#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
修复竖向图片生成缩略图后会丢失方向信息展示为横向图片的问题
#### Which issue(s) this PR fixes:
Fixes#6802
#### Does this PR introduce a user-facing change?
```release-note
修复竖向图片生成缩略图后会丢失方向信息展示为横向图片的问题
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR adds [a Gradle plugin ](https://github.com/ben-manes/gradle-versions-plugin)to discover dependency updates.
```bash
❯ ./gradlew dependencyUpdates -Drevision=release
> Task :api:dependencyUpdates
------------------------------------------------------------
:api Project Dependency Updates (report to plain text file)
------------------------------------------------------------
The following dependencies are using the latest release version:
- com.github.ben-manes.caffeine:caffeine:3.1.8
- com.github.java-json-tools:json-patch:1.13
- com.j256.two-factor-auth:two-factor-auth:1.3
- io.asyncer:r2dbc-mysql:1.3.0
- io.github.java-diff-utils:java-diff-utils:4.12
- io.github.resilience4j:resilience4j-reactor:2.2.0
- io.github.resilience4j:resilience4j-spring-boot3:2.2.0
- io.projectreactor:reactor-test:3.7.0-M6
- io.r2dbc:r2dbc-h2:1.0.0.RELEASE
- io.seruco.encoding:base62:0.1.3
- org.apache.commons:commons-lang3:3.17.0
- org.imgscalr:imgscalr-lib:4.2
- org.jacoco:org.jacoco.agent:0.8.12
- org.jacoco:org.jacoco.ant:0.8.12
- org.mariadb:r2dbc-mariadb:1.2.2
- org.openapi4j:openapi-schema-validator:1.0.7
- org.pf4j:pf4j:3.12.0
- org.postgresql:postgresql:42.7.4
- org.postgresql:r2dbc-postgresql:1.0.5.RELEASE
- org.projectlombok:lombok:1.18.30
- org.springdoc:springdoc-openapi-starter-webflux-ui:2.6.0
- org.springframework.boot:spring-boot-starter-actuator:3.4.0-M3
- org.springframework.boot:spring-boot-starter-cache:3.4.0-M3
- org.springframework.boot:spring-boot-starter-data-jpa:3.4.0-M3
- org.springframework.boot:spring-boot-starter-data-r2dbc:3.4.0-M3
- org.springframework.boot:spring-boot-starter-mail:3.4.0-M3
- org.springframework.boot:spring-boot-starter-security:3.4.0-M3
- org.springframework.boot:spring-boot-starter-test:3.4.0-M3
- org.springframework.boot:spring-boot-starter-thymeleaf:3.4.0-M3
- org.springframework.boot:spring-boot-starter-validation:3.4.0-M3
- org.springframework.boot:spring-boot-starter-webflux:3.4.0-M3
- org.springframework.integration:spring-integration-core:6.4.0-M3
- org.springframework.security:spring-security-oauth2-client:6.4.0-M4
- org.springframework.security:spring-security-oauth2-jose:6.4.0-M4
- org.springframework.security:spring-security-oauth2-resource-server:6.4.0-M4
- org.springframework.security:spring-security-test:6.4.0-M4
- org.springframework.session:spring-session-core:3.4.0-M2
- org.thymeleaf.extras:thymeleaf-extras-springsecurity6:3.1.2.RELEASE
The following dependencies have later release versions:
- com.google.guava:guava [32.0.1-jre -> 33.3.1-jre]
https://github.com/google/guava
- net.bytebuddy:byte-buddy [1.15.1 -> 1.15.3]
https://bytebuddy.net
- org.apache.lucene:lucene-analysis-common [9.11.1 -> 9.12.0]
https://lucene.apache.org/
- org.apache.lucene:lucene-backward-codecs [9.11.1 -> 9.12.0]
https://lucene.apache.org/
- org.apache.lucene:lucene-core [9.11.1 -> 9.12.0]
https://lucene.apache.org/
- org.apache.lucene:lucene-highlighter [9.11.1 -> 9.12.0]
https://lucene.apache.org/
- org.apache.lucene:lucene-queryparser [9.11.1 -> 9.12.0]
https://lucene.apache.org/
- org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
https://tika.apache.org/
- org.jsoup:jsoup [1.15.3 -> 1.18.1]
https://jsoup.org/
Gradle release-candidate updates:
- Gradle: [8.10.2: UP-TO-DATE]
Generated report file build/dependencyUpdates/report.txt
> Task :application:dependencyUpdates
------------------------------------------------------------
:application Project Dependency Updates (report to plain text file)
------------------------------------------------------------
The following dependencies are using the latest release version:
- com.puppycrawl.tools:checkstyle:9.3
- io.projectreactor:reactor-test:3.7.0-M6
- org.jacoco:org.jacoco.agent:0.8.12
- org.jacoco:org.jacoco.ant:0.8.12
- org.springframework:spring-context-indexer:6.2.0-RC1
- org.springframework.boot:spring-boot-configuration-processor:3.4.0-M3
- org.springframework.boot:spring-boot-starter-test:3.4.0-M3
- org.springframework.security:spring-security-test:6.4.0-M4
- org.webjars.npm:jsencrypt:3.3.2
- org.webjars.npm:normalize.css:8.0.1
The following dependencies have later release versions:
- org.projectlombok:lombok [1.18.30 -> 1.18.34]
https://projectlombok.org
Gradle release-candidate updates:
- Gradle: [8.10.2: UP-TO-DATE]
Generated report file build/dependencyUpdates/report.txt
Deprecated Gradle features were used in this build, making it incompatible with Gradle 9.0.
You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.
For more on this, please refer to https://docs.gradle.org/8.10.2/userguide/command_line_interface.html#sec:command_line_warnings in the Gradle documentation.
BUILD SUCCESSFUL in 1s
9 actionable tasks: 2 executed, 7 up-to-date
```
#### Does this PR introduce a user-facing change?
<!--
如果当前 Pull Request 的修改不会造成用户侧的任何变更,在 `release-note` 代码块儿中填写 `NONE`。
否则请填写用户侧能够理解的 Release Note。如果当前 Pull Request 包含破坏性更新(Break Change),
Release Note 需要以 `action required` 开头。
If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
-->
```release-note
None
```
* feat: invalidate all sessions of a user after password changed
* fix: unit test case
* refactor: use spring session 3.3 to adapt
* refactor: compatible with session timeout configuration
* refactor: indexed session repository
* Reload page after changed the password
Signed-off-by: Ryan Wang <i@ryanc.cc>
* chore: update session repository
---------
Signed-off-by: Ryan Wang <i@ryanc.cc>
Co-authored-by: Ryan Wang <i@ryanc.cc>
#### What type of PR is this?
/kind cleanup
/area core
#### What this PR does / why we need it:
This PR collects all Gradle plugin versions into root build.gradle for easy management.
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind chore
/area core
#### What this PR does / why we need it:
I get the following errors when I develop Halo in JDK 21:
```bash
FAILURE: Build failed with an exception.
* What went wrong:
Could not determine the dependencies of task ':application:bootRun'.
> Could not resolve all dependencies for configuration ':application:runtimeClasspath'.
> Failed to calculate the value of task ':application:compileJava' property 'javaCompiler'.
> No matching toolchains found for requested specification: {languageVersion=17, vendor=any, implementation=vendor-specific} for MAC_OS on aarch64.
> No locally installed toolchains match and toolchain download repositories have not been configured.
```
This PR removes the Java toolchain configuration and adds source and target compatibility to Java 17, allowing developers to develop Halo in Java 17 or higher versions.
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.11.x
#### What this PR does / why we need it:
This PR upgrades to SpringDoc 2.2.1-SNAPSHOT to resolve the problem of Swagger API doc display errors.
#### Does this PR introduce a user-facing change?
```release-note
升级 SpringDoc 至 2.2.1-SNAPSHOT 以解决部分 API 文档无法正常使用的问题
```
#### What type of PR is this?
/kind bug
/area core
#### What this PR does / why we need it:
Currently, some Windows developers using GBK as character encoding are unable to build project, please see https://github.com/halo-dev/halo/issues/4771 for more.
Because the source code are using UTF-8 character encoding, the `javadoc`, `compileJava`, `compileTestJava` and `delombok` tasks will use the default character encoding GBK to handle the sources, which prevents the `:api:javadoc` task from running properly.
At the same time, we thank to @DaiYuANg for his first proposed solution in https://github.com/halo-dev/halo/pull/4517.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/4771
#### Special notes for your reviewer:
Validate the result by executing command `./gradlew clean build -x check` on Windows environment.
#### Does this PR introduce a user-facing change?
```release-note
修复在部分 Windows 开发者无法正常构建 Halo 的问题
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.9.x
#### What this PR does / why we need it:
- Removes dependency `cn.shenyanchao.ik-analyzer:ik-analyzer:9.0.0` due to no significant effect for searching result.
- Customize our own analyzer with StandardTokenizer, HTMLStripCharFilter and LowerCaseFilterFactory.
Please be aware of that the default field to search has become to `content` instead of `title` + `excerpt` + `content`. If someone wants to search title only, use `title: halo` as query string. For more details, please refer to <https://lucene.apache.org/core/9_5_0/queryparser/org/apache/lucene/queryparser/flexible/standard/StandardQueryParser.html>.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/4455
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
优化本地搜索引擎
```
#### What type of PR is this?
/kind feature
/area core
#### What this PR does / why we need it:
This PR adds dependency [spring-boot-starter-cache](https://docs.spring.io/spring-boot/docs/current/reference/html/io.html#io.caching) as cache framework and [caffeine](https://github.com/ben-manes/caffeine/wiki) as cache implementation to cache template rendering result.
By default, we disable the cache feature. If you want to enable it, please try to configure properties like this:
```yaml
halo:
cache:
disabled: false
```
#### Which issue(s) this PR fixes:
Fixes#2827
#### Special notes for your reviewer:
1. Start Halo
2. Browse any page twice
3. See the difference in request times
#### Does this PR introduce a user-facing change?
```release-note
支持模板渲染结果缓存
```
#### What type of PR is this?
/kind feature
/area core
#### What this PR does / why we need it:
This PR introduces https://github.com/resilience4j/resilience4j to archive the feature. The login endpoint has limited login failures at a rate of 3 per minute.
See https://github.com/halo-dev/halo/issues/4044 for more.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/4044
#### Special notes for your reviewer:
1. Start Halo.
2. Try to login with incorrect credential 4 times
3. Check the response.
#### Does this PR introduce a user-facing change?
```release-note
增加登录失败次数限制功能
```
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
Replace R2DBC MySQL driver to io.asyncer:r2dbc-mysql. See https://github.com/halo-dev/halo/issues/3804 for more.
Please note that there will be an error like below when starting up Halo on MacOS:
```java
2023-05-09T14:24:45.161+08:00 ERROR 4668 --- [ restartedMain] i.n.r.d.DnsServerAddressStreamProviders : Unable to load io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider, fallback to system defaults. This may result in incorrect DNS resolutions on MacOS. Check whether you have a dependency on 'io.netty:netty-resolver-dns-native-macos'. Use DEBUG level to see the full stack: java.lang.UnsatisfiedLinkError: failed to load the required native library
```
After manual test, I haven't found any problems caused by the error. And this only occurs on MacOS when developing.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/3804
#### Special notes for your reviewer:
Steps to test:
1. Start up a MySQL server, e.g.:
```bash
docker run -it --rm --name halodb -p 3306:3306 -e MYSQL_ROOT_PASSWORD=openmysql -e MYSQL_DATABASE=halo mysql:8
```
3. Start Halo with mysql profile active
```bash
make -C console dev
./gradlew bootRun --args="--spring.profiles.active=dev,mysql --halo.plugin.runtime-mode=deployment"
```
5. Check the functionality of Halo
#### Does this PR introduce a user-facing change?
```release-note
替换 R2DBC MySQL 驱动为:io.asyncer:r2dbc-mysql
```
#### What type of PR is this?
/kind feature
/area core
#### What this PR does / why we need it:
Use Gradle plugin `maven-publish` to publish Halo modules(`platform.application`, `platform.plugin` and `api`) to Maven central repository.
```bash
# Try to publish to Maven local repository.
./gradlew publish
# Really publish to Maven central repository.
./gradlew -Prelease publish -PossrhUsername=username -PossrhPassword=password
```
Note that currently we only support manually publishing.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2730
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind cleanup
/area core
#### What this PR does / why we need it:
This PR totally refactor project structure for a better plugin development. Now we can maintain and publish api and platform modules at Halo application side, which will be references by plugins.
Currently, we can execute command `./gradlew clean publish` to publish api and platform modules into **local** Maven repository, so that we can refer these dependencies (`run.halo.tools.platform:plugin:2.4.0-SNAPSHOT` and `run.halo.app:api:2.4.0-SNAPSHOT`) in plugin projects.
I will make another pull request to publish api library and platforms into Maven central repository.
**Modules explanation**:
- API module contains common classes which might be used by plugins.
- Plugin Platform module contains dependency declarations of other plugin API modules.
- Application Platform module contains dependency declarations application module might uses.
If we want to build application only(exclude check and jar), we have to execute the command below:
```bash
./gradlew clean :application:build -x :application:check -x :application:jar
```
The executable Jar will be generated at folder `application/build/libs/`.
If we want to build a Docker image, we could execute the command below:
```bash
docker build -t johnniang/halo:project-structure .
# Test the Docker image
docker run -it --rm -p8090:8090 johnniang/halo:project-structure
```
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2730
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
```release-note
重构项目结构
```
guqing