<!-- Thanks for sending a pull request! Here are some tips for you:
1. 如果这是你的第一次,请阅读我们的贡献指南:<https://github.com/halo-dev/halo/blob/main/CONTRIBUTING.md>。
1. If this is your first time, please read our contributor guidelines: <https://github.com/halo-dev/halo/blob/main/CONTRIBUTING.md>.
2. 请根据你解决问题的类型为 Pull Request 添加合适的标签。
2. Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request.
3. 请确保你已经添加并运行了适当的测试。
3. Ensure you have added or ran the appropriate tests for your PR.
-->
#### What type of PR is this?
<!--
添加其中一个类别:
Add one of the following kinds:
/kind bug
/kind cleanup
/kind documentation
/kind feature
/kind improvement
适当添加其中一个或多个类别(可选):
Optionally add one or more of the following kinds if applicable:
/kind api-change
/kind deprecation
/kind failing-test
/kind flake
/kind regression
-->
/area ui
/kind bug
#### What this PR does / why we need it:
See #6994
#### Which issue(s) this PR fixes:
<!--
PR 合并时自动关闭 issue。
Automatically closes linked issue when PR is merged.
用法:`Fixes #<issue 号>`,或者 `Fixes (粘贴 issue 完整链接)`
Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`.
-->
Fixes#6994
#### Special notes for your reviewer:
统一了发布文章时的行为,均先确保服务端创建草稿后保存内容。
#### Does this PR introduce a user-facing change?
<!--
如果当前 Pull Request 的修改不会造成用户侧的任何变更,在 `release-note` 代码块儿中填写 `NONE`。
否则请填写用户侧能够理解的 Release Note。如果当前 Pull Request 包含破坏性更新(Break Change),
Release Note 需要以 `action required` 开头。
If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
-->
```release-note
修复文章重复生成的问题
```
#### What type of PR is this?
/kind feature
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR allows users to upload local attachment always with a random filename to simply prevent resource leak.
Please see the configuration and the uploaded result below:
```json
{
"spec": {
"displayName": "halo.run-ykfswxmokpjopvkqwybghazloxeovgae.cer",
"policyName": "attachment-policy-XVdDK",
"ownerName": "admin",
"mediaType": "application/pkix-cert",
"size": 1803
},
"status": {
"permalink": "/upload/random/halo.run-ykfswxmokpjopvkqwybghazloxeovgae.cer"
},
"apiVersion": "storage.halo.run/v1alpha1",
"kind": "Attachment",
"metadata": {
"finalizers": [
"attachment-manager"
],
"name": "44b4c8de-0d3b-4bbb-acc2-4af50175a2b5",
"annotations": {
"storage.halo.run/local-relative-path": "upload/random/halo.run-ykfswxmokpjopvkqwybghazloxeovgae.cer",
"storage.halo.run/uri": "/upload/random/halo.run-ykfswxmokpjopvkqwybghazloxeovgae.cer"
},
"version": 2,
"creationTimestamp": "2025-03-18T15:53:11.817541483Z"
}
}
```
#### Does this PR introduce a user-facing change?
```release-note
支持上传附件至本地时总是随机命名文件名
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR adjusts the order of checking instance of ExecutorService and AutoCloseable interfaces. Because the ExecutorService extends AutoCloseable in Java 21. As a result, unit tests against the method won't be passed in Java 21.
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR adds timeout for blocking Extension client to prevent system from blocking without any error.
#### Which issue(s) this PR fixes:
Recently, we have received several issues about getting stuck in creating menu items. Please refer to the key threaddump detail:
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind cleanup
#### What this PR does / why we need it:
撤回对插件类加载顺序的改动这可能导致破坏性更新
同时,不在考虑修改加载顺序问题,由于社区版和专业版引入的依赖不同插件无法以社区版为依赖基准保证功能在专业版也可用,举个例子:
1. 插件引入了 okhttp4 作为依赖,这可能是插件引入的依赖所附带的
2. 在社区版没有问题,插件开发者也是这么测试的
3. 但是在专业版中引入了 okhttp3 作为依赖,此时插件在专业版就不可用了因为插件依赖了 okhttp4 的功能
通过上述问题就导致了不可预知的问题
#### Does this PR introduce a user-facing change?
```release-note
撤回对插件类加载顺序的改动这可能导致破坏性更新
```
#### What type of PR is this?
/area core
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
Add favicon to login page
#### Which issue(s) this PR fixes:
Fixes#7287
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
为登录相关的页面添加 Favicon
```
#### What type of PR is this?
/kind feature
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
支持禁用主题预览功能,但拥有主题管理权限的用户不受此功能影响
#### Which issue(s) this PR fixes:
Fixes#7204
#### Does this PR introduce a user-facing change?
```release-note
支持禁用主题预览功能,但拥有主题管理权限的用户不受此功能影响
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR turns off the logging of TemplateEngine to prevent too many annoying and useless logs.
Please note that the TemplateExceptions won't be eat up because we have a global error handler to log them.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/4468
#### Special notes for your reviewer:
Steps to verify:
- Start Halo instance
- Execute command `ab -c 100 -n 10000 -H 'Accept: text/html' -H 'Cache-Control: no-cache' http://localhost:8090/` and then press `Ctrl + C` to stop the ab process.
- See the logs of Halo instance.
#### Does this PR introduce a user-facing change?
```release-note
解决日志中出现大量 InterruptedException 异常的问题
```
#### What type of PR is this?
/area ui
/kind feature
/milestone 2.20.x
#### What this PR does / why we need it:
Add support for batch deletion and batch marking as read for notifications in the UC.
<img width="763" alt="image" src="https://github.com/user-attachments/assets/a470ae2d-c4d2-4e6c-8c05-76f9f29e378d" />
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/7164
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
个人中心的消息管理支持批量删除和批量标记为已读
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR fixes the pending problem of requesting console and ui pages in dev mode.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/7191
#### Special notes for your reviewer:
Steps to reproduce:
- Start ui projects with dev mode by executing command `make -C ui dev`.
- Run Halo instance in dev mode by executing command `./gradlew bootRun --args="--spring.profiles.active=dev"`.
- Try to request <http://localhost:8090/uc> and <http://localhost:8090/console>.
- Try to refresh page by hand and see the result
#### Does this PR introduce a user-facing change?
```release-note
修复开发模式下无法正常进入管理和个人中心页面的问题
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
仅对包含文章权限的用户生成作者页面
#### Which issue(s) this PR fixes:
Fixes#7202
#### Does this PR introduce a user-facing change?
```release-note
仅对包含文章权限的用户生成作者页面
```
#### What type of PR is this?
/kind bug
/area editor
/milestone 2.20.x
#### What this PR does / why we need it:
解决默认编辑器中,粘贴后的图片,按下回车可能会导致重复触发上传的问题。
#### How to test it?
1. 在默认编辑器中粘贴一个图片。
2. 在图片前进行回车换行。
3. 查看图片是否被重复上传。
#### Which issue(s) this PR fixes:
Fixes#7206
#### Does this PR introduce a user-facing change?
```release-note
解决默认编辑器中附件会重复上传的问题
```
#### What type of PR is this?
/kind improvment
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
为自定义页面的图片增加缩略图支持
<img width="1594" alt="image" src="https://github.com/user-attachments/assets/f317d73b-e515-4c3c-83e7-06ef55873a37" />
#### Which issue(s) this PR fixes:
Fixes#7232
#### Does this PR introduce a user-facing change?
```release-note
为自定义页面的图片增加缩略图支持
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
将获取文件名的代码由 `Part.name()` 改为 `FilePart.filename()`。`Part.name()` 在没有覆写 form 时可能无法正确获取到文件的客户端路径。
#### How to test it?
1. 在文章设置 - 附件存储策略 中,设置一个其他的附件存储策略。
2. 测试在富文本编辑器中上传文件是否报错文件类型与后缀不匹配的问题。
#### Which issue(s) this PR fixes:
Fixes#7274
#### Does this PR introduce a user-facing change?
```release-note
解决在默认编辑器中上传文件失败的问题
```
#### What type of PR is this?
/area ui
/kind feature
/milestone 2.20.x
#### What this PR does / why we need it:
<img width="519" alt="image" src="https://github.com/user-attachments/assets/7c1f5636-ef85-489e-80ac-5199acf234a3" />
#### Which issue(s) this PR fixes:
Fixes#7260
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
在两步验证配置界面添加设备丢失相关的提示
```
#### What type of PR is this?
/kind feature
/milestone 2.20.x
/area ui
#### What this PR does / why we need it:
<img width="586" alt="image" src="https://github.com/user-attachments/assets/48d07035-7cb0-4e08-a7c1-4a5d91069d41" />
#### Which issue(s) this PR fixes:
Fixes#7267
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
支持批量撤销其他设备的登录状态
```
#### What type of PR is this?
/area ui
/kind feature
/milestone 2.20.x
#### What this PR does / why we need it:
Added three Node.js scripts to help manage YAML translation files:
1. `find_missing_translations.mjs`: Identifies missing translations by comparing language files with the English base file and generates _missing_translations_*.yaml files.
2. `apply_missing_translations.mjs`: Merges translated entries from missing translation files into the main language files, while preserving untranslated entries for future work.
3. `fix_translations.mjs`: Removes keys that exist in language files but not in the English base file.
Usage Example:
```
# Find missing translations
node scripts/find_missing_translations.mjs
# Apply only the translated entries
node scripts/apply_missing_translations.mjs
# Remove extra keys
node scripts/fix_translations.mjs
```
These scripts streamline the translation workflow and help maintain consistency across language files.
#### Which issue(s) this PR fixes:
None
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
None
#### What this PR does / why we need it:
Update issue templates config for commercial products
#### Which issue(s) this PR fixes:
None
#### Special notes for your reviewer:
None
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind cleanup
#### What this PR does / why we need it:
Replaces deprecated functions (`String defaultString(final String str, final String nullDefault)`) with its recommended alternatives
See 29ccc7665f/src/main/java/org/apache/commons/lang3/StringUtils.java (L1635) for more.
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind cleanup
/area core
#### What this PR does / why we need it:
This PR upgrades to Spring Boot [3.4.3](https://github.com/spring-projects/spring-boot/releases/tag/v3.4.3).
#### Does this PR introduce a user-facing change?
```release-note
升级依赖 Spring Boot 至 3.4.3
```
<!-- Thanks for sending a pull request! Here are some tips for you:
1. 如果这是你的第一次,请阅读我们的贡献指南:<https://github.com/halo-dev/halo/blob/main/CONTRIBUTING.md>。
1. If this is your first time, please read our contributor guidelines: <https://github.com/halo-dev/halo/blob/main/CONTRIBUTING.md>.
2. 请根据你解决问题的类型为 Pull Request 添加合适的标签。
2. Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request.
3. 请确保你已经添加并运行了适当的测试。
3. Ensure you have added or ran the appropriate tests for your PR.
-->
#### What type of PR is this?
<!--
添加其中一个类别:
Add one of the following kinds:
/kind bug
/kind cleanup
/kind documentation
/kind feature
/kind improvement
适当添加其中一个或多个类别(可选):
Optionally add one or more of the following kinds if applicable:
/kind api-change
/kind deprecation
/kind failing-test
/kind flake
/kind regression
-->
#### What this PR does / why we need it:
#### Which issue(s) this PR fixes:
<!--
PR 合并时自动关闭 issue。
Automatically closes linked issue when PR is merged.
用法:`Fixes #<issue 号>`,或者 `Fixes (粘贴 issue 完整链接)`
Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`.
-->
Fixes #
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
<!--
如果当前 Pull Request 的修改不会造成用户侧的任何变更,在 `release-note` 代码块儿中填写 `NONE`。
否则请填写用户侧能够理解的 Release Note。如果当前 Pull Request 包含破坏性更新(Break Change),
Release Note 需要以 `action required` 开头。
If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
-->
```release-note
```
#### What type of PR is this?
/area ui
/kind cleanup
/milestone 2.20.x
#### What this PR does / why we need it:
Bump vue related dependencies
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind cleanup
/milestone 2.20.x
#### What this PR does / why we need it:
Bump tiptap version to 2.11.x
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind cleanup
/area core
#### What this PR does / why we need it:
This PR upgrades to Spring Boot [3.4.1](https://github.com/spring-projects/spring-boot/releases/tag/v3.4.1).
#### Does this PR introduce a user-facing change?
```release-note
升级依赖 Spring Boot 至 3.4.1
```
#### What type of PR is this?
/area ui
/kind cleanup
#### What this PR does / why we need it:
Bump axios version to 1.7.9
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind cleanup
/area core
#### What this PR does / why we need it:
This PR upgrades to SpringDoc to [2.8.3](https://github.com/springdoc/springdoc-openapi/releases/tag/v2.8.3).
#### Does this PR introduce a user-facing change?
```release-note
升级依赖 SpringDoc 至 2.8.3
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
自动生成摘要仅对内容变更时生效
see https://github.com/halo-dev/halo/issues/7193#issuecomment-2581699190 for more details
避免对资源造成浪费如 AI 摘要生成
#### Which issue(s) this PR fixes:
Fixes#7193
#### Does this PR introduce a user-facing change?
```release-note
自动生成摘要仅对内容发生变更时生效
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
修复主题中声明的通知模板无法被创建的问题
#### Which issue(s) this PR fixes:
Fixes#7195
#### Does this PR introduce a user-facing change?
```release-note
修复主题中声明的通知模板无法被创建的问题
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
为 UC 端发布文章的操作添加重试机制,防止出现因为锁导致的保存失败问题。
#### Which issue(s) this PR fixes:
Fixes#7139
#### Does this PR introduce a user-facing change?
```release-note
为 UC 端发布文章的操作添加重试机制,防止出现因为锁导致的保存失败问题。
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
卸载主题之后清理模板缓存
此问题是 https://github.com/halo-dev/halo/pull/2970 的遗留问题
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
修复文件类型限制能通过混合文件类型绕过检测的问题
参考:https://github.com/halo-dev/halo/security/advisories/GHSA-99mc-ch53-pqh9
#### Does this PR introduce a user-facing change?
```release-note
修复文件类型限制能通过混合文件类型绕过检测的问题
```
#### What type of PR is this?
/kind bug
/area ui
/milestone 2.20.x
#### What this PR does / why we need it:
Prevent data clearing on FormKit component unmount
#### Which issue(s) this PR fixes:
Fixes#7121
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
修复 FormKit 组件卸载时,对应数据值也被清除的问题
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
Optimize axios interceptor text/html content type detection
<img width="1461" alt="image" src="https://github.com/user-attachments/assets/6bb59a1d-81cc-4ea2-ac61-17e30eab4281" />
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind improvement
#### What this PR does / why we need it:
Bump vite version to [6](https://vite.dev/guide/migration.html)
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind feature
/area ui
/milestone 2.20.x
#### What this PR does / why we need it:
Add supports for display HTML format in API error responses
See #7115
Examples:
<img width="917" alt="image" src="https://github.com/user-attachments/assets/1ab4531c-3238-4e7d-ba24-d2425184a757">
<img width="942" alt="image" src="https://github.com/user-attachments/assets/54621b31-0629-4772-95fd-8587a7704ca3">
#### Which issue(s) this PR fixes:
Fixes#7115
#### Special notes for your reviewer:
Nginx mock example:
```nginx
server {
listen 80;
server_name localhost;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
proxy_pass http://localhost:8090;
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ^~ /apis/content.halo.run/v1alpha1/posts/ {
return 403;
}
}
```
#### Does this PR introduce a user-facing change?
```release-note
支持显示来自反向代理或者 WAF 的请求错误信息
```
#### What type of PR is this?
/area ui
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
Inject Object.hasOwn polyfill into the front-end projects of Console and UC to solve the problem that some features cannot be used normally in lower version browsers
See https://github.com/halo-dev/halo/issues?q=is%3Aissue%20state%3Aclosed%20hasOwn
See https://caniuse.com/?search=hasOwn
#### Does this PR introduce a user-facing change?
```release-note
修复在较低版本浏览器中无法使用默认编辑器和附件上传功能的问题。
```
#### What type of PR is this?
/kind feature
/kind improvement
#### What this PR does / why we need it:
本次PR对系统中用于电子邮件哈希的算法进行了升级。原先使用的是MD5算法,现在替换为了更安全的SHA-256算法。这一变更提高了数据的安全性,降低了电子邮件被破解的风险。
#### Which issue(s) this PR fixes:
未指定具体问题编号,但解决了潜在的安全隐患。
#### Special notes for your reviewer:
在替换哈希算法的过程中,我已经确保了代码的兼容性和性能。建议审查者在合并前进行全面的测试,以确保新算法的正确性和系统的稳定性。
#### Does this PR introduce a user-facing change?
```release-note
增强评论邮箱哈希算法(SHA256)
```
#### What type of PR is this?
/kind cleanup
/area core
#### What this PR does / why we need it:
This PR bumps Halo version to 2.20.11-SNAPSHOT for next iteration.
#### Does this PR introduce a user-facing change?
```release-note
None
```
Zhe Xue