrz/action-http-request@master
         with:
@@ -131,3 +130,13 @@ jobs:
             Content-Type: application/json
           retry-count: 3
           retry-delay: 5000
+      
+      - name: publish_to_atomgit
+        id: publish_to_atomgit
+        run: |
+          rm -rf ./packages/ui/certd-client/dist/**/*.gz 
+          cd ./packages/ui/certd-client/dist && zip -r ../../../ui.zip .
+          export ATOMGIT_TOKEN=${{ secrets.ATOMGIT_TOKEN }}
+          pnpm install
+          npm run publish_to_atomgit
+        working-directory: ./

.github/workflows/sync-to-atomgit-dev.yml

@@ -0,0 +1,34 @@
+name: sync-to-atomgit-dev
+on:
+  push:
+    branches: ['v2-dev']
+#  schedule:
+#    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
+#    - cron: '17 19 * * *'
+permissions:
+  contents: read
+
+jobs:
+  sync:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          lfs: true
+      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
+        run: |
+          git config --global user.name "xiaojunnuo"
+          git config --global user.email "xiaojunnuo@qq.com"
+
+      - name: Set git token                 # 3. 给git命令设置token，用于push到目标仓库
+        uses: de-vri-es/setup-git-credentials@v2
+        with:                              # token 格式为： username:password
+          credentials: https://greper:${{secrets.ATOMGIT_TOKEN}}@atomgit.com
+
+      - name: push to atomgit               # 4. 执行同步
+        run: |
+          git remote add upstream https://atomgit.com/certd/certd
+          git push --set-upstream upstream v2-dev
+

.github/workflows/sync-to-atomgit.yml

@@ -0,0 +1,34 @@
+name: sync-to-atomgit
+on:
+  push:
+    branches: ['v2']
+#  schedule:
+#    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
+#    - cron: '17 19 * * *'
+permissions:
+  contents: read
+
+jobs:
+  sync:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          lfs: true
+      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
+        run: |
+          git config --global user.name "xiaojunnuo"
+          git config --global user.email "xiaojunnuo@qq.com"
+
+      - name: Set git token                 # 3. 给git命令设置token，用于push到目标仓库
+        uses: de-vri-es/setup-git-credentials@v2
+        with:                              # token 格式为： username:password
+          credentials: https://greper:${{secrets.ATOMGIT_TOKEN}}@atomgit.com
+
+      - name: push to atomgit               # 4. 执行同步
+        run: |
+          git remote add upstream https://atomgit.com/certd/certd
+          git push --set-upstream upstream v2
+

.npmrc

@@ -3,4 +3,4 @@ prefer-workspace-packages=true
 better_sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
 better_sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3
 better-sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
-better-sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3
+better-sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3

.vscode/launch.json

@@ -44,6 +44,16 @@
             "runtimeArgs": ["dev-pg"],
             "console": "integratedTerminal",
             "internalConsoleOptions": "neverOpen"
+        },
+         {
+            "name": "server-pgpl",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev-pgpl"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
         },
         {
             "name": "server-common",

CHANGELOG.md

@@ -3,6 +3,70 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+### Bug Fixes
+
+* 修复禁用第三方登录自动注册无效的bug ([7ee39fd](https://github.com/certd/certd/commit/7ee39fd4eddfc847bcef879f0904a4319993d081))
+* 修复又拍云upyun密码错误没有报错的bug ([235972f](https://github.com/certd/certd/commit/235972f3dabe0b87879a2d9950367dc45edfebe8))
+* 修复重启certd后，再启用流水线，不会自动执行的bug ([468ccbf](https://github.com/certd/certd/commit/468ccbf2b725fc4b78ce4b950a114e4a4be57698))
+* 优化源码部署缺少wget的提示 ([f193341](https://github.com/certd/certd/commit/f193341eaef765b7586a0b6e7c73015470536cc2))
+
+### Features
+
+* 【破坏性更新】插件改为metadata加载模式，plugin-cert、plugin-lib包部分代码转移到certd-server中，影响自定义插件，需要修改相关import引用 ([a3fb249](https://github.com/certd/certd/commit/a3fb24993d7ac8fbb0bb354fa02ef067f609021e))
+* 通过metadata加载插件，降低内存占用 ([7634f15](https://github.com/certd/certd/commit/7634f153b7004462f207062c0502d8345e318cc7))
+
+### Performance Improvements
+
+* 流水线页面可以查看证书过期时间 ([be03d8e](https://github.com/certd/certd/commit/be03d8e13752c355dbec158da78b9cb4c3b3bb5d))
+* 每页记录条数保持 ([14f9987](https://github.com/certd/certd/commit/14f99875fb3f535fa5ffb7bf5db3960b105aa7aa))
+* 手机号登录放到前面 ([26ac081](https://github.com/certd/certd/commit/26ac08118219407c5dd3afc35130cdd48b8fab05))
+* 新增部署1panel面板证书插件 ([4243622](https://github.com/certd/certd/commit/42436224148d6fffe5da8e5e0185a698e079032b))
+* 优化微信支付对接文档 ([64e0d9a](https://github.com/certd/certd/commit/64e0d9a4d54b0d9da028be2c5e0ece7a97b2c250))
+* 优化站点监控，支持设置忽略主站证书一致性，支持开启和关闭自动同步ip ([26f75c7](https://github.com/certd/certd/commit/26f75c71ba8866278dbe117f1bfaf671e7f70781))
+* 增加邮件发送证书模版配置 ([cabc4da](https://github.com/certd/certd/commit/cabc4da3ac003a8c699c69f5bffea4c149be185c))
+* 站点监控增加是否自动同步IP开关 ([5268904](https://github.com/certd/certd/commit/52689049ae8e004e1252ab1e2872fbf676e0295f))
+* 证书流水线可以开启webhook ([840bd52](https://github.com/certd/certd/commit/840bd526714072315244a6900c95395d2d62f647))
+* 支持部署到exsi，openwrt ([dae87e2](https://github.com/certd/certd/commit/dae87e26a3266a2bf26afe1ef4c489a3f6bf41e4))
+* 支持公告功能 ([a79fe1f](https://github.com/certd/certd/commit/a79fe1f350f2991af9e5b50825f1776029677fc5))
+* 支持webhook触发流水线，新增触发类型图标显示 ([1a29541](https://github.com/certd/certd/commit/1a2954114063a8b994c257a90e5814e0a3a8d924))
+* webhook触发器一个流水线限制只能添加一个 ([6c39d7b](https://github.com/certd/certd/commit/6c39d7b1eecb679cb6506b0e3557e8152e01417d))
+* zenlayer证书更新 ([9ba6c83](https://github.com/certd/certd/commit/9ba6c838215d0750cda925778a47002a521f05e9))
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+### Bug Fixes
+
+* 发送证书到邮箱插件的邮件模版转为使用邮箱配置中的通用模版 ([c5a3003](https://github.com/certd/certd/commit/c5a3003cf7b640500a90ec2c8961859ffe6fdb18))
+* 首页最快到期证书，不包含已禁用的流水线 ([d731956](https://github.com/certd/certd/commit/d731956b066e4dbbe24d4de7b3d3679b355eb97c))
+* 修复部署到华为obs 报错的bug ([dd19afc](https://github.com/certd/certd/commit/dd19afce928a7f36312af9df1e7e5ed3eb1e214a))
+* 修复从模版创建的流水线不会自动执行的bug ([833808c](https://github.com/certd/certd/commit/833808c5deb716122b241d3d67349d2d6a18bf45))
+* 修复流水线列表step数量统计错误的bug ([0e5a4fb](https://github.com/certd/certd/commit/0e5a4fb098d3261b690c551cf2b95198cac487e7))
+* 修复用户删除后，用相同的oauth授权登录报错用户不存在的问题 ([e505916](https://github.com/certd/certd/commit/e5059165259e4d757abc811c0c14bbc4a3dbaee9))
+* 修复站点ip监控报主站与ip证书过期时间不一致的问题 ([62f8525](https://github.com/certd/certd/commit/62f8525dd5da95dc07ed103f602644c6e5f7f8e3))
+* 修复serverchan3 没有选择tags报错的bug ([5bbf210](https://github.com/certd/certd/commit/5bbf210394883c4893c365bd16e999490b6e9b41))
+* telegram 修复消息内存在横杠无法发出的bug ([5f4469e](https://github.com/certd/certd/commit/5f4469e306187c31d8a74d53b17ea3a213420367))
+
+### Performance Improvements
+
+* 批量修改定时时间支持随机时间 ([d0f653d](https://github.com/certd/certd/commit/d0f653da9a2970920e961e7404ff04080bccd343))
+* 批量运行优化，支持普通运行和强制重新运行 ([039c62b](https://github.com/certd/certd/commit/039c62b09b37cdda35d33c6ee9adecad62dee75c))
+* 升级lego到4.30.1版本 ([136e8dd](https://github.com/certd/certd/commit/136e8dd7c5ff7199ff4b0bcca95b8a03aa847553))
+* 腾讯云EO增加请求参数打印 ([5b5deac](https://github.com/certd/certd/commit/5b5deac7d98684eda5c68384241a4d62c48d803b))
+* 优化阿里云esa清理证书时机 ([5359a76](https://github.com/certd/certd/commit/5359a7670fac5a18c4294b37a34227308a0deed6))
+* 优化源码方式部署，前端无需编译 ([13ddc97](https://github.com/certd/certd/commit/13ddc979ec7953e3db8db76dd23fd85a3b3c7997))
+* 支持部署到goedge ([44bf4b1](https://github.com/certd/certd/commit/44bf4b1cc1aafa2d711c3b8e408009f0ceb413eb))
+* 支持从阿里云商用证书订单中获取证书 ([8872466](https://github.com/certd/certd/commit/887246696861c3a0b1f99fd9ad978caea423c650))
+* 支持授权给管理员查看和下载用户证书 ([1347355](https://github.com/certd/certd/commit/1347355cb117694abe99da385352a19771a32e84))
+* 支持执行队列，避免同一时间触发流水线太多导致被限制 ([888d959](https://github.com/certd/certd/commit/888d9591fe9730b529e1c355d71f41e7ec9b479d))
+* 支持aws route53 dns ([cbb8319](https://github.com/certd/certd/commit/cbb8319cfa48673e81ec15894adc3376c173c97e))
+* 支持ucloud waf（未测试） ([a248367](https://github.com/certd/certd/commit/a248367b154c38661a6797ef64e37ec99d4e2abf))
+* 支持ucloud，上传到ussl，部署到ucdn ([e61daae](https://github.com/certd/certd/commit/e61daaee2d0dec19710cd4ec759219a071f2435e))
+* 执行队列数量支持设置 ([cd94488](https://github.com/certd/certd/commit/cd944882c3272adad4a2da94a3889a01fe05fe13))
+* aws route53 ([8caab1f](https://github.com/certd/certd/commit/8caab1fd9264df548f467b94202d567107b7a30b))
+* ip证书校验方式提示 ([773cada](https://github.com/certd/certd/commit/773cada57a01fb28ea8602062aaeec3d45109ea9))
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 ### Bug Fixes

README.md

@@ -27,18 +27,19 @@ Certd® 是一个免费的全自动证书管理系统，让你的网站证书永
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
-* 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
-* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
-* 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
-* 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
-* 私有化部署，数据保存本地，安装简单快捷，镜像由Github Actions构建，过程公开透明
-* 授权加密，站点隐藏，2FA，密码防爆破等多重安全保障
-* 支持SQLite，PostgreSQL、MySQL多种数据库
-* 开放接口支持
-* 站点证书监控
-* 多用户管理
-* 多语言支持（中英双语切换）
-* 各版本向下兼容，一键无忧升级
+* **全自动申请证书**: 支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式
+* **全自动部署更新证书**: 目前支持部署到主机、阿里云、腾讯云等110+部署插件
+* **多种证书格式**: 支持pem、pfx、der、jks、p7b
+* **免费通配符域名/泛域名证书**: 支持多个域名打到一个证书上
+* **多种通知方式**: 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
+* **私有化部署**: 数据保存本地，安装简单快捷，镜像由Github Actions构建，过程公开透明
+* **多重安全保障**: 授权加密，站点隐藏，2FA，密码防爆破等多重安全保障
+* **多数据库支持**：支持SQLite、PostgreSQL、MySQL
+* **开放接口支持**： 提供RESTful API接口，方便集成到其他系统
+* **站点证书监控**： 定时监控网站证书的过期时间
+* **多用户管理**： 用户可以管理自己的证书流水线
+* **多语言支持**： 中英双语切换
+* **一键无忧升级**： 版本向下兼容
 
 
   ![](./docs/images/intro/intro.svg)
@@ -158,28 +159,30 @@ https://certd.handfree.work/
 | 二维码 | <img height="230" src="./docs/guide/contact/images/me.png"> |
 
 
-## 八、捐赠
+## 八、赞助捐赠
 
 开源为什么要做专业版收费？
-1. 纯靠为爱发电不可持续（比如：我的dev-sidecar项目即便是拥有20K+star，也差点凉凉，幸亏有另外大佬接手用爱发电）    
+1. 纯靠为爱发电不可持续（比如：我的[dev-sidecar项目](https://github.com/docmirror/dev-sidecar)即便是拥有20K+star，也差点凉凉，幸亏有另外大佬接手用爱发电）    
 2. 没有赞助的项目，作者会比较任性，不会用心倾听用户的心声，不顾用户体验（比如：下意识拒绝需求、频繁破坏性变更升级、全盘推倒重来之类的） 
 3. 没有赞助的项目，交流群的戾气有时候比较重，容易起冲突     
 
-发电权益：
-1. 可加入发电专属VIP群，可以获得作者一对一技术支持，必要时可以远程协助
+赞助权益：
+1. 可加入专属VIP群，可以获得作者一对一技术支持，必要时可以远程协助
 2. 您的需求我们将优先实现，并且可能将作为专业版功能提供
 3. 获得专业版功能
 
+[50元专业版优惠券限时领取](https://app.handfree.work/subject/#/app/certd/product)
+
 专业版特权对比
 
 | 功能      | 免费版                                   | 专业版                     |
 |---------|---------------------------------------|--------------------------------|
 | 免费证书申请  | 免费无限制                        | 免费无限制                      |
-| 域名数量      | 无限制                           | 无限制                          |
+| 证书域名数量      | 无限制                           | 无限制                          |
 | 证书流水线条数 | 无限制                           | 无限制                          |
-| 站点证书监控  | 限制1条                           | 无限制                          |
 | 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件     |     群晖、威联通、proxmox等  |
 | 通知         | 邮件通知、自定义webhook            | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
+| 站点监控  | 限制1条                           | 无限制                          |
 | 批量操作      | 无                               | 流水线模版，流水线复制，批量运行，批量设置通知、定时等 |
 | VIP群        | 无                               | 可加，一对一技术支持，必要时可申请远程协助  |
 

docs/.vitepress/config.ts

@@ -81,7 +81,8 @@ export default defineConfig({
                             ]
                         },
                         {text: "演示教程", link: "/guide/tutorial.md"},
-                        {text: "版本升级", link: "/guide/install/upgrade.md"}
+                        {text: "版本升级", link: "/guide/install/upgrade.md"},
+                        {text: "赞助专业版", link: "/guide/donate/"},
                     ]
                 },
                 {
@@ -139,7 +140,6 @@ export default defineConfig({
                         {text: "更新日志", link: "/guide/changelogs/CHANGELOG.md"},
                         {text: "镜像说明", link: "/guide/image.md"},
                         {text: "联系我们", link: "/guide/contact/"},
-                        {text: "捐赠", link: "/guide/donate/"},
                         {text: "开源协议", link: "/guide/license/"},
                         {text: "我的其他开源项目", link: "/guide/link/"},
                     ]

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,39 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+### Bug Fixes
+
+* 发送证书到邮箱插件的邮件模版转为使用邮箱配置中的通用模版 ([c5a3003](https://github.com/certd/certd/commit/c5a3003cf7b640500a90ec2c8961859ffe6fdb18))
+* 首页最快到期证书，不包含已禁用的流水线 ([d731956](https://github.com/certd/certd/commit/d731956b066e4dbbe24d4de7b3d3679b355eb97c))
+* 修复部署到华为obs 报错的bug ([dd19afc](https://github.com/certd/certd/commit/dd19afce928a7f36312af9df1e7e5ed3eb1e214a))
+* 修复从模版创建的流水线不会自动执行的bug ([833808c](https://github.com/certd/certd/commit/833808c5deb716122b241d3d67349d2d6a18bf45))
+* 修复流水线列表step数量统计错误的bug ([0e5a4fb](https://github.com/certd/certd/commit/0e5a4fb098d3261b690c551cf2b95198cac487e7))
+* 修复用户删除后，用相同的oauth授权登录报错用户不存在的问题 ([e505916](https://github.com/certd/certd/commit/e5059165259e4d757abc811c0c14bbc4a3dbaee9))
+* 修复站点ip监控报主站与ip证书过期时间不一致的问题 ([62f8525](https://github.com/certd/certd/commit/62f8525dd5da95dc07ed103f602644c6e5f7f8e3))
+* 修复serverchan3 没有选择tags报错的bug ([5bbf210](https://github.com/certd/certd/commit/5bbf210394883c4893c365bd16e999490b6e9b41))
+* telegram 修复消息内存在横杠无法发出的bug ([5f4469e](https://github.com/certd/certd/commit/5f4469e306187c31d8a74d53b17ea3a213420367))
+
+### Performance Improvements
+
+* 批量修改定时时间支持随机时间 ([d0f653d](https://github.com/certd/certd/commit/d0f653da9a2970920e961e7404ff04080bccd343))
+* 批量运行优化，支持普通运行和强制重新运行 ([039c62b](https://github.com/certd/certd/commit/039c62b09b37cdda35d33c6ee9adecad62dee75c))
+* 升级lego到4.30.1版本 ([136e8dd](https://github.com/certd/certd/commit/136e8dd7c5ff7199ff4b0bcca95b8a03aa847553))
+* 腾讯云EO增加请求参数打印 ([5b5deac](https://github.com/certd/certd/commit/5b5deac7d98684eda5c68384241a4d62c48d803b))
+* 优化阿里云esa清理证书时机 ([5359a76](https://github.com/certd/certd/commit/5359a7670fac5a18c4294b37a34227308a0deed6))
+* 优化源码方式部署，前端无需编译 ([13ddc97](https://github.com/certd/certd/commit/13ddc979ec7953e3db8db76dd23fd85a3b3c7997))
+* 支持部署到goedge ([44bf4b1](https://github.com/certd/certd/commit/44bf4b1cc1aafa2d711c3b8e408009f0ceb413eb))
+* 支持从阿里云商用证书订单中获取证书 ([8872466](https://github.com/certd/certd/commit/887246696861c3a0b1f99fd9ad978caea423c650))
+* 支持授权给管理员查看和下载用户证书 ([1347355](https://github.com/certd/certd/commit/1347355cb117694abe99da385352a19771a32e84))
+* 支持执行队列，避免同一时间触发流水线太多导致被限制 ([888d959](https://github.com/certd/certd/commit/888d9591fe9730b529e1c355d71f41e7ec9b479d))
+* 支持aws route53 dns ([cbb8319](https://github.com/certd/certd/commit/cbb8319cfa48673e81ec15894adc3376c173c97e))
+* 支持ucloud waf（未测试） ([a248367](https://github.com/certd/certd/commit/a248367b154c38661a6797ef64e37ec99d4e2abf))
+* 支持ucloud，上传到ussl，部署到ucdn ([e61daae](https://github.com/certd/certd/commit/e61daaee2d0dec19710cd4ec759219a071f2435e))
+* 执行队列数量支持设置 ([cd94488](https://github.com/certd/certd/commit/cd944882c3272adad4a2da94a3889a01fe05fe13))
+* aws route53 ([8caab1f](https://github.com/certd/certd/commit/8caab1fd9264df548f467b94202d567107b7a30b))
+* ip证书校验方式提示 ([773cada](https://github.com/certd/certd/commit/773cada57a01fb28ea8602062aaeec3d45109ea9))
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 ### Bug Fixes

docs/guide/donate/index.md

@@ -1,28 +1,65 @@
-# 捐赠
-************************
-支持开源，为爱发电，我已入驻爱发电   
-https://afdian.com/a/greper
+# 专业版赞助
 
-## 发电权益：
-1. 可加入发电专属群，可以获得作者一对一技术支持
+## 开源为什么要做专业版收费？
+1. 纯靠为爱发电不可持续，容易烂尾（比如：我的dev-sidecar项目即便是拥有20K+star，也差点凉凉，幸亏有另外大佬接手用爱发电）    
+2. 没有赞助的项目，作者会比较任性，不会用心倾听用户的心声，不顾用户体验（比如：下意识拒绝需求、频繁破坏性变更升级、全盘推倒重来之类的） 
+3. 没有赞助的项目，交流群的戾气有时候比较重，容易起冲突        
+
+## 赞助权益：
+1. 可加入专属VIP群，可以获得作者一对一技术支持，必要时可以远程协助
+# 专业版赞助
+
+## 开源为什么要做专业版收费？
+1. 纯靠为爱发电不可持续，容易烂尾（比如：我的[dev-sidecar项目](https://github.com/docmirror/dev-sidecar)即便是拥有20K+star，也差点凉凉，幸亏有另外大佬接手用爱发电）    
+2. 没有赞助的项目，作者会比较任性，不会用心倾听用户的心声，不顾用户体验（比如：下意识拒绝需求、频繁破坏性变更升级、全盘推倒重来之类的） 
+3. 没有赞助的项目，交流群的戾气有时候比较重，容易起冲突        
+
+## 赞助权益：
+1. 可加入专属VIP群，可以获得作者一对一技术支持，必要时可以远程协助
 2. 您的需求我们将优先实现，并且将作为专业版功能提供
-3. 一年期专业版激活码
+3. 获得专业版功能
 
+****------------------****
+> [限时¥50永久专业版优惠券，点我立刻领取](https://app.handfree.work/subject/#/app/certd/product)
 
+****------------------****
 ## 专业版特权对比
 
-| 功能      | 免费版                    | 专业版                         |
-|---------|------------------------|-----------------------------|
-| 免费证书申请  | 免费无限制                  | 免费无限制                       |
-| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中       |
-| 证书流水线条数 | 无限制                    | 无限制                         |
-| 站点证书监控  | 限制1条                   | 无限制                         |
-| 通知      | 邮件通知、自定义webhook        | 邮件免配置、企微、飞书、anpush、server酱等 |
+| 功能                | 免费版                                   | 专业版                     |
+|---------|---------------------------------------|--------------------------------|
+| 证书申请  | 无限制                        | 无限制                      |
+| 证书域名数量      | 无限制                           | 无限制           |
+| 证书流水线条数 | 无限制                           | 无限制                          |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件     |     群晖、威联通、proxmox等  |
+| 通知         | 邮件通知、自定义webhook            | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
+| 站点监控  | 限制1条                           | 无限制                          |
+| 批量操作      | 无                               | 流水线模版，流水线复制，批量运行，批量设置通知、定时等 |
+| VIP群        | 无                               | 可加，一对一技术支持，必要时可申请远程协助  |
 
 
 ## 专业版激活方式
 
 ![](./images/plus.png)
 
-发电后，在私信中获取激活码
-************************
+
+## 相关问题
+
+### 1. 购买后VIP状态或时长未更新
+系统管理-->账号绑定页面，打开一下即可自动更新VIP最新状态（如果未登录袖手账号需要先登录）
+
+![](./images/update.png)
+
+
+### 2. 开发票
+联系我们(微信：xiaojunnuo)，并提供支付金额
+
+### 3. VIP是否可以迁移换绑服务器？
+可以的。
+* 方式1. 直接将备份数据在新服务器上还原即可（首次访问会提示您是否绑定新url，点击是即可）
+* 方式2. 如果旧站点数据丢失，您也可以部署一个新站点，然后在系统管理-->账号绑定页面，转移VIP即可
+
+![](./images/transfer.png)
+
+
+
+

docs/guide/plugins/access.md

@@ -5,68 +5,71 @@
 | 1.| **主机登录授权** |  | 
 | 2.| **阿里云授权** |  | 
 | 3.| **阿里云ESA授权** |  | 
-| 4.| **腾讯云** |  | 
-| 5.| **华为云授权** |  | 
-| 6.| **火山引擎** |  | 
-| 7.| **京东云** |  | 
+| 4.| **华为云授权** |  | 
+| 5.| **腾讯云** |  | 
+| 6.| **京东云** |  | 
+| 7.| **火山引擎** |  | 
 | 8.| **七牛云授权** |  | 
-| 9.| **天翼云授权** |  | 
+| 9.| **百度云授权** |  | 
 | 10.| **baota授权** |  | 
-| 11.| **百度云授权** |  | 
-| 12.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
-| 13.| **google cloud** | 谷歌云授权 | 
-| 14.| **SFTP授权** |  | 
-| 15.| **阿里云OSS授权** | 包含地域和Bucket | 
-| 16.| **FTP授权** |  | 
-| 17.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
-| 18.| **七牛OSS授权** |  | 
-| 19.| **s3/minio授权** | S3/minio oss授权 | 
-| 20.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
-| 21.| **易盾DCDN授权** | https://user.yiduncdn.com | 
-| 22.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
-| 23.| **易发云短信** | sms.yfyidc.cn/ | 
-| 24.| **cdnfly授权** |  | 
-| 25.| **群晖登录授权** |  | 
-| 26.| **k8s授权** |  | 
-| 27.| **1panel授权** | 账号和密码 | 
-| 28.| **LeCDN授权** |  | 
-| 29.| **白山云授权** |  | 
-| 30.| **plesk授权** |  | 
-| 31.| **易支付** |  | 
-| 32.| **支付宝** |  | 
-| 33.| **微信支付** |  | 
-| 34.| **长亭雷池授权** |  | 
-| 35.| **lucky** |  | 
-| 36.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 37.| **uniCloud** | unicloud授权 | 
-| 38.| **猫云授权** |  | 
-| 39.| **授权插件示例** |  | 
-| 40.| **西部数码授权** |  | 
-| 41.| **多吉云** |  | 
-| 42.| **我爱云授权** | 我爱云CDN | 
-| 43.| **CacheFly** | CacheFly | 
-| 44.| **Gcore** | Gcore | 
-| 45.| **亚马逊云aws授权** |  | 
-| 46.| **亚马逊云科技（国区）授权** |  | 
-| 47.| **dns.la授权** |  | 
-| 48.| **又拍云** |  | 
-| 49.| **51dns授权** |  | 
-| 50.| **FlexCDN授权** |  | 
-| 51.| **farcdn授权** |  | 
-| 52.| **cloudflare授权** |  | 
-| 53.| **Github授权** |  | 
-| 54.| **namesilo授权** |  | 
-| 55.| **proxmox** |  | 
-| 56.| **网宿授权** |  | 
-| 57.| **金山云授权** |  | 
-| 58.| **APISIX授权** |  | 
-| 59.| **Dokploy授权** |  | 
-| 60.| **godaddy授权** |  | 
-| 61.| **新网授权** |  | 
-| 62.| **新网授权（代理方式）** |  | 
-| 63.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
-| 64.| **中国移动CND授权** |  | 
-| 65.| **雨云授权** | https://app.rainyun.com/ | 
+| 11.| **天翼云授权** |  | 
+| 12.| **51dns授权** |  | 
+| 13.| **SFTP授权** |  | 
+| 14.| **阿里云OSS授权** | 包含地域和Bucket | 
+| 15.| **APISIX授权** |  | 
+| 16.| **亚马逊云aws授权** |  | 
+| 17.| **亚马逊云科技（国区）授权** |  | 
+| 18.| **CacheFly** | CacheFly | 
+| 19.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 20.| **google cloud** | 谷歌云授权 | 
+| 21.| **cloudflare授权** |  | 
+| 22.| **中国移动CND授权** |  | 
+| 23.| **授权插件示例** |  | 
+| 24.| **dns.la授权** |  | 
+| 25.| **多吉云** |  | 
+| 26.| **Dokploy授权** |  | 
+| 27.| **farcdn授权** |  | 
+| 28.| **FlexCDN授权** |  | 
+| 29.| **Gcore** | Gcore | 
+| 30.| **Github授权** |  | 
+| 31.| **godaddy授权** |  | 
+| 32.| **金山云授权** |  | 
+| 33.| **FTP授权** |  | 
+| 34.| **七牛OSS授权** |  | 
+| 35.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 36.| **s3/minio授权** | S3/minio oss授权 | 
+| 37.| **namesilo授权** |  | 
+| 38.| **1panel授权** | 账号和密码 | 
+| 39.| **支付宝** |  | 
+| 40.| **白山云授权** |  | 
+| 41.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
+| 42.| **cdnfly授权** |  | 
+| 43.| **k8s授权** |  | 
+| 44.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 45.| **LeCDN授权** |  | 
+| 46.| **lucky** |  | 
+| 47.| **猫云授权** |  | 
+| 48.| **plesk授权** |  | 
+| 49.| **长亭雷池授权** |  | 
+| 50.| **群晖登录授权** |  | 
+| 51.| **uniCloud** | unicloud授权 | 
+| 52.| **微信支付** |  | 
+| 53.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 54.| **易发云短信** | sms.yfyidc.cn/ | 
+| 55.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 56.| **易支付** |  | 
+| 57.| **proxmox** |  | 
+| 58.| **UCloud授权** | 优刻得授权 | 
+| 59.| **又拍云** |  | 
+| 60.| **网宿授权** |  | 
+| 61.| **西部数码授权** |  | 
+| 62.| **我爱云授权** | 我爱云CDN | 
+| 63.| **新网授权（代理方式）** |  | 
+| 64.| **新网授权** |  | 
+| 65.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
+| 66.| **Zenlayer授权** | Zenlayer授权 | 
+| 67.| **GoEdge授权** |  | 
+| 68.| **雨云授权** | https://app.rainyun.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/deploy.md

@@ -1,126 +1,131 @@
 # 任务插件
-共 `105` 款任务插件    
+共 `116` 款任务插件    
 ## 1. 证书申请
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **证书申请（JS版）** | 免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
-| 2.| **证书申请（Lego）** | 支持海量DNS解析提供商，推荐使用，一样的免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
-| 3.| **商用证书托管** | 手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次） | 
+| 1.| **商用证书托管** | 手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次） | 
+| 2.| **获取阿里云订阅证书** | 从阿里云拉取订阅模式的商用证书 | 
+| 3.| **证书申请（JS版）** | 免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
+| 4.| **证书申请（Lego）** | 支持海量DNS解析提供商，推荐使用，一样的免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
 ## 2. 主机
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **FTP-上传证书到FTP** | 将证书上传到FTP服务器 | 
-| 2.| **IIS-部署到IIS站点** |  | 
-| 3.| **主机-执行远程主机脚本命令** | 可以执行重启nginx等操作让证书生效 | 
-| 4.| **主机-部署证书到SSH主机** | SFTP上传证书到主机，然后SSH执行部署脚本命令 | 
-| 5.| **主机-复制到本机** | 【仅管理员使用】实际上是复制证书到docker容器内的某个路径，需要做目录映射到宿主机 | 
-| 6.| **上传证书到对象存储OSS** | 支持阿里云OSS、腾讯云COS、七牛云KODO、S3、MinIO、FTP、SFTP | 
+| 1.| **主机-复制到本机** | 【仅管理员使用】实际上是复制证书到docker容器内的某个路径，需要做目录映射到宿主机 | 
+| 2.| **主机-执行远程主机脚本命令** | 可以执行重启nginx等操作让证书生效 | 
+| 3.| **IIS-部署到IIS站点** |  | 
+| 4.| **上传证书到对象存储OSS** | 支持阿里云OSS、腾讯云COS、七牛云KODO、S3、MinIO、FTP、SFTP | 
+| 5.| **主机-部署证书到SSH主机** | 上传证书到主机覆盖原来的证书文件，然后自动执行部署脚本命令使证书生效 | 
+| 6.| **Exsi-部署证书到Exsi** |  | 
+| 7.| **FTP-上传证书到FTP** | 将证书上传到FTP服务器 | 
+| 8.| **Openwrt-部署证书到Openwrt** |  | 
 ## 3. CDN
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **易盾-部署到易盾DCDN** | 主要是防御，http://user.yiduncdn.com/ | 
-| 2.| **易盾-部署到易盾RCDN** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
-| 3.| **cdnfly-部署证书到cdnfly** | cdnfly | 
-| 4.| **LeCDN-更新证书** |  | 
-| 5.| **LeCDN-更新证书V2** | 支持新版本LeCDN | 
-| 6.| **白山云-更新证书** |  | 
-| 7.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
-| 8.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 9.| **西数-部署到虚拟主机** | 西部数码部署证书到虚拟主机 | 
-| 10.| **多吉云-部署到多吉云CDN** |  | 
-| 11.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
-| 12.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
-| 13.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
-| 14.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
-| 15.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
-| 16.| **FlexCDN-更新证书** |  | 
-| 17.| **farcdn-更新证书** | www.farcdn.net | 
-| 18.| **雨云-更新证书** | app.rainyun.com | 
-| 19.| **网宿-更新证书** | 网宿证书自动更新 | 
-| 20.| **金山云-更新CDN证书** | 金山云自动更新CDN证书 | 
-| 21.| **APISIX-更新证书** | 自动更新APISIX证书 | 
-| 22.| **中国移动-部署证书到CDN** | 中国移动自动部署证书到CDN | 
+| 1.| **APISIX-更新证书** | 自动更新APISIX证书 | 
+| 2.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
+| 3.| **中国移动-部署证书到CDN** | 中国移动自动部署证书到CDN | 
+| 4.| **多吉云-部署到多吉云CDN** |  | 
+| 5.| **farcdn-更新证书** | www.farcdn.net | 
+| 6.| **FlexCDN-更新证书** |  | 
+| 7.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
+| 8.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
+| 9.| **GoEdge-更新证书** | GoEdge | 
+| 10.| **金山云-更新CDN证书** | 金山云自动更新CDN证书 | 
+| 11.| **白山云-更新证书** |  | 
+| 12.| **cdnfly-部署证书到cdnfly** | cdnfly | 
+| 13.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
+| 14.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 15.| **LeCDN-更新证书V2** | 支持新版本LeCDN | 
+| 16.| **LeCDN-更新证书** |  | 
+| 17.| **Maoyun-更新猫云CDN证书** |  | 
+| 18.| **易盾-部署到易盾DCDN** | 主要是防御，http://user.yiduncdn.com/ | 
+| 19.| **易盾-部署到易盾RCDN** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 20.| **雨云-更新证书** | app.rainyun.com | 
+| 21.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
+| 22.| **网宿-更新证书** | 网宿证书自动更新 | 
+| 23.| **西数-部署到虚拟主机** | 西部数码部署证书到虚拟主机 | 
+| 24.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
+| 25.| **Zenlayer-刷新证书** | 刷新Zenlayer CDN证书 | 
 ## 4. 面板
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
-| 2.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
-| 3.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
-| 4.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
+| 1.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
+| 2.| **飞牛NAS-部署证书** |  | 
+| 3.| **1Panel-部署面板证书** | 更新1Panel的面板证书 | 
+| 4.| **1Panel-更新证书** | 更新1Panel的证书，包括面板证书和站点证书 | 
 | 5.| **宝塔-删除过期证书** | 删除证书夹中过期证书 | 
-| 6.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
-| 7.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
-| 8.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
-| 9.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
-| 10.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
-| 11.| **Plesk-部署Plesk网站证书** |  | 
-| 12.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 6.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
+| 7.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
+| 8.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
+| 9.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
+| 10.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
+| 11.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
+| 12.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
 | 13.| **lucky-更新Lucky证书** |  | 
-| 14.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
-| 15.| **威联通-部署证书到威联通** | 部署证书到qnap | 
-| 16.| **飞牛NAS-部署证书** |  | 
-| 17.| **Proxmox-上传证书到Proxmox** |  | 
-| 18.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
+| 14.| **Plesk-部署Plesk网站证书** |  | 
+| 15.| **Plesk-更新证书** | 不会创建新证书记录，直接更新旧的证书 | 
+| 16.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 17.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
+| 18.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 19.| **Proxmox-上传证书到Proxmox** |  | 
+| 20.| **威联通-部署证书到威联通** | 部署证书到qnap | 
 ## 5. 阿里云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **阿里云-部署到Ack** | 部署到阿里云Ack集群Ingress等通过Secret管理证书的应用 | 
-| 2.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
-| 3.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
-| 4.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
-| 5.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
-| 6.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
-| 7.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
-| 8.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
-| 9.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
-| 10.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
-| 11.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0） | 
-| 12.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速)，自动删除过期证书 | 
+| 2.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
+| 3.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
+| 4.| **阿里云-部署至云原生API网关/AI网关** | 自动部署域名证书至云原生API网关、AI网关 | 
+| 5.| **阿里云-部署证书至API网关** | 自动部署域名证书至阿里云API网关（APIGateway） | 
+| 6.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
+| 7.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
+| 8.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速)，自动删除过期证书 | 
+| 9.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0） | 
+| 10.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
+| 11.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
+| 12.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
 | 13.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
-| 14.| **阿里云-部署证书至API网关** | 自动部署域名证书至阿里云API网关（APIGateway） | 
-| 15.| **阿里云-部署至云原生API网关/AI网关** | 自动部署域名证书至云原生API网关、AI网关 | 
+| 14.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
+| 15.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
 ## 6. 华为云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **华为云-部署证书至CDN** |  | 
-| 2.| **华为云-上传证书至CCM** | 上传证书到华为云云证书管理（CCM） | 
-| 3.| **华为云-部署证书至OBS** |  | 
+| 2.| **华为云-部署证书至OBS** |  | 
+| 3.| **华为云-上传证书至CCM** | 上传证书到华为云云证书管理（CCM） | 
 ## 7. 腾讯云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **腾讯云-部署证书到任意云资源** | 支持负载均衡、CDN、DDoS、直播、点播、Web应用防火墙、API网关、TEO、容器服务、对象存储、轻应用服务器、云原生微服务、云开发 | 
-| 2.| **腾讯云-部署到CLB** | 暂时只支持单向认证证书，暂时只支持通用负载均衡 | 
+| 1.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
+| 2.| **腾讯云-部署证书到任意云资源** | 支持负载均衡、CDN、DDoS、直播、点播、Web应用防火墙、API网关、TEO、容器服务、对象存储、轻应用服务器、云原生微服务、云开发 | 
 | 3.| **腾讯云-部署到CDN（废弃）** | 已废弃，请使用v2版 | 
 | 4.| **腾讯云-部署到CDN-v2** | 推荐使用 | 
-| 5.| **腾讯云-上传证书到腾讯云** | 上传成功后输出：tencentCertId | 
+| 5.| **腾讯云-部署到CLB** | 暂时只支持单向认证证书，暂时只支持通用负载均衡 | 
 | 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
-| 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EdgeOne(EO)，必须配置上传证书到腾讯云任务 | 
-| 8.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
-| 9.| **腾讯云-部署到TKE** | 修改TKE集群密钥配置，支持Opaque和TLS证书类型。注意：
-1. serverless集群请使用K8S部署插件；
-2. Opaque类型需要【上传到腾讯云】作为前置任务；
-3. ApiServer需要开通公网访问（或者certd可访问），实际上底层仍然是通过KubeClient进行部署 | 
-| 10.| **腾讯云-部署到腾讯云直播** | https://console.cloud.tencent.com/live/ | 
+| 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EdgeOne(EO) | 
+| 8.| **腾讯云-部署到腾讯云直播** | https://console.cloud.tencent.com/live/ | 
+| 9.| **腾讯云-部署到TKE** | 修改TKE集群密钥配置，支持Opaque和TLS证书类型。注意： 1. serverless集群请使用K8S部署插件； 2. Opaque类型需要【上传到腾讯云】作为前置任务； 3. ApiServer需要开通公网访问（或者certd可访问），实际上底层仍然是通过KubeClient进行部署 | 
+| 10.| **腾讯云-更新证书(Id不变)** | 根据证书id一键更新腾讯云证书并自动部署（Id不变），注意：当前仅支持CLB，其他需要等腾讯接口完善 | 
 | 11.| **腾讯云-实例开关机** | 腾讯云实例开关机 | 
-| 12.| **腾讯云-更新证书(Id不变)** | 根据证书id一键更新腾讯云证书并自动部署（Id不变），注意该接口为腾讯云白名单功能，非白名单用户无法使用该功能 | 
+| 12.| **腾讯云-上传证书到腾讯云** | 上传成功后输出：tencentCertId | 
 ## 8. 火山引擎
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **火山引擎-部署证书至CDN** | 支持网页，文件下载，音视频点播 | 
-| 2.| **火山引擎-部署证书至CLB** | 部署至火山引擎负载均衡 | 
-| 3.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
-| 4.| **火山引擎-部署证书至ALB** | 部署至火山引擎应用负载均衡 | 
+| 1.| **火山引擎-部署证书至ALB** | 部署至火山引擎应用负载均衡 | 
+| 2.| **火山引擎-部署证书至CDN** | 支持网页，文件下载，音视频点播 | 
+| 3.| **火山引擎-部署证书至CLB** | 部署至火山引擎负载均衡 | 
+| 4.| **火山引擎-部署证书至DCDN** | 部署至火山引擎全站加速 | 
 | 5.| **火山引擎-部署证书至Live** | 部署至火山引擎视频直播 | 
-| 6.| **火山引擎-部署证书至DCDN** | 部署至火山引擎全站加速 | 
-| 7.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播(暂不可用) | 
+| 6.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播(暂不可用) | 
+| 7.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
 ## 9. 京东云
 
 | 序号 | 名称 | 说明 |
@@ -128,43 +133,50 @@
 | 1.| **京东云-部署证书至CDN** | 京东云内容分发网络 | 
 | 2.| **京东云-更新已有证书** | 更新SSL数字证书中的证书 | 
 | 3.| **京东云-上传新证书** | 上传证书到SSL数字证书中心 | 
-## 10. 百度云
+## 10. UCloud
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
-| 2.| **百度云-部署证书到负载均衡** | 部署到百度云负载均衡，包括BLB、APPBLB | 
+| 1.| **UCloud-部署到CDN** | 将证书部署到UCloud CDN | 
+| 2.| **UCloud-部署到WAF** | 将证书部署到UCloud WAF | 
+| 3.| **UCloud-上传到USSL** | 将证书上传到UCloud USSL | 
+## 11. 百度云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **百度云-部署证书到负载均衡** | 部署到百度云负载均衡，包括BLB、APPBLB | 
+| 2.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
 | 3.| **百度云-上传到证书托管** | 上传证书到百度云证书托管中心 | 
-## 11. 七牛云
+## 12. 七牛云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **七牛云-部署证书至OSS** | 自动部署域名证书至七牛云KODO，注意是自定义源站域名，不是CDN域名 | 
-| 2.| **七牛云-部署证书至CDN/DCDN** | 自动部署域名证书至七牛云CDN、DCDN | 
+| 1.| **七牛云-部署证书至CDN/DCDN** | 自动部署域名证书至七牛云CDN、DCDN | 
+| 2.| **七牛云-部署证书至OSS** | 自动部署域名证书至七牛云KODO，注意是自定义源站域名，不是CDN域名 | 
 | 3.| **七牛云-上传证书到七牛云** | 上传到七牛云 | 
-## 12. 亚马逊云
+## 13. 亚马逊云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **AWS-部署证书到CloudFront** | 部署证书到 AWS CloudFront | 
 | 2.| **AWS-上传证书到ACM** | 上传证书 AWS ACM | 
 | 3.| **AWS(国区)-部署证书到CloudFront** | 部署证书到 AWS CloudFront | 
-## 13. 其他
+## 14. 其他
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **Demo-测试插件** |  | 
-| 2.| **等待** | 等待一段时间 | 
+| 2.| **Github-检查Release版本** | 检查最新Release版本并推送消息 | 
 | 3.| **邮件发送证书** | 通过邮件发送证书 | 
-| 4.| **webhook方式部署证书** | 调用webhook部署证书 | 
-| 5.| **Github-检查Release版本** | 检查最新Release版本并推送消息 | 
-## 14. 管理
+| 4.| **等待** | 等待一段时间 | 
+| 5.| **webhook方式部署证书** | 调用webhook部署证书 | 
+## 15. 管理
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **重启 Certd** | 【仅管理员可用】 重启 certd的https服务，用于更新 Certd 的 ssl 证书 | 
-| 2.| **自定义js脚本** | 【仅管理员】运行自定义js脚本执行 | 
-| 3.| **数据库备份** | 【仅管理员可用】仅支持备份SQLite数据库 | 
+| 1.| **数据库备份** | 【仅管理员可用】仅支持备份SQLite数据库 | 
+| 2.| **重启 Certd** | 【仅管理员可用】 重启 certd的https服务，用于更新 Certd 的 ssl 证书 | 
+| 3.| **自定义js脚本** | 【仅管理员】运行自定义js脚本执行 | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/dns-provider.md

@@ -2,24 +2,25 @@
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **阿里云** | 阿里云DNS解析提供商 | 
-| 2.| **阿里ESA** | 阿里ESA DNS解析 | 
-| 3.| **火山引擎** | 火山引擎DNS解析提供商 | 
-| 4.| **京东云** | 京东云DNS解析提供商 | 
-| 5.| **新网** | 新网域名解析 | 
+| 1.| **阿里ESA** | 阿里ESA DNS解析 | 
+| 2.| **阿里云** | 阿里云DNS解析提供商 | 
+| 3.| **AWS Route53** | AWS Route53 DNS解析提供商 | 
+| 4.| **火山引擎** | 火山引擎DNS解析提供商 | 
+| 5.| **京东云** | 京东云DNS解析提供商 | 
 | 6.| **新网(代理方式)** | 新网域名解析(代理方式) | 
-| 7.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
-| 8.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
-| 9.| **华为云** | 华为云DNS解析提供商 | 
-| 10.| **西部数码** | west dns provider | 
-| 11.| **dns.la** | dns.la | 
-| 12.| **雨云** | 雨云DNS解析提供商 | 
-| 13.| **cloudflare** | cloudflare dns provider | 
-| 14.| **namesilo** | namesilo dns provider | 
-| 15.| **godaddy** | GoDaddy | 
-| 16.| **Dns提供商Demo** | dns provider示例 | 
-| 17.| **51dns** | 51DNS | 
-| 18.| **新网互联** | 新网互联 | 
+| 7.| **新网** | 新网域名解析 | 
+| 8.| **cloudflare** | cloudflare dns provider | 
+| 9.| **dns.la** | dns.la | 
+| 10.| **godaddy** | GoDaddy | 
+| 11.| **华为云** | 华为云DNS解析提供商 | 
+| 12.| **namesilo** | namesilo dns provider | 
+| 13.| **雨云** | 雨云DNS解析提供商 | 
+| 14.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 15.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
+| 16.| **西部数码** | west dns provider | 
+| 17.| **Dns提供商Demo** | dns provider示例 | 
+| 18.| **51dns** | 51DNS | 
+| 19.| **新网互联** | 新网互联 | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/notification.md

@@ -4,20 +4,20 @@
 |-----|-----|-----|
 | 1.| **电子邮件** | 电子邮件通知 | 
 | 2.| **自定义webhook** | 根据模版自定义http请求 | 
-| 3.| **企业微信通知** | 企业微信群聊机器人通知 | 
-| 4.| **爱语飞飞微信通知(iyuu)** | https://iyuu.cn/ | 
-| 5.| **Server酱ᵀ** | https://sct.ftqq.com/ | 
-| 6.| **Server酱³** | https://doc.sc3.ft07.com/serverchan3 | 
-| 7.| **AnPush** | https://anpush.com | 
-| 8.| **Telegram通知** | Telegram Bot推送通知 | 
-| 9.| **Discord 通知** | Discord 机器人通知 | 
-| 10.| **Slack通知** | Slack消息推送通知 | 
-| 11.| **Bark 通知** | Bark 推送通知插件 | 
-| 12.| **飞书通知** | 飞书群聊webhook通知 | 
-| 13.| **钉钉通知** | 钉钉群聊通知 | 
-| 14.| **VoceChat通知** | https://voce.chat | 
-| 15.| **OneBot V11 通知** | 通过动态拼接URL发送 OneBot V11 协议消息 | 
-| 16.| **MeoW通知** | https://api.chuckfang.com/ | 
+| 3.| **AnPush** | https://anpush.com | 
+| 4.| **Bark 通知** | Bark 推送通知插件 | 
+| 5.| **钉钉通知** | 钉钉群聊通知 | 
+| 6.| **Discord 通知** | Discord 机器人通知 | 
+| 7.| **飞书通知** | 飞书群聊webhook通知 | 
+| 8.| **爱语飞飞微信通知(iyuu)** | https://iyuu.cn/ | 
+| 9.| **MeoW通知** | https://api.chuckfang.com/ | 
+| 10.| **OneBot V11 通知** | 通过动态拼接URL发送 OneBot V11 协议消息 | 
+| 11.| **企业微信通知** | 企业微信群聊机器人通知 | 
+| 12.| **Server酱ᵀ** | https://sct.ftqq.com/ | 
+| 13.| **Server酱³** | https://doc.sc3.ft07.com/serverchan3 | 
+| 14.| **Slack通知** | Slack消息推送通知 | 
+| 15.| **Telegram通知** | Telegram Bot推送通知 | 
+| 16.| **VoceChat通知** | https://voce.chat | 
 
 <style module>
 table th:first-of-type {

docs/guide/use/comm/payments/wxpay.md

@@ -11,7 +11,8 @@
 
    * 进入“账户中心”->“API安全”->“商户API证书”->“管理证书”
    * 根据指引生成证书
-   * 得到私钥和公钥
+   * 得到apiclient证书和私钥
+   ![wx-1.png](images/wx-1.png)
 
 
 3. 填写APIv3密钥
@@ -24,4 +25,4 @@
 4. 在Certd后台配置微信支付
    * 进入“系统”->"设置"->“支付设置”
    * 启用微信支付，选择“微信支付配置”，点击添加
-   * 填写微信支付商户号、证书私钥、证书公钥、APIv3密钥即可。
+   * 填写微信支付商户号、证书（apiclient_cert.pem）、私钥（apiclient_key.pem）、APIv3密钥即可。

docs/guide/use/forgotpasswd/index.md

@@ -2,6 +2,8 @@
 解决方法如下：
 
 ## 1. 修改环境变量
+
+docker部署的：
 修改docker-compose.yaml文件，将环境变量`certd_system_resetAdminPasswd`改为`true`
 ```yaml
 services:
@@ -9,6 +11,13 @@ services:
     environment: # 环境变量
       - certd_system_resetAdminPasswd=true
 ```
+
+源码部署的，修改`packages/ui/certd-server/.env`文件  
+
+```ini
+certd_system_resetAdminPasswd=true
+```
+
 ## 2. 重启容器
 ```shell
 docker compose up -d

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.37.16"
+  "version": "1.38.0"
 }

package.json

@@ -8,6 +8,7 @@
     "@lerna-lite/publish": "^3.9.3",
     "@lerna-lite/run": "^3.9.3",
     "@lerna-lite/version": "^3.9.3",
+    "axios": "^1.9.0",
     "medium-zoom": "^1.1.0",
     "vitepress": "^2.0.0-alpha.4",
     "vitepress-plugin-lightbox": "^1.0.2"
@@ -27,8 +28,8 @@
     "prepublishOnly1": "npm run check && lerna run build ",
     "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
     "before-build": "npm run transform-sql && cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
-    "deploy1": "node --experimental-json-modules deploy.js ",
-    "check": "node --experimental-json-modules publish-check.js",
+    "deploy1": "node --experimental-json-modules ./scripts/deploy.js ",
+    "check": "node --experimental-json-modules ./scripts/publish-check.js",
     "init": "lerna run build",
     "init:dev": "lerna run build",
     "docs:dev": "vitepress dev docs",
@@ -36,13 +37,15 @@
     "docs:preview": "vitepress preview docs",
     "pub": "echo 1",
     "dev": "pnpm run -r --parallel  compile ",
-    "release": "time /t >trigger/release.trigger && git add trigger/release.trigger && git commit -m \"build: release\" && git push"
+    "release": "time /t >trigger/release.trigger && git add trigger/release.trigger && git commit -m \"build: release\" && git push",
+    "publish_to_atomgit": "node --experimental-json-modules ./scripts/publish-atomgit.js",
+    "get_version": "node --experimental-json-modules ./scripts/version.js"
   },
   "license": "AGPL-3.0",
   "dependencies": {
-    "axios": "^1.7.7",
     "copyfiles": "^2.4.1",
     "lodash-es": "^4.17.21",
+    "root": "link:",
     "typescript": "^5.4.2"
   },
   "workspaces": [

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/publishlab/node-acme-client/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.17](https://github.com/publishlab/node-acme-client/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+### Performance Improvements
+
+* aws route53 ([8caab1f](https://github.com/publishlab/node-acme-client/commit/8caab1fd9264df548f467b94202d567107b7a30b))
+
 ## [1.37.16](https://github.com/publishlab/node-acme-client/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 ### Bug Fixes

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.37.16",
+    "version": "1.38.0",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,10 +18,10 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.37.16",
+        "@certd/basic": "^1.38.0",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
-        "axios": "^1.7.2",
+        "axios": "^1.9.0",
         "debug": "^4.3.5",
         "http-proxy-agent": "^7.0.2",
         "https-proxy-agent": "^7.0.5",
@@ -70,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+    "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 ### Bug Fixes

packages/core/basic/build.md

@@ -1 +1 @@
-01:44
+23:23

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.37.16",
+  "version": "1.38.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -18,7 +18,7 @@
   },
   "dependencies": {
     "async-lock": "^1.4.1",
-    "axios": "^1.7.2",
+    "axios": "^1.9.0",
     "dayjs": "^1.11.7",
     "http-proxy-agent": "^7.0.2",
     "https-proxy-agent": "^7.0.5",
@@ -47,5 +47,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/core/basic/src/utils/util.hash.ts

@@ -11,6 +11,10 @@ function hmacSha256(data: string, digest: BinaryToTextEncoding = "base64") {
   return crypto.createHmac("sha256", data).update(Buffer.alloc(0)).digest(digest);
 }
 
+function hmacSha256WithKey(key: string, data: string, digest: BinaryToTextEncoding = "base64") {
+  return crypto.createHmac("sha256", key).update(data).digest(digest);
+}
+
 function base64(data: string) {
   return Buffer.from(data).toString("base64");
 }
@@ -39,4 +43,5 @@ export const hashUtils = {
   toHex,
   hexToStr,
   hexToNumber,
+  hmacSha256WithKey,
 };

packages/core/basic/tsconfig.json

@@ -7,6 +7,8 @@
     "esModuleInterop": true,
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,
+    "inlineSourceMap":false,
+    "sourceMap": false,
     "noImplicitThis": true,
     "noUnusedLocals": true,
     "stripInternal": true,
@@ -21,7 +23,6 @@
     "useDefineForClassFields": true,
     "strict": true,
     "typeRoots": [ "./typings", "./node_modules/@types"],
-    "inlineSourceMap": true,
     "resolveJsonModule": true,
     "isolatedModules": false,
     "lib": ["ESNext", "DOM"],

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+### Features
+
+* 【破坏性更新】插件改为metadata加载模式，plugin-cert、plugin-lib包部分代码转移到certd-server中，影响自定义插件，需要修改相关import引用 ([a3fb249](https://github.com/certd/certd/commit/a3fb24993d7ac8fbb0bb354fa02ef067f609021e))
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+### Bug Fixes
+
+* 发送证书到邮箱插件的邮件模版转为使用邮箱配置中的通用模版 ([c5a3003](https://github.com/certd/certd/commit/c5a3003cf7b640500a90ec2c8961859ffe6fdb18))
+
+### Performance Improvements
+
+* 支持ucloud，上传到ussl，部署到ucdn ([e61daae](https://github.com/certd/certd/commit/e61daaee2d0dec19710cd4ec759219a071f2435e))
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 ### Performance Improvements

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.37.16",
+  "version": "1.38.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -18,8 +18,8 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.37.16",
-    "@certd/plus-core": "^1.37.16",
+    "@certd/basic": "^1.38.0",
+    "@certd/plus-core": "^1.38.0",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/core/pipeline/src/access/decorator.ts

@@ -11,6 +11,9 @@ export const ACCESS_INPUT_KEY = "pipeline:access:input";
 
 export function IsAccess(define: AccessDefine): ClassDecorator {
   return (target: any) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target);
 
     const inputs: any = {};
@@ -35,6 +38,9 @@ export function IsAccess(define: AccessDefine): ClassDecorator {
 
 export function AccessInput(input?: AccessInputDefine): PropertyDecorator {
   return (target, propertyKey) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target, propertyKey);
     // const _type = Reflect.getMetadata("design:type", target, propertyKey);
     Reflect.defineMetadata(ACCESS_INPUT_KEY, input, target, propertyKey);

packages/core/pipeline/src/notification/decorator.ts

@@ -11,6 +11,9 @@ export const NOTIFICATION_INPUT_KEY = "pipeline:notification:input";
 
 export function IsNotification(define: NotificationDefine): ClassDecorator {
   return (target: any) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target);
 
     const inputs: any = {};
@@ -35,6 +38,9 @@ export function IsNotification(define: NotificationDefine): ClassDecorator {
 
 export function NotificationInput(input?: NotificationInputDefine): PropertyDecorator {
   return (target, propertyKey) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target, propertyKey);
     // const _type = Reflect.getMetadata("design:type", target, propertyKey);
     Reflect.defineMetadata(NOTIFICATION_INPUT_KEY, input, target, propertyKey);

packages/core/pipeline/src/plugin/decorator.ts

@@ -8,6 +8,9 @@ export const PLUGIN_CLASS_KEY = "pipeline:plugin";
 
 export function IsTaskPlugin(define: PluginDefine): ClassDecorator {
   return (target: any) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target);
 
     const inputs: any = {};
@@ -69,6 +72,9 @@ export const PLUGIN_INPUT_KEY = "pipeline:plugin:input";
 
 export function TaskInput(input?: TaskInputDefine): PropertyDecorator {
   return (target, propertyKey) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target, propertyKey);
     Reflect.defineMetadata(PLUGIN_INPUT_KEY, input, target, propertyKey);
   };
@@ -78,6 +84,9 @@ export function TaskInput(input?: TaskInputDefine): PropertyDecorator {
 export const PLUGIN_OUTPUT_KEY = "pipeline:plugin:output";
 export function TaskOutput(output?: TaskOutputDefine): PropertyDecorator {
   return (target, propertyKey) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target, propertyKey);
     Reflect.defineMetadata(PLUGIN_OUTPUT_KEY, output, target, propertyKey);
   };
@@ -86,6 +95,9 @@ export function TaskOutput(output?: TaskOutputDefine): PropertyDecorator {
 export const PLUGIN_DOWNLOAD_KEY = "pipeline:plugin:download";
 export function TaskDownload(output?: TaskOutputDefine): PropertyDecorator {
   return (target, propertyKey) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target, propertyKey);
     Reflect.defineMetadata(PLUGIN_DOWNLOAD_KEY, output, target, propertyKey);
   };

packages/core/pipeline/src/service/cname.ts

@@ -1,4 +1,4 @@
-import { IAccess } from "../access";
+import { IAccess } from "../access/index.js";
 
 export type CnameProvider = {
   id: any;

packages/core/pipeline/tsconfig.json

@@ -7,7 +7,8 @@
     "esModuleInterop": true,
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,
-    "inlineSourceMap":true,
+    "inlineSourceMap":false,
+    "sourceMap": false,
     "noImplicitThis": true,
     "noUnusedLocals": true,
     "importHelpers": true,

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.37.16",
+  "version": "1.38.0",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -14,7 +14,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "axios": "^1.7.2",
+    "axios": "^1.9.0",
     "rimraf": "^5.0.5",
     "rollup": "^3.7.4"
   },
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/libs/lib-huawei/tsconfig.json

@@ -21,7 +21,8 @@
     "composite": false,
     "useDefineForClassFields": true,
     "strict": false,
-    "sourceMap": true,
+    "sourceMap": false,
+    "inlineSourceMap": false,
     "resolveJsonModule": true,
     "isolatedModules": false,
     "lib": ["ESNext", "DOM"],

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.37.16",
+  "version": "1.38.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/libs/lib-iframe/tsconfig.json

@@ -7,7 +7,7 @@
     "esModuleInterop": true,
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,
-    "inlineSourceMap":true,
+    "inlineSourceMap":false,
     "noImplicitThis": true,
     "noUnusedLocals": true,
     "stripInternal": true,

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.37.16",
+  "version": "1.38.0",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -56,5 +56,5 @@
       "fetch"
     ]
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/libs/lib-jdcloud/tsconfig.json

@@ -21,7 +21,8 @@
     "composite": false,
     "useDefineForClassFields": true,
     "strict": false,
-    "sourceMap": true,
+    "sourceMap": false,
+    "inlineSourceMap": false,
     "resolveJsonModule": true,
     "isolatedModules": false,
     "lib": ["ESNext", "DOM"],

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.37.16",
+  "version": "1.38.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.37.16",
+    "@certd/basic": "^1.38.0",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/libs/lib-k8s/tsconfig.json

@@ -7,7 +7,7 @@
     "esModuleInterop": true,
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,
-    "inlineSourceMap":true,
+    "inlineSourceMap":false,
     "noImplicitThis": true,
     "noUnusedLocals": true,
     "stripInternal": true,

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+### Features
+
+* 【破坏性更新】插件改为metadata加载模式，plugin-cert、plugin-lib包部分代码转移到certd-server中，影响自定义插件，需要修改相关import引用 ([a3fb249](https://github.com/certd/certd/commit/a3fb24993d7ac8fbb0bb354fa02ef067f609021e))
+
+### Performance Improvements
+
+* 支持公告功能 ([a79fe1f](https://github.com/certd/certd/commit/a79fe1f350f2991af9e5b50825f1776029677fc5))
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+### Performance Improvements
+
+* 执行队列数量支持设置 ([cd94488](https://github.com/certd/certd/commit/cd944882c3272adad4a2da94a3889a01fe05fe13))
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 ### Bug Fixes

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.37.16",
+  "version": "1.38.0",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -28,11 +28,11 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.37.16",
-    "@certd/basic": "^1.37.16",
-    "@certd/pipeline": "^1.37.16",
-    "@certd/plugin-lib": "^1.37.16",
-    "@certd/plus-core": "^1.37.16",
+    "@certd/acme-client": "^1.38.0",
+    "@certd/basic": "^1.38.0",
+    "@certd/pipeline": "^1.38.0",
+    "@certd/plugin-lib": "^1.38.0",
+    "@certd/plus-core": "^1.38.0",
     "@midwayjs/cache": "3.14.0",
     "@midwayjs/core": "3.20.11",
     "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/libs/lib-server/src/system/basic/service/executor-queue.ts

@@ -54,7 +54,7 @@ export class UserTaskQueue{
 
 export class ExecutorQueue{
   queues: Record<number, UserTaskQueue> = {};
-  maxRunningCount: number = 8;
+  maxRunningCount: number = 10;
 
 
   setMaxRunningCount(count: number) {

packages/libs/lib-server/src/system/basic/service/file-service.ts

@@ -14,7 +14,7 @@ export const uploadTmpFileCacheKey = 'tmpfile_key_';
 /**
  */
 @Provide()
-@Scope(ScopeEnum.Singleton, { allowDowngrade: true })
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class FileService {
   async saveFile(userId: number, tmpCacheKey: any, permission: 'public' | 'private') {
     if (tmpCacheKey.startsWith(`/${permission}`)) {

packages/libs/lib-server/src/system/basic/service/ocr-service.ts

@@ -5,7 +5,7 @@ import { IOcrService } from "@certd/plugin-lib";
 /**
  */
 @Provide("ocrService")
-@Scope(ScopeEnum.Singleton, { allowDowngrade: true })
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class OcrService implements IOcrService {
   @Inject()
   plusService: PlusService;

packages/libs/lib-server/src/system/basic/service/plus-service.ts

@@ -5,7 +5,7 @@ import { SysInstallInfo, SysLicenseInfo, SysSettingsService } from '../../settin
 import { merge } from 'lodash-es';
 import fs from 'fs';
 @Provide("plusService")
-@Scope(ScopeEnum.Singleton, { allowDowngrade: true })
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class PlusService {
   @Inject()
   sysSettingsService: SysSettingsService;

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -21,6 +21,7 @@ export class SysPublicSettings extends BaseSettings {
   usernameRegisterEnabled = true;
   mobileRegisterEnabled = false;
   smsLoginEnabled = false;
+  useSmsLoginDefault = true;
   emailRegisterEnabled = false;
   selfServicePasswordRetrievalEnabled = false;
 
@@ -61,6 +62,7 @@ export class SysPublicSettings extends BaseSettings {
     addonId: number;
   }> = {};
 
+  notice?: string;
 }
 
 export class SysPrivateSettings extends BaseSettings {

packages/libs/lib-server/src/user/access/service/access-service.ts

@@ -10,7 +10,7 @@ import {EncryptService} from './encrypt-service.js';
  * 授权
  */
 @Provide()
-@Scope(ScopeEnum.Singleton, { allowDowngrade: true })
+@Scope(ScopeEnum.Request, {allowDowngrade: true})
 export class AccessService extends BaseService<AccessEntity> {
   @InjectEntityModel(AccessEntity)
   repository: Repository<AccessEntity>;

packages/libs/lib-server/src/user/addon/api/decorator.ts

@@ -11,6 +11,9 @@ export const ADDON_INPUT_KEY = "pipeline:addon:input";
 
 export function IsAddon(define: AddonDefine): ClassDecorator {
   return (target: any) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target);
 
     const inputs: any = {};
@@ -36,6 +39,9 @@ export function IsAddon(define: AddonDefine): ClassDecorator {
 
 export function AddonInput(input?: AddonInputDefine): PropertyDecorator {
   return (target, propertyKey) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target, propertyKey);
     // const _type = Reflect.getMetadata("design:type", target, propertyKey);
     Reflect.defineMetadata(ADDON_INPUT_KEY, input, target, propertyKey);

packages/libs/lib-server/src/user/addon/service/addon-service.ts

@@ -9,7 +9,7 @@ import { AddonEntity } from "../entity/addon.js";
  * Addon
  */
 @Provide()
-@Scope(ScopeEnum.Singleton, { allowDowngrade: true })
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class AddonService extends BaseService<AddonEntity> {
   @InjectEntityModel(AddonEntity)
   repository: Repository<AddonEntity>;

packages/libs/lib-server/tsconfig.json

@@ -8,7 +8,8 @@
     "isolatedModules": true,
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,
-    "inlineSourceMap":true,
+    "inlineSourceMap":false,
+    "sourceMap": false,
     "noImplicitThis": true,
     "noUnusedLocals": true,
     "stripInternal": true,

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.37.16",
+  "version": "1.38.0",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/libs/midway-flyway-js/tsconfig.json

@@ -7,7 +7,7 @@
     "esModuleInterop": true,
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,
-    "inlineSourceMap":true,
+    "inlineSourceMap":false,
     "noImplicitThis": true,
     "noUnusedLocals": true,
     "stripInternal": true,

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,19 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+### Features
+
+* 【破坏性更新】插件改为metadata加载模式，plugin-cert、plugin-lib包部分代码转移到certd-server中，影响自定义插件，需要修改相关import引用 ([a3fb249](https://github.com/certd/certd/commit/a3fb24993d7ac8fbb0bb354fa02ef067f609021e))
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+### Performance Improvements
+
+* 支持从阿里云商用证书订单中获取证书 ([8872466](https://github.com/certd/certd/commit/887246696861c3a0b1f99fd9ad978caea423c650))
+* ip证书校验方式提示 ([773cada](https://github.com/certd/certd/commit/773cada57a01fb28ea8602062aaeec3d45109ea9))
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 ### Bug Fixes

packages/plugins/plugin-cert/package.json

@@ -1,14 +1,14 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.37.16",
+  "version": "1.38.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "scripts": {
     "dev": "vite",
     "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
-    "build": "npm run before-build &&tsc --skipLibCheck",
+    "build": "tsc --skipLibCheck",
     "dev-build": "npm run build",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
@@ -17,17 +17,12 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.37.16",
-    "@certd/basic": "^1.37.16",
-    "@certd/pipeline": "^1.37.16",
-    "@certd/plugin-lib": "^1.37.16",
-    "@google-cloud/publicca": "^1.3.0",
-    "dayjs": "^1.11.7",
-    "jszip": "^3.10.1",
-    "lodash-es": "^4.17.21",
+    "@certd/acme-client": "^1.38.0",
+    "@certd/basic": "^1.38.0",
+    "@certd/pipeline": "^1.38.0",
+    "@certd/plugin-lib": "^1.38.0",
     "psl": "^1.9.0",
-    "punycode.js": "^2.3.1",
-    "rimraf": "^5.0.5"
+    "punycode.js": "^2.3.1"
   },
   "devDependencies": {
     "@types/chai": "^4.3.3",
@@ -43,5 +38,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/plugins/plugin-cert/src/index.ts

@@ -1,3 +1 @@
-export * from "./access/index.js";
-export * from "./plugin/index.js";
-export * from "./dns-provider/index.js";
+export * from "@certd/plugin-lib";

packages/plugins/plugin-cert/tsconfig.json

@@ -7,7 +7,8 @@
     "esModuleInterop": true,
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,
-    "inlineSourceMap":true,
+    "inlineSourceMap":false,
+    "sourceMap": false,
     "noImplicitThis": true,
     "noUnusedLocals": true,
     "stripInternal": true,

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+### Features
+
+* 【破坏性更新】插件改为metadata加载模式，plugin-cert、plugin-lib包部分代码转移到certd-server中，影响自定义插件，需要修改相关import引用 ([a3fb249](https://github.com/certd/certd/commit/a3fb24993d7ac8fbb0bb354fa02ef067f609021e))
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 **Note:** Version bump only for package @certd/plugin-lib

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.37.16",
+  "version": "1.38.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -17,27 +17,31 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@alicloud/openapi-client": "^0.4.14",
+    "@alicloud/openapi-client": "^0.4.15",
     "@alicloud/openapi-util": "^0.3.2",
     "@alicloud/pop-core": "^1.7.10",
-    "@alicloud/tea-util": "^1.4.10",
-    "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.37.16",
-    "@certd/pipeline": "^1.37.16",
+    "@alicloud/tea-util": "^1.4.11",
+    "@aws-sdk/client-s3": "^3.964.0",
+    "@certd/acme-client": "^1.38.0",
+    "@certd/basic": "^1.38.0",
+    "@certd/pipeline": "^1.38.0",
+    "@certd/plus-core": "^1.38.0",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
-    "cos-nodejs-sdk-v5": "^2.14.6",
+    "cos-nodejs-sdk-v5": "^2.15.4",
     "dayjs": "^1.11.7",
     "iconv-lite": "^0.6.3",
     "lodash-es": "^4.17.21",
+    "psl": "^1.15.0",
+    "punycode.js": "^2.3.1",
     "qiniu": "^7.12.0",
     "rimraf": "^5.0.5",
     "socks": "^2.8.3",
     "socks-proxy-agent": "^8.0.4",
     "ssh2": "1.17.0",
     "strip-ansi": "^7.1.0",
-    "tencentcloud-sdk-nodejs": "^4.0.1005"
+    "tencentcloud-sdk-nodejs": "^4.1.166"
   },
   "devDependencies": {
     "@types/chai": "^4.3.3",
@@ -53,5 +57,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
+  "gitHead": "786780ce9b0ee9b9ebb104f54abb161ae9a924e9"
 }

packages/plugins/plugin-lib/src/cert/cert-reader.ts

@@ -1,4 +1,3 @@
-import { CertInfo } from "./acme.js";
 import fs from "fs";
 import os from "os";
 import path from "path";
@@ -7,6 +6,19 @@ import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
 import { uniq } from "lodash-es";
 
+export type CertInfo = {
+  crt: string; //fullchain证书
+  key: string; //私钥
+  csr: string; //csr
+  oc?: string; //仅证书，非fullchain证书
+  ic?: string; //中间证书
+  pfx?: string;
+  der?: string;
+  jks?: string;
+  one?: string;
+  p7b?: string;
+};
+
 export type CertReaderHandleContext = {
   reader: CertReader;
   tmpCrtPath: string;

packages/plugins/plugin-lib/src/cert/consts.ts

@@ -0,0 +1,2 @@
+export const CertApplyPluginNames = [":cert:"];
+export const EVENT_CERT_APPLY_SUCCESS = "CertApply.success";

packages/plugins/plugin-lib/src/cert/convert.ts

@@ -1,13 +1,10 @@
 import { ILogger, sp } from "@certd/basic";
-import type { CertInfo } from "../cert-plugin/acme.js";
-import { CertReader, CertReaderHandleContext } from "../cert-plugin/cert-reader.js";
+import type { CertInfo } from "./cert-reader.js";
+import { CertReader, CertReaderHandleContext } from "./cert-reader.js";
 import path from "path";
 import os from "os";
 import fs from "fs";
 
-export { CertReader };
-export type { CertInfo };
-
 export class CertConverter {
   logger: ILogger;
 

packages/plugins/plugin-lib/src/cert/dns-provider/decorator.ts

@@ -8,6 +8,9 @@ export const DNS_PROVIDER_CLASS_KEY = "pipeline:dns-provider";
 
 export function IsDnsProvider(define: DnsProviderDefine): ClassDecorator {
   return (target: any) => {
+    if (process.env.certd_plugin_loadmode === "metadata") {
+      return;
+    }
     target = Decorator.target(target);
 
     Reflect.defineMetadata(DNS_PROVIDER_CLASS_KEY, define, target);

packages/plugins/plugin-lib/src/cert/index.ts

@@ -0,0 +1,4 @@
+export * from "./convert.js";
+export * from "./cert-reader.js";
+export * from "./consts.js";
+export * from "./dns-provider/index.js";

packages/plugins/plugin-lib/src/ctyun/index.ts

@@ -1 +0,0 @@
-export * from "./access/ctyun-access.js";

packages/plugins/plugin-lib/src/index.ts

@@ -1,11 +1,4 @@
-export * from "./ssh/index.js";
-export * from "./aliyun/index.js";
 export * from "./common/index.js";
-export * from "./ftp/index.js";
-export * from "./tencent/index.js";
-export * from "./qiniu/index.js";
-export * from "./ctyun/index.js";
-export * from "./oss/index.js";
-export * from "./s3/index.js";
 export * from "./lib/index.js";
 export * from "./service/index.js";
+export * from "./cert/index.js";

packages/plugins/plugin-lib/src/lib/check.ts

@@ -0,0 +1,17 @@
+import { AbstractTaskPlugin, TaskInstanceContext } from "@certd/pipeline";
+import { isPlus } from "@certd/plus-core";
+
+export function mustPlus() {
+  if (!isPlus()) {
+    throw new Error("此插件仅供专业版中使用");
+  }
+}
+
+export abstract class AbstractPlusTaskPlugin extends AbstractTaskPlugin {
+  setCtx(ctx: TaskInstanceContext) {
+    super.setCtx(ctx);
+    mustPlus();
+  }
+
+  abstract execute(): Promise<void>;
+}

packages/plugins/plugin-lib/src/lib/index.ts

@@ -1 +1,2 @@
 export * from "./ocr-api.js";
+export * from "./check.js";

packages/plugins/plugin-lib/src/tencent/lib/cos-client.js

@@ -1,183 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __generator = (this && this.__generator) || function (thisArg, body) {
-    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype);
-    return g.next = verb(0), g["throw"] = verb(1), g["return"] = verb(2), typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
-    function verb(n) { return function (v) { return step([n, v]); }; }
-    function step(op) {
-        if (f) throw new TypeError("Generator is already executing.");
-        while (g && (g = 0, op[0] && (_ = 0)), _) try {
-            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
-            if (y = 0, t) op = [op[0] & 2, t.value];
-            switch (op[0]) {
-                case 0: case 1: t = op; break;
-                case 4: _.label++; return { value: op[1], done: false };
-                case 5: _.label++; y = op[1]; op = [0]; continue;
-                case 7: op = _.ops.pop(); _.trys.pop(); continue;
-                default:
-                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
-                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
-                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
-                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
-                    if (t[2]) _.ops.pop();
-                    _.trys.pop(); continue;
-            }
-            op = body.call(thisArg, _);
-        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
-        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
-    }
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TencentCosClient = void 0;
-var basic_1 = require("@certd/basic");
-var fs_1 = require("fs");
-var TencentCosClient = /** @class */ (function () {
-    function TencentCosClient(opts) {
-        this.access = opts.access;
-        this.logger = opts.logger;
-        this.bucket = opts.bucket;
-        this.region = opts.region;
-    }
-    TencentCosClient.prototype.getCosClient = function () {
-        return __awaiter(this, void 0, void 0, function () {
-            var sdk, clientConfig;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, Promise.resolve().then(function () { return require("cos-nodejs-sdk-v5"); })];
-                    case 1:
-                        sdk = _a.sent();
-                        clientConfig = {
-                            SecretId: this.access.secretId,
-                            SecretKey: this.access.secretKey,
-                        };
-                        return [2 /*return*/, new sdk.default(clientConfig)];
-                }
-            });
-        });
-    };
-    TencentCosClient.prototype.uploadFile = function (key, file) {
-        return __awaiter(this, void 0, void 0, function () {
-            var cos;
-            var _this = this;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.getCosClient()];
-                    case 1:
-                        cos = _a.sent();
-                        return [2 /*return*/, (0, basic_1.safePromise)(function (resolve, reject) {
-                                var readableStream = file;
-                                if (typeof file === "string") {
-                                    readableStream = fs_1.default.createReadStream(file);
-                                }
-                                cos.putObject({
-                                    Bucket: _this.bucket /* 必须 */,
-                                    Region: _this.region /* 必须 */,
-                                    Key: key /* 必须 */,
-                                    Body: readableStream, // 上传文件对象
-                                    onProgress: function (progressData) {
-                                        console.log(JSON.stringify(progressData));
-                                    },
-                                }, function (err, data) {
-                                    if (err) {
-                                        reject(err);
-                                        return;
-                                    }
-                                    resolve(data);
-                                });
-                            })];
-                }
-            });
-        });
-    };
-    TencentCosClient.prototype.removeFile = function (key) {
-        return __awaiter(this, void 0, void 0, function () {
-            var cos;
-            var _this = this;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.getCosClient()];
-                    case 1:
-                        cos = _a.sent();
-                        return [2 /*return*/, (0, basic_1.safePromise)(function (resolve, reject) {
-                                cos.deleteObject({
-                                    Bucket: _this.bucket,
-                                    Region: _this.region,
-                                    Key: key,
-                                }, function (err, data) {
-                                    if (err) {
-                                        reject(err);
-                                        return;
-                                    }
-                                    resolve(data);
-                                });
-                            })];
-                }
-            });
-        });
-    };
-    TencentCosClient.prototype.downloadFile = function (key, savePath) {
-        return __awaiter(this, void 0, void 0, function () {
-            var cos, writeStream;
-            var _this = this;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.getCosClient()];
-                    case 1:
-                        cos = _a.sent();
-                        writeStream = fs_1.default.createWriteStream(savePath);
-                        return [2 /*return*/, (0, basic_1.safePromise)(function (resolve, reject) {
-                                cos.getObject({
-                                    Bucket: _this.bucket,
-                                    Region: _this.region,
-                                    Key: key,
-                                    Output: writeStream,
-                                }, function (err, data) {
-                                    if (err) {
-                                        reject(err);
-                                        return;
-                                    }
-                                    resolve(data);
-                                });
-                            })];
-                }
-            });
-        });
-    };
-    TencentCosClient.prototype.listDir = function (dirKey) {
-        return __awaiter(this, void 0, void 0, function () {
-            var cos;
-            var _this = this;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.getCosClient()];
-                    case 1:
-                        cos = _a.sent();
-                        return [2 /*return*/, (0, basic_1.safePromise)(function (resolve, reject) {
-                                cos.getBucket({
-                                    Bucket: _this.bucket,
-                                    Region: _this.region,
-                                    Prefix: dirKey,
-                                    MaxKeys: 1000,
-                                }, function (err, data) {
-                                    if (err) {
-                                        reject(err);
-                                        return;
-                                    }
-                                    resolve(data.Contents);
-                                });
-                            })];
-                }
-            });
-        });
-    };
-    return TencentCosClient;
-}());
-exports.TencentCosClient = TencentCosClient;

packages/plugins/plugin-lib/tsconfig.json

@@ -7,7 +7,8 @@
     "esModuleInterop": true,
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,
-    "inlineSourceMap":true,
+    "inlineSourceMap":false,
+    "sourceMap": false,
     "noImplicitThis": true,
     "noUnusedLocals": true,
     "stripInternal": true,

packages/ui/Dockerfile

@@ -1,4 +1,13 @@
 FROM node:22-alpine AS builder
+
+# RUN apk add build-base
+# RUN wget -O - https://github.com/jemalloc/jemalloc/releases/download/5.3.0/jemalloc-5.3.0.tar.bz2 | tar -xj && \
+#     cd jemalloc-5.3.0 && \
+#     ./configure && \
+#     make && \
+#     make install
+
+
 WORKDIR /workspace/
 COPY . /workspace/
 # armv7 目前只能用node18， pnpm9不支持node18,所以pnpm只能用8.15.7版本
@@ -14,6 +23,12 @@ RUN cd /workspace/certd-server && pnpm install && npm run build-on-docker
 FROM node:22-alpine
 EXPOSE 7001
 EXPOSE 7002
+
+# 安装jemalloc内存分配器，优化内存占用 -- 基本没用，反而更高了
+# COPY --from=builder /usr/local/lib/libjemalloc.so.2 /usr/local/lib/
+# ENV LD_PRELOAD=/usr/local/lib/libjemalloc.so.2
+
+
 RUN apk add --no-cache openssl
 RUN apk add --no-cache openjdk8
 WORKDIR /app/
@@ -21,7 +36,7 @@ COPY --from=builder /workspace/certd-server/ /app/
 
 COPY ./patch/ssh2/*.js /app/node_modules/.pnpm/node_modules/ssh2/lib/protocol/
 
-ENV LEGO_VERSION=4.22.2
+ENV LEGO_VERSION=4.30.1
 ENV LEGO_DOWNLOAD_DIR=/app/tools/lego
 RUN mkdir -p $LEGO_DOWNLOAD_DIR
 

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,45 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.38.0](https://github.com/certd/certd/compare/v1.37.17...v1.38.0) (2026-01-13)
+
+### Bug Fixes
+
+* 修复禁用第三方登录自动注册无效的bug ([7ee39fd](https://github.com/certd/certd/commit/7ee39fd4eddfc847bcef879f0904a4319993d081))
+* 修复重启certd后，再启用流水线，不会自动执行的bug ([468ccbf](https://github.com/certd/certd/commit/468ccbf2b725fc4b78ce4b950a114e4a4be57698))
+
+### Features
+
+* 【破坏性更新】插件改为metadata加载模式，plugin-cert、plugin-lib包部分代码转移到certd-server中，影响自定义插件，需要修改相关import引用 ([a3fb249](https://github.com/certd/certd/commit/a3fb24993d7ac8fbb0bb354fa02ef067f609021e))
+
+### Performance Improvements
+
+* 流水线页面可以查看证书过期时间 ([be03d8e](https://github.com/certd/certd/commit/be03d8e13752c355dbec158da78b9cb4c3b3bb5d))
+* 每页记录条数保持 ([14f9987](https://github.com/certd/certd/commit/14f99875fb3f535fa5ffb7bf5db3960b105aa7aa))
+* 手机号登录放到前面 ([26ac081](https://github.com/certd/certd/commit/26ac08118219407c5dd3afc35130cdd48b8fab05))
+* 优化微信支付对接文档 ([64e0d9a](https://github.com/certd/certd/commit/64e0d9a4d54b0d9da028be2c5e0ece7a97b2c250))
+* 优化站点监控，支持设置忽略主站证书一致性，支持开启和关闭自动同步ip ([26f75c7](https://github.com/certd/certd/commit/26f75c71ba8866278dbe117f1bfaf671e7f70781))
+* 增加邮件发送证书模版配置 ([cabc4da](https://github.com/certd/certd/commit/cabc4da3ac003a8c699c69f5bffea4c149be185c))
+* 站点监控增加是否自动同步IP开关 ([5268904](https://github.com/certd/certd/commit/52689049ae8e004e1252ab1e2872fbf676e0295f))
+* 证书流水线可以开启webhook ([840bd52](https://github.com/certd/certd/commit/840bd526714072315244a6900c95395d2d62f647))
+* 支持公告功能 ([a79fe1f](https://github.com/certd/certd/commit/a79fe1f350f2991af9e5b50825f1776029677fc5))
+* 支持webhook触发流水线，新增触发类型图标显示 ([1a29541](https://github.com/certd/certd/commit/1a2954114063a8b994c257a90e5814e0a3a8d924))
+* webhook触发器一个流水线限制只能添加一个 ([6c39d7b](https://github.com/certd/certd/commit/6c39d7b1eecb679cb6506b0e3557e8152e01417d))
+* zenlayer证书更新 ([9ba6c83](https://github.com/certd/certd/commit/9ba6c838215d0750cda925778a47002a521f05e9))
+
+## [1.37.17](https://github.com/certd/certd/compare/v1.37.16...v1.37.17) (2025-12-29)
+
+### Performance Improvements
+
+* 批量修改定时时间支持随机时间 ([d0f653d](https://github.com/certd/certd/commit/d0f653da9a2970920e961e7404ff04080bccd343))
+* 批量运行优化，支持普通运行和强制重新运行 ([039c62b](https://github.com/certd/certd/commit/039c62b09b37cdda35d33c6ee9adecad62dee75c))
+* 优化源码方式部署，前端无需编译 ([13ddc97](https://github.com/certd/certd/commit/13ddc979ec7953e3db8db76dd23fd85a3b3c7997))
+* 支持部署到goedge ([44bf4b1](https://github.com/certd/certd/commit/44bf4b1cc1aafa2d711c3b8e408009f0ceb413eb))
+* 支持从阿里云商用证书订单中获取证书 ([8872466](https://github.com/certd/certd/commit/887246696861c3a0b1f99fd9ad978caea423c650))
+* 支持授权给管理员查看和下载用户证书 ([1347355](https://github.com/certd/certd/commit/1347355cb117694abe99da385352a19771a32e84))
+* 执行队列数量支持设置 ([cd94488](https://github.com/certd/certd/commit/cd944882c3272adad4a2da94a3889a01fe05fe13))
+* aws route53 ([8caab1f](https://github.com/certd/certd/commit/8caab1fd9264df548f467b94202d567107b7a30b))
+
 ## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
 
 ### Bug Fixes

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.37.16",
+  "version": "1.38.0",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -29,15 +29,15 @@
   "dependencies": {
     "@ant-design/colors": "^7.0.2",
     "@ant-design/icons-vue": "^7.0.1",
-    "@aws-sdk/client-s3": "^3.535.0",
-    "@aws-sdk/s3-request-presigner": "^3.535.0",
+    "@aws-sdk/client-s3": "^3.964.0",
+    "@aws-sdk/s3-request-presigner": "^3.964.0",
     "@certd/vue-js-cron-light": "^4.0.14",
     "@ctrl/tinycolor": "^4.1.0",
-    "@fast-crud/editor-code": "^1.27.7",
-    "@fast-crud/fast-crud": "^1.27.7",
-    "@fast-crud/fast-extends": "^1.27.7",
-    "@fast-crud/ui-antdv4": "^1.27.7",
-    "@fast-crud/ui-interface": "^1.27.7",
+    "@fast-crud/editor-code": "^1.27.8",
+    "@fast-crud/fast-crud": "^1.27.8",
+    "@fast-crud/fast-extends": "^1.27.8",
+    "@fast-crud/ui-antdv4": "^1.27.8",
+    "@fast-crud/ui-interface": "^1.27.8",
     "@iconify/tailwind": "^1.2.0",
     "@iconify/vue": "^4.1.1",
     "@manypkg/get-packages": "^2.2.2",
@@ -50,7 +50,7 @@
     "@vueuse/core": "^10.11.0",
     "ant-design-vue": "^4.2.6",
     "async-validator": "^4.2.5",
-    "axios": "^1.7.2",
+    "axios": "^1.9.0",
     "axios-mock-adapter": "^1.22.0",
     "base64-js": "^1.5.1",
     "better-scroll": "^2.5.1",
@@ -83,7 +83,7 @@
     "postcss-antd-fixes": "^0.2.0",
     "postcss-import": "^16.1.0",
     "postcss-preset-env": "^10.1.5",
-    "psl": "^1.9.0",
+    "psl": "^1.15.0",
     "qiniu-js": "^3.4.2",
     "qrcode": "^1.5.4",
     "radix-vue": "^1.9.16",
@@ -106,8 +106,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.37.16",
-    "@certd/pipeline": "^1.37.16",
+    "@certd/lib-iframe": "^1.38.0",
+    "@certd/pipeline": "^1.38.0",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/components/plugins/common/remote-select.vue

@@ -138,6 +138,7 @@ const getOptions = async () => {
         onError(err: any) {
           hasError.value = true;
           message.value = `获取选项出错：${err.message}`;
+          optionsRef.value = [];
         },
         showErrorNotify: false,
       }

packages/ui/certd-client/src/components/vip-button/index.vue

@@ -298,8 +298,8 @@ function openUpgrade() {
         },
       },
       icon: "stash:thumb-up",
-      price: productInfo.plus.price,
-      price3: `¥${productInfo.plus.price3}/3${t("vip.years")}`,
+      priceText: productInfo.plus.priceText || `¥${productInfo.plus.price}/${t("vip.years")}`,
+      discountText: productInfo.plus.discountText || `¥${productInfo.plus.price3}/3${t("vip.years")}`,
       tooltip: productInfo.plus.tooltip,
       get() {
         return (
@@ -317,8 +317,8 @@ function openUpgrade() {
       type: "comm",
       icon: "vaadin:handshake",
       privilege: [t("vip.all_pro_privileges"), t("vip.allow_commercial_use_modify_logo_title"), t("vip.data_statistics"), t("vip.plugin_management"), t("vip.unlimited_multi_users"), t("vip.support_user_payment")],
-      price: productInfo.comm.price,
-      price3: `¥${productInfo.comm.price3}/3${t("vip.years")}`,
+      priceText: productInfo.comm.priceText || `¥${productInfo.comm.price}/${t("vip.years")}`,
+      discountText: productInfo.comm.discountText || `¥${productInfo.comm.price3}/3${t("vip.years")}`,
       tooltip: productInfo.comm.tooltip,
       trial: {
         title: t("vip.click_to_get_7_day_trial"),
@@ -349,6 +349,7 @@ function openUpgrade() {
   }
   const modalRef = modal.success({
     title,
+    class: "vip-modal",
     maskClosable: true,
     okText: t("vip.close"),
     width: 1100,
@@ -371,10 +372,11 @@ function openUpgrade() {
       let plusInfo: any = "";
       if (isPlus) {
         plusInfo = (
-          <div class="mt-10">
-            {t("vip.current")} {vipLabel} {t("vip.activated_expire_time")}
-            {settingStore.expiresText}
-            <a class="ml-15" href="https://app.handfree.work/subject/#/page/detail/1" target="_blank">
+          <div class="mt-10 flex flex-col md:flex-row ">
+            <span class="mr-2">
+              {t("vip.current")} {vipLabel} {t("vip.activated_expire_time")} {settingStore.expiresText}
+            </span>
+            <a href="https://app.handfree.work/subject/#/page/detail/1" target="_blank">
               {t("vip.learn_more")}
             </a>
           </div>
@@ -385,9 +387,9 @@ function openUpgrade() {
       for (const key in vipTypeDefine) {
         // @ts-ignore
         const item = vipTypeDefine[key];
-        const vipBlockClass = `vip-block ${key === settingStore.plusInfo.vipType ? "current" : ""}`;
+        const vipBlockClass = `vip-block  ${key === settingStore.plusInfo.vipType ? "current" : ""}`;
         slots.push(
-          <a-col span={8}>
+          <div class="w-full md:w-1/3 mb-4 p-5">
             <div class={vipBlockClass}>
               <h3 class="block-header ">
                 <span class="flex-o">{item.title}</span>
@@ -413,17 +415,15 @@ function openUpgrade() {
               </ul>
               <div class="footer flex-between flex-vc">
                 <div class="price-show">
-                  {item.price && (
+                  {item.priceText && (
                     <span class="flex">
-                      <span class="-text">¥{item.price}</span>
-                      <span>/</span>
-                      {t("vip.year")}
-                      <a-tooltip class="ml-5" title={item.price3}>
+                      <span class="-text">{item.priceText}</span>
+                      <a-tooltip class="ml-5" title={item.discountText}>
                         <fs-icon class="pointer color-red" icon="ic:outline-discount"></fs-icon>
                       </a-tooltip>
                     </span>
                   )}
-                  {!item.price && (
+                  {!item.priceText && (
                     <span>
                       <span class="price-text">{t("vip.freee")}</span>
                     </span>
@@ -432,7 +432,7 @@ function openUpgrade() {
                 <div class="get-show">{item.get && <div>{item.get()}</div>}</div>
               </div>
             </div>
-          </a-col>
+          </div>
         );
       }
       return (
@@ -446,18 +446,15 @@ function openUpgrade() {
             <a-row gutter={20}>{slots}</a-row>
           </div>
           <div class="mt-10">
-            <div class="flex-o w-100">
+            <div class=" w-100 flex-col md:flex-row ">
               <span>{t("vip.site_id")}：</span>
-              <fs-copyable v-model={computedSiteId.value}></fs-copyable>
-
-              <a class="ml-2" onClick={goBindAccount}>
-                {t("vip.not_effective")}
-              </a>
+              <fs-copyable v-model={computedSiteId.value} class="mr-2"></fs-copyable>
+              <a onClick={goBindAccount}>{t("vip.not_effective")}</a>
             </div>
           </div>
           {plusInfo}
-          <div class="mt-10">
-            {t("vip.have_activation_code")}
+          <div class="mt-10 ">
+            <span class="mr-2">{t("vip.have_activation_code")}</span>
             <span>
               <a onClick={showManualActivation}>{t("vip.manual_activation")}</a>
             </span>
@@ -478,6 +475,11 @@ onMounted(() => {
 </script>
 
 <style lang="less">
+.vip-modal {
+  .ant-modal-confirm-content {
+    margin-inline-start: 10px !important;
+  }
+}
 .layout-vip {
   display: flex;
   align-items: center;

packages/ui/certd-client/src/locales/langs/en-US/authentication.ts

@@ -53,6 +53,10 @@ export default {
     alignLeft: "Align Left",
     alignRight: "Align Right",
   },
+  loginType: {
+    password: "Password Login",
+    sms: "Mobile Login",
+  },
   usernamePlaceholder: "Please enter username/email/phone number",
   passwordPlaceholder: "Please enter your password",
   mobilePlaceholder: "Please enter your mobile number",

packages/ui/certd-client/src/locales/langs/en-US/certd.ts

@@ -159,6 +159,7 @@ export default {
   selectedCount: "Selected {count} items",
   batchDelete: "Batch Delete",
   batchForceRerun: "Force Rerun",
+  batchRerun: "Rerun",
   applyCertificate: "Apply for Certificate",
   pipelineExecutionRecords: "Pipeline Execution Records",
   confirm: "Confirm",
@@ -242,6 +243,9 @@ export default {
 
     addToMonitorEnabled: "Add to Cert Monitor",
     addToMonitorDomains: "Add to Monitor Domains",
+
+    webhookEnabled: "Webhook Enabled",
+    webhookEnabledHelper: "Support webhook trigger pipeline, please check webhook address in trigger source",
   },
   notificationDefault: "Use Default Notification",
   monitor: {
@@ -280,6 +284,11 @@ export default {
     lastCheckTime: "Last Check Time",
     disabled: "Enable/Disable",
     ipCheck: "Enable IP Check",
+    ipCheckHelper: "Enable to check certificate expiration time on each IP (or source site domain) ",
+    ipSyncAuto: "Enable IP Sync Auto",
+    ipSyncMode: "IP Sync Mode",
+    ipIgnoreCoherence: "Ignore Certificate Coherence",
+    ipIgnoreCoherenceHelper: "Enable to ignore certificate coherence check, only check certificate expiration time",
     selectRequired: "Please select",
     ipCheckConfirm: "Are you sure to {status} IP check?",
     ipCount: "IP Count",
@@ -485,8 +494,8 @@ export default {
   enabled: "Enabled",
   uploadCustomCert: "Upload Custom Certificate",
   sourcee: "Source",
-  sourcePipeline: "Pipeline",
-  sourceManualUpload: "Manual Upload",
+  sourcePipeline: "Cert Apply Pipeline",
+  sourceManualUpload: "Hosted Pipeline",
   domains: "Domains",
   enterDomain: "Please enter domain",
   validDays: "Valid Days",
@@ -514,7 +523,7 @@ export default {
   notificationCheckSubmittedPleaseRefresh: "Check task submitted, please refresh later",
   columnId: "ID",
   columnIp: "IP",
-  helperIpCname: "Supports entering CNAME domain name",
+  helperIpCname: "Supports entering CNAME domain name or source site domain name",
   ruleIpRequired: "Please enter IP",
   columnCertDomains: "Certificate Domains",
   columnCertProvider: "Issuer",
@@ -800,6 +809,9 @@ export default {
 
         templateProviderSelectorPlaceholder: "Not Configured",
       },
+      notice: "System Notice",
+      noticeHelper: "System notice, will be displayed on the login page",
+      noticePlaceholder: "System notice",
     },
   },
   modal: {

packages/ui/certd-client/src/locales/langs/en-US/vip.ts

@@ -98,6 +98,6 @@ export default {
   already_comm: "Already Business Edition, can't change to Professional Edition",
   already_perpetual_plus: "You already have a perpetual Professional Edition, can't upgrade",
   confirm: "Confirm",
-  not_effective: "Not effective?",
+  not_effective: "Not effective or duration not sync?",
   learn_more: "More privileges",
 };

packages/ui/certd-client/src/locales/langs/zh-CN/authentication.ts

@@ -53,6 +53,10 @@ export default {
     alignLeft: "居左",
     alignRight: "居右",
   },
+  loginType: {
+    password: "密码登录",
+    sms: "手机号登录",
+  },
   usernamePlaceholder: "请输入用户名/邮箱/手机号",
   passwordPlaceholder: "请输入密码",
   mobilePlaceholder: "请输入手机号",
@@ -62,7 +66,7 @@ export default {
   forgotAdminPassword: "忘记管理员密码？",
   registerLink: "注册",
 
-  smsTab: "短信验证码登录",
+  smsTab: "手机号登录/注册",
   passwordTab: "密码登录",
 
   title: "修改密码",

packages/ui/certd-client/src/locales/langs/zh-CN/certd.ts

@@ -165,6 +165,7 @@ export default {
   selectedCount: "已选择 {count} 项",
   batchDelete: "批量删除",
   batchForceRerun: "强制重新运行",
+  batchRerun: "重新运行",
   applyCertificate: "申请证书",
   pipelineExecutionRecords: "流水线执行记录",
   confirm: "确认",
@@ -246,6 +247,8 @@ export default {
     groupIdTitle: "流水线分组",
     addToMonitorEnabled: "添加到证书监控",
     addToMonitorDomains: "添加到监控域名",
+    webhookEnabled: "开启Webhook",
+    webhookEnabledHelper: "支持webhook触发流水线，请在触发源中查看webhook地址",
   },
   notificationDefault: "使用默认通知",
   monitor: {
@@ -284,9 +287,18 @@ export default {
     lastCheckTime: "上次检查时间",
     disabled: "禁用启用",
     ipCheck: "开启IP检查",
+    ipCheckHelper: "开启后，会检查IP（或源站）上的证书有效期",
+    ipSyncAuto: "自动同步IP",
+    ipSyncMode: "IP同步模式",
+    ipSyncModeHelper: "选择仅检查IPv4或IPv6，或检查所有IP",
+    ipSyncModeAll: "检查所有IP",
+    ipSyncModeIPV4Only: "仅检查IPv4",
+    ipSyncModeIPV6Only: "仅检查IPv6",
     selectRequired: "请选择",
     ipCheckConfirm: "确定{status}IP检查？",
     ipCount: "IP数量",
+    ipIgnoreCoherence: "忽略证书一致性",
+    ipIgnoreCoherenceHelper: "开启后，即使IP上的证书与站点证书不一致，也会被认为是正常，仅校验证书过期时间",
     checkStatus: "检查状态",
     pipelineId: "关联流水线ID",
     certInfoId: "证书ID",
@@ -351,6 +363,7 @@ export default {
   editSchedule: "修改定时",
   timerTrigger: "定时触发",
   schedule: "定时",
+  webhook: "Webhook",
   selectCron: "请选择定时Cron",
   batchEditSchedule: "批量修改定时",
   editTrigger: "编辑触发器",
@@ -490,8 +503,8 @@ export default {
   enabled: "启用",
   uploadCustomCert: "上传自定义证书",
   sourcee: "来源",
-  sourcePipeline: "流水线",
-  sourceManualUpload: "手动上传",
+  sourcePipeline: "证书流水线",
+  sourceManualUpload: "托管流水线",
   domains: "域名",
   enterDomain: "请输入域名",
   validDays: "有效天数",
@@ -519,7 +532,7 @@ export default {
   notificationCheckSubmittedPleaseRefresh: "检查任务已提交，请稍后刷新查看结果",
   columnId: "ID",
   columnIp: "IP",
-  helperIpCname: "也支持填写CNAME域名",
+  helperIpCname: "也支持填写CNAME域名，源站域名",
   ruleIpRequired: "请输入IP",
   columnCertDomains: "证书域名",
   columnCertProvider: "颁发机构",
@@ -619,6 +632,7 @@ export default {
   proFeature: "专业版功能",
   emailServerSetup: "设置邮箱服务器",
   enableSmsLoginRegister: "开启手机号登录、注册",
+  defaultLoginType: "默认登录方式",
   commFeature: "商业版功能",
   smsProvider: "短信提供商",
   aliyunSms: "阿里云短信",
@@ -774,7 +788,7 @@ export default {
 
       pipelineMaxRunningCount: "同时最大运行流水线数量",
       pipelineMaxRunningCountHelper: "同一个用户同时运行的最大流水线数量，避免同时触发太多导致ACME账户被限制",
-      pipelineMaxRunningCountRecommend: "推荐5-10",
+      pipelineMaxRunningCountRecommend: "推荐5-15，默认10",
 
       fixedCertExpireDays: "固定证书有效期天数",
       fixedCertExpireDaysHelper: "固定证书有效期天数，有助于列表进度条整齐显示",
@@ -809,6 +823,9 @@ export default {
 
         templateProviderSelectorPlaceholder: "未配置",
       },
+      notice: "系统公告",
+      noticeHelper: "系统公告，将在首页显示",
+      noticePlaceholder: "系统公告",
     },
   },
   modal: {

packages/ui/certd-client/src/locales/langs/zh-CN/vip.ts

@@ -59,7 +59,7 @@ export default {
   vip_group_priority: "可加VIP群，您的需求将优先实现",
   unlimited_site_certificate_monitoring: "站点证书监控无限制",
   more_notification_methods: "更多通知方式",
-  plugins_fully_open: "插件全开放，群辉等更多插件",
+  plugins_fully_open: "插件全开放，群晖等更多插件",
   click_to_get_7_day_trial: "点击获取7天试用",
   years: "年",
   afdian_support_vip: "新用户开通永久专业版立享50优惠券",
@@ -97,6 +97,6 @@ export default {
   already_comm: "已经是商业版了，不能降级为专业版",
   already_perpetual_plus: "您已经是永久专业版了，无法继续升级",
   confirm: "确认",
-  not_effective: "VIP没有生效?",
+  not_effective: "VIP没有生效/时长未同步?",
   learn_more: "更多特权(加VIP群等)",
 };

packages/ui/certd-client/src/plugin/fast-crud/index.tsx

@@ -1,3 +1,4 @@
+//@ts-ignore
 import { request } from "/src/api/service";
 // import "/src/mock";
 import { ColumnCompositionProps, CrudOptions, FastCrud, PageQuery, PageRes, setLogger, TransformResProps, useColumns, UseCrudProps, UserPageQuery, useTypes, utils, forEachTableColumns } from "@fast-crud/fast-crud";
@@ -46,8 +47,9 @@ class ColumnSizeSaver {
     LocalStorage.remove(saveKey);
   }
 }
-const columnSizeSaver = new ColumnSizeSaver();
+const columnSizeSaver = new ColumnSizeSaver("columnSize");
 const tableSortSaver = new ColumnSizeSaver("tableSorter");
+const tableSaver = new ColumnSizeSaver("table");
 
 function install(app: App, options: any = {}) {
   app.use(UiAntdv);
@@ -94,6 +96,13 @@ function install(app: App, options: any = {}) {
             }
           },
         },
+        pagination: {
+          _onPageSizeChange(req: any) {
+            const { pageSize } = req;
+            tableSaver.save("pageSize", pageSize);
+          },
+          pageSize: tableSaver.get("pageSize") || 20,
+        },
         table: {
           scroll: {
             x: 960,
@@ -322,6 +331,7 @@ function install(app: App, options: any = {}) {
   app.use(FsExtendsTime);
   app.use(FsExtendsCopyable);
   app.use(FsExtendsInput);
+  //@ts-ignore
   app.use(FsEditorCode);
 
   const { addTypes, getType } = useTypes();

packages/ui/certd-client/src/store/settings/api.basic.ts

@@ -36,6 +36,7 @@ export type SysPublicSetting = {
   emailRegisterEnabled?: boolean;
   passwordLoginEnabled?: boolean;
   smsLoginEnabled?: boolean;
+  defaultLoginType?: string;
   selfServicePasswordRetrievalEnabled?: boolean;
 
   limitUserPipelineCount?: number;
@@ -80,6 +81,8 @@ export type SysPublicSetting = {
       addonId: number;
     }
   >;
+  // 系统通知
+  notice?: string;
 };
 export type SuiteSetting = {
   enabled?: boolean;