#### What type of PR is this?
/kind bug
/area core
/area plugin
/milestone 2.16.0
#### What this PR does / why we need it:
Before the PR, any user can generate bundle files by providing random query param `v` while requesting bundle files.
This PR refactors the whole bundle file generation method.
1. Do nothing if users provide arbitrary bundle file version
2. Better lock for writing bundle files if not exist
#### Special notes for your reviewer:
1. Request `http://localhost:8090/apis/api.console.halo.run/v1alpha1/plugins/-/bundle.js?v=xyz`
2. Check if the file `xyz.js` in folder `$TMPDIR/halo-plugin-bundle**`
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind cleanup
/milestone 2.16.x
#### What this PR does / why we need it:
移除 UI 项目中不必要的环境变量配置。
1. VITE_API_URL:当前 Console 不会考虑独立部署,并且在开发环境是后端 Proxy 的 Console 请求,所以此变量没有任何意义。
2. VITE_BASE_URL:无意义,当前不考虑修改。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind bug
/milestone 2.16.x
#### What this PR does / why we need it:
修复 Dropdown 组件自动销毁的问题,这可能导致部分插件在 Dropdown 中的组件无法正常渲染。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
/kind milestone 2.16.x
#### What this PR does / why we need it:
使用索引机制来查询扩展点定义
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
This PR unifies cache control for static resources.
Example configuration of cache control:
```yaml
spring:
web:
resources:
cache:
cachecontrol:
no-cache: true
no-store: true
use-last-modified: false
```
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/6003
#### Special notes for your reviewer:
1. Run with `default` and `dev` profiles respectively.
2. See the difference of the `Cache-Control` header in HTTP response
#### Does this PR introduce a user-facing change?
```release-note
优化 HTTP 缓存控制
```
#### What type of PR is this?
/area ui
/kind bug
/milestone 2.16.x
#### What this PR does / why we need it:
回退 `@uppy/xhr-upload` 的版本至 3.6.0,因为最新版本的 `@uppy/xhr-upload` 添加了重试机制和修改了错误异常的结构,并且当前重试参数并没有体现在文档和 API 中,所以暂时先回退至 3.6.0 以解决 https://github.com/halo-dev/halo/issues/601431cc47f3fb/packages/%40uppy/utils/src/fetcher.ts (L26)
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/6014
#### Special notes for your reviewer:
需要测试:
1. 附件上传功能
2. 上传已安装的插件或者主题,观察是否有提示升级。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.16.0
#### What this PR does / why we need it:
PAT could not be created or restored while logging in with remember-me due to lack of RememberMeAuthenticationToken check.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/6000
#### Special notes for your reviewer:
1. Log in with remember-me
2. Create a PAT or restore a PAT
3. See the result
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.16.x
#### What this PR does / why we need it:
This PR adds support for serializing HaloUser and 2FA.
1. Refactor delegate of HaloUser using `org.springframework.security.core.userdetails.User`.
2. Add `HaloSecurityJackson2Module` to enable serialization/deserialization of Halo security module.
Below is code snippet of integration:
```java
this.objectMapper = Jackson2ObjectMapperBuilder.json()
.modules(SecurityJackson2Modules.getModules(this.getClass().getClassLoader()))
.modules(modules -> modules.add(new HaloSecurityJackson2Module()))
.indentOutput(true)
.build();
```
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
更新上传库 Uppy 的包依赖。
#### Does this PR introduce a user-facing change?
```release-note
更新上传库 Uppy 的包依赖。
```
#### What type of PR is this?
/area ui
/kind feature
/milestone 2.16.x
#### What this PR does / why we need it:
在插件数据管理列表页面路由中记录查询条件,可以保证在刷新页面或者切换路由返回时保留之前的查询状态。
<img width="1663" alt="image" src="https://github.com/halo-dev/halo/assets/21301288/2638dfc9-793b-48c6-81dd-f460a6c9214d">
#### Special notes for your reviewer:
需要测试:
1. 插件管理列表的所有筛选项是否可以正常工作。
2. 尝试设置部分筛选,然后刷新页面,观察筛选条件是否正常保留。
#### Does this PR introduce a user-facing change?
```release-note
Console 端的插件管理列表支持在地址栏记录筛选条件。
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
重构文章的发布逻辑,以下是主要改动:
1. 如果文章未发布,点击文章设置的发布按钮时,会先保存文章。
2. 在文章列表的操作菜单中添加发布 / 取消发布的选项。
3. 重构文章设置中,发布 / 取消发布按钮的显示条件。
4. 优化文章设置对话框的显示条件,减少不必要的渲染开销和请求。
#### Special notes for your reviewer:
需要测试:
1. 文章正常新建和发布的逻辑。
2. 文章设置未来时间的发布逻辑。
3. 取消定时发布和已发布文章的逻辑。
#### Does this PR introduce a user-facing change?
```release-note
优化 Console 文章管理中的文章发布逻辑。
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
为更新评论的最后读取时间添加重试机制。Ref https://github.com/halo-dev/halo/pull/5903#issuecomment-2106855779
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind bug
/milestone 2.16.x
#### What this PR does / why we need it:
修复部分表单数据更新时,引用的初始值对象被跟着更新的问题。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
/area plugin
#### What this PR does / why we need it:
This PR wholly refactors plugin reconciliation to implement dependency mechanism.
Currently,
- If we disable plugin which has dependents, the plugin must wait for dependents to be disabled.
- If we enable plugin which has dependencies , the plugin must wait for dependencies to be enabled.
- If we upgrade plugin which has dependents, the plugin must request dependents to be unloaded. After the plugin is unloaded, the plugin must cancel unload request for dependents.
#### Which issue(s) this PR fixes:
Fixes#5872
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
优化被依赖的插件的升级,启用和禁用
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
优化和角色相关的对话框显示逻辑,减少不必要的渲染开销和请求。
#### Does this PR introduce a user-facing change?
```release-note
优化和角色相关的对话框显示逻辑,减少不必要的渲染开销和请求。
```
#### What type of PR is this?
/kind improvement
/area core
/area plugin
/milestone 2.16.x
#### What this PR does / why we need it:
为插件提供文章内容获取的 bean 以简化文章内容获取
#### Which issue(s) this PR fixes:
Fixes #
#### Does this PR introduce a user-facing change?
```release-note
为插件提供文章内容获取的 Bean
```
#### What type of PR is this?
/kind feature
/area core
/milestone 2.16.x
#### What this PR does / why we need it:
为登录增加记住我机制以优化登录体验
how to test it?
1. 勾选记住密码选项后登录
2. 退出浏览器后打开 console 期望依然可以访问而不需要登录
3. 测试修改密码功能,期望修改密码后所有会话需要重新登录包括当前设备和其他设备
#### Which issue(s) this PR fixes:
Fixes#2362
#### Does this PR introduce a user-facing change?
```release-note
为登录增加记住我机制以优化登录体验
```
#### What type of PR is this?
/area ui
/kind bug
/milestone 2.16.x
#### What this PR does / why we need it:
修复在文章版本历史内容预览中代码块颜色显示异常的问题。
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/5845
#### Does this PR introduce a user-facing change?
```release-note
修复在文章版本历史内容预览中代码块颜色显示异常的问题。
```
#### What type of PR is this?
/kind feature
/area core
/milestone 2.16.x
#### What this PR does / why we need it:
新增文章定时发布功能
#### Which issue(s) this PR fixes:
Fixes#4602
#### Does this PR introduce a user-facing change?
```release-note
新增文章定时发布功能
```
#### What type of PR is this?
/kind cleanup
/area core
/milestone 2.16.x
#### What this PR does / why we need it:
This PR removes PatJwkSupplier interface, scheduled RSA key generation, and move some of them into CryptoService.
Currently, we only use `pat_id_rsa` as private key for authentication modules instead of `id_rsa`(deprecated).
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind cleanup
/milestone 2.16.x
#### What this PR does / why we need it:
规范 api client 的方法名,之前生成的 api client 的方法名没有完全遵循驼峰命名。
#### Which issue(s) this PR fixes:
Close https://github.com/halo-dev/halo/issues/5716
#### Special notes for your reviewer:
CI 通过即可。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind cleanup
/area core
/milestone 2.16.x
#### What this PR does / why we need it:
This PR upgrades dependency Spring Boot to [3.3.0](https://github.com/spring-projects/spring-boot/releases/tag/v3.3.0).
#### Does this PR introduce a user-facing change?
```release-note
升级 Spring Boot 至 3.3.0
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
优化 Console 的全局搜索对话框显示逻辑,改为未开启时不渲染组件。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
优化和用户管理相关的所有对话框显示逻辑,减少不必要的渲染开销和请求。
#### Special notes for your reviewer:
改动范围如下:
1. 用户密码修改
2. 用户资料修改
3. 用户创建
4. 重新登录
#### Does this PR introduce a user-facing change?
```release-note
优化和用户管理相关的所有对话框显示逻辑,减少不必要的渲染开销和请求。
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
优化页面设置弹窗的显示逻辑,改为在未打开弹窗组件的时候不渲染组件,减少不必要的请求。
#### Which issue(s) this PR fixes:
#### Does this PR introduce a user-facing change?
```release-note
优化页面设置弹窗的显示逻辑,减少不必要的请求。
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
让 UC 端的重置密码页面使用和登录相关页面一样的 GatewayLayout 布局组件。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
简化评论回复组件的代码。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
优化附件管理的相关代码。
1. 优化附件管理相关的对话框组件,减少重复和不必要的请求。
2. 简化附件存储策略编辑组件的逻辑。
#### Special notes for your reviewer:
需要测试:
1. 附件上传的相关功能。
2. 附件存储策略的编辑和新建。
3. 附件筛选条件功能。
#### Does this PR introduce a user-facing change?
```release-note
优化附件管理相关代码,减少重复和不必要的请求。
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
升级 Vue 生态的相关依赖,以及修复编译 packages 时的异常日志问题。
#### Does this PR introduce a user-facing change?
```release-note
升级 Vue 生态的相关依赖至最新版本。
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
优化文章标签的表单组件代码。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.16.x
#### What this PR does / why we need it:
This PR unifies api and portal security configurations into one for a better maintenance.
Meanwhile, removing `HaloAnonymousAuthenticationWebFilter` introduced by <https://github.com/halo-dev/halo/pull/3152> may fix <https://github.com/halo-dev/halo/issues/4047>.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/4047
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
修复登录成功后立即出现登录失效的问题
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
优化文章分类管理相关的 UI 代码。
1. 使用 vue-draggable-plus 库代替 vuedraggable 库实现拖拽排序。vue-draggable-plus 是在 https://github.com/halo-dev/halo/pull/5914 中引入,替换的原因是 vuedraggable 库已经不再积极维护。
2. 改进分类编辑表单的逻辑,清理无用代码。
#### Special notes for your reviewer:
需要测试:
1. 测试文章分类拖拽排序功能是否表现正常。
2. 测试新增/编辑文章分类功能是否表现正常。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area editor
/milestone 2.16.x
#### What this PR does / why we need it:
移除使用 `Backspace` 进行缩进的功能。此功能会导致选中无序列表文本至起始位置时,按 `Backspace` 快捷键会导致无序列表解除当前层级。
#### How to test it?
测试从后往前选中无序列表文本至文本起始位置,然后按下 `Backspace` 快捷键。此时应当只删除文本而不会调整无序列表层级。
#### Which issue(s) this PR fixes:
Fixes#5925
#### Does this PR introduce a user-facing change?
```release-note
修复默认编辑器中列表使用 Backspace 快捷键删除选中文本的错误行为
```
#### What type of PR is this?
/kind improvement
/area editor
/milestone 2.16.x
#### What this PR does / why we need it:
优化默认编辑器代码块 `Backspace` 快捷键逻辑。如下所示:
1. 选中内容时进行删除,保证光标仍处于代码块内。
2. 光标处于代码块首位或者代码块没有内容时,不再删除代码块。
#### How to test it?
测试默认编辑器代码块功能。查看是否符合上述逻辑
#### Which issue(s) this PR fixes:
Fixes#5927
#### Does this PR introduce a user-facing change?
```release-note
优化默认编辑器代码块 Backspace 快捷键逻辑
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
优化菜单管理相关的 UI 代码。
1. 使用 vue-draggable-plus 库代替 vuedraggable 库实现拖拽排序。vue-draggable-plus 是在 https://github.com/halo-dev/halo/pull/5914 中引入,替换的原因是 vuedraggable 库已经不再积极维护。
2. 改进菜单和菜单项编辑表单的逻辑,清理无用代码。
#### Special notes for your reviewer:
需要测试:
1. 测试菜单项拖拽排序功能是否表现正常。
2. 测试新增菜单、菜单项和修改菜单、菜单项功能是否表现正常。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.16.x
#### What this PR does / why we need it:
This PR ignores `includeSubdomains` for HSTS header. See https://github.com/halo-dev/halo/issues/4943 for more.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/4943
#### Does this PR introduce a user-facing change?
```release-note
修复开启 HSTS 可能会导致未开启 HSTS 的子域名站点无法访问的问题
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.16.x
#### What this PR does / why we need it:
升级 pnpm 的版本至 9,以及 GitHub Actions 的 Node 版本改为了 20。
#### Does this PR introduce a user-facing change?
```release-note
升级 pnpm 的版本至 9
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.16.x
#### What this PR does / why we need it:
邮件通知功能现在只向经过验证的邮箱地址发送通知匿名用户除外
#### Which issue(s) this PR fixes:
Fixes#5722
#### Does this PR introduce a user-facing change?
```release-note
邮件通知功能现在只向经过验证的邮箱地址发送通知匿名用户除外
```
#### What type of PR is this?
/kind bug
/area editor
/milestone 2.16.x
#### What this PR does / why we need it:
当工具栏菜单出现溢出时,由于 `justify-content` 会始终保持居中状态,因此会导致溢出的内容被遮挡。
考虑到 [justify-content:safe](https://developer.mozilla.org/zh-CN/docs/Web/CSS/justify-content#safe) 在 safari 上具有兼容性问题,因此修改 HTML 结构,使用 `text-align` 来使菜单居中。
#### How to test it?
测试在菜单栏溢出时,溢出的内容是否被遮挡。
#### Which issue(s) this PR fixes:
Fixes#5926
#### Does this PR introduce a user-facing change?
```release-note
解决默认编辑器中顶部工具栏菜单溢出后被遮挡的问题
```
Halo Dev Bot