#### What type of PR is this?
/kind cleanup
/area core
#### What this PR does / why we need it:
Bump version to 2.2.0-SNAPSHOT for next iteration.
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
#### What this PR does / why we need it:
将 theme-earth 默认主题升级到 1.1.1
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind feature
/area core
/milestone 2.1.x
#### What this PR does / why we need it:
新增操作 annotations 的表达式对象
在 thymeleaf 模板中使用示例:
<p th:text="${#annotations.get(user, 'background')}"></p>
<p th:text="${#annotations.getOrDefault(user, 'background', 'default-value')}"></p>
<p th:text="${#annotations.contains(user, 'background')}"></p>
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
新增 Annotations 表达式对象用于在 thymeleaf 中操作自定义模型的 annotations
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.1.x
#### What this PR does / why we need it:
Add cache control and last modified headers for responses of static resources.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2966
#### Special notes for your reviewer:
We can check the response header of statis resources to know if the cache control is working correctly.
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
主题卸载时等待删除关联资源后再清除 Finalizer
see #2967 for more detail.
#### Which issue(s) this PR fixes:
how to test it?
- 在主题中多添加一个 AnnotationSetting 资源 yaml,测试主题删除是否正常。
- 对包 `org.springframework.retry` 开启 debug 日志后能在删除主题时看到类似如下日志:
16:33:02.822 [Test worker] DEBUG org.springframework.retry.support.RetryTemplate - Retry: count=0
16:33:03.128 [Test worker] DEBUG org.springframework.retry.support.RetryTemplate - Checking for rethrow: count=1
#### Special notes for your reviewer:
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
主题卸载时等待删除关联资源后再清除 Finalizer
#### What type of PR is this?
/kind feature
#### What this PR does / why we need it:
为 MenuItem 模型添加 a 标签的 target 属性设置。
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/3063
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.1.x
#### What this PR does / why we need it:
迁移后文章过多,当文章的 Reconciler 还没有执行完时访问 Console 端文章列表会因为 post.status 为 Null 出现 NPE 问题
使用文章的 status 时需要对其进行判空
/cherry-pick release-2.0
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind feature
/kind api-change
/area core
/milestone 2.1.x
#### What this PR does / why we need it:
- Configuring message source location and name enables i18n message resolution.
- Simple global error handler.
- Refactor some exceptions with `ResponseStatusException` to control what HTTP status and problem detail need to be returned.
- [x] Add more UTs.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/3020
#### Special notes for your reviewer:
Steps to test:
1. Try to refine `src/main/resources/config/i18n/messages_zh.properties` and switch Browser language with Chinese.
2. Delibrately make a mistake as you wish and see the error tips in console.
3. Try to access one page which doesn't exist and see the rendered result.
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind feature
/milestone 2.1.x
/area core
#### What this PR does / why we need it:
新增 AnnotationSetting 自定义模型以扩展自定义元数据设置表单
主题安装/更新/重载时都会重新加载与 theme.yaml 同层级的其他 yaml,但只会保存 kind 为 Setting 和 AnnotationSetting的,主题卸载时会删除这些 yaml 资源
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
how to test it?
- 修改影响到了主题安装、更新、重载和删除,需要检查这些功能是否正确加载了 Setting 和 AnnotationSetting
- 插件启动时初始化的 AnnotationSetting 在插件停止时会被删除
- 主题添加了 annotation setting 资源,使用非超级管理员也可以获取
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
新增 AnnotationSetting 以扩展自定义元数据设置表单
#### What type of PR is this?
/kind bug
/area core
/milestone 2.1.x
#### What this PR does / why we need it:
- Add missing resources `"policies", "policytemplates", "groups"` in policy rules in attachment role templates.
- Correct `nonResourceURLs` and `verbs`
See https://github.com/halo-dev/halo/issues/3007 for more.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/3007
#### Special notes for your reviewer:
Steps to test:
1. Start Halo and login with `admin`
2. Create a Role with `Attachment Manage` permission only
3. Create an user and assign the role to the user
4. Set password for the user
5. Log out current user and log in as the user created just now
6. Try to do various operations in attachment tab
- Create and list policy
- Create and list group
- Upload and list attachments
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
#### What this PR does / why we need it:
#### Special notes for your reviewer:
- [x] 支持首次启动执行SQL脚本创建表
#### Does this PR introduce a user-facing change?
如果当前 Pull Request 的修改不会造成用户侧的任何变更,在 `release-note` 代码块儿中填写 `NONE`。
否则请填写用户侧能够理解的 Release Note。如果当前 Pull Request 包含破坏性更新(Break Change),
Release Note 需要以 `action required` 开头。
If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
支持 MariaDB 数据库连接
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
Upgrade to spring boot 3.0.1
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
What type of PR is this?
/kind feature
/kind api-change
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2960
Special notes for your reviewer:
Does this PR introduce a user-facing change?
CategoryFinder 添加根据分类查询子分类树结构的方法
#### What type of PR is this?
/kind bug
/area core
#### What this PR does / why we need it:
修复自定义页面 Finder 中 getByName 方法没有返回访问量的问题
此问题为重构 #2918 时引入。
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind bug
#### What this PR does / why we need it:
To fix that default earth theme file not found in system initialization.
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind feature
/kind api-change
/area core
#### What this PR does / why we need it:
为主题和插件提供重置设置项 API
此 PR 会重新读取配置对应的 Setting 资源,从其中读取默认值后更新到现有的 ConfigMap 中替换其 data
see #2789 for more details
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
how to test it?
1. 在主题设置或插件设置配置一些设置项后保存
2. 执行重置配置
3. 配置恢复为了 Setting 中指定的默认值
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
为主题和插件提供重置设置项 API
#### What type of PR is this?
/kind improvement
#### What this PR does / why we need it:
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
#### What this PR does / why we need it:
/kind api-change
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
This PR separates security configuration of RESTful APIs and portal pages to configure specific headers for portal pages, such as `Referrer-Policy` and `X-Frame-Options`.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2900
#### Special notes for your reviewer:
You can see the response headers of index page:
HTTP/1.1 200 OK
Content-Type: text/html
Content-Language: en-US
+ X-Content-Type-Options: nosniff
+ X-Frame-Options: SAMEORIGIN
+ X-XSS-Protection: 0
+ Referrer-Policy: strict-origin-when-cross-origin
content-encoding: gzip
content-length: 4285
and request headers with `Referer`:
GET / HTTP/1.1
Host: localhost:8090
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
+ Referer: http://localhost:8090/archives/12341234
Connection: keep-alive
Cookie: _ga_Z907HJBP8W=GS1.1.1670164888.1.1.1670165603.0.0.0; _ga=GA1.1.807839437.1670164889; SESSION=539e060e-c11e-4b6d-a749-882905b30a88; XSRF-TOKEN=4b692b55-638c-4497-8a4b-be00986eda90
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
#### Does this PR introduce a user-facing change?
解决访问分析工具无法显示 referer 的问题
Add one of the following kinds:
PR 合并时自动关闭 issue。
如果当前 Pull Request 的修改不会造成用户侧的任何变更,在 `release-note` 代码块儿中填写 `NONE`。
#### What type of PR is this?
/kind bug
PR 合并时自动关闭 issue。
如果当前 Pull Request 的修改不会造成用户侧的任何变更,在 `release-note` 代码块儿中填写 `NONE`。
#### What type of PR is this?
/kind feature
/area core
#### What this PR does / why we need it:
异常模板必须放在主题目录的 `templates/error` 目录下:
- 支持按照 response status 名称模板页面,例如 404.html ,当发生 404 错误时会使用 404.html
- 支持 4xx.html、5xx.html,例如当发生 403 错误时,如果存在 403.html 则使用此页面,否则使用 4xx.html
error 模板中具有 model 示例:
"error": {
"type": "about:blank",
"title": "Not Found",
"status": 404,
"detail": "Extension run.halo.app.core.extension.Plugin with name amet ut magn not found",
"instance": "/apis/plugin.halo.run/v1alpha1/plugins/amet%20ut%20magn"
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
HaloPluginManager 移除 getRootApplicationContext 方法
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
HaloPluginManager 移除 getRootApplicationContext 方法
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
Now, we can pass command-line arguments while using Docker. Please refer to <https://github.com/halo-dev/halo/issues/2902>.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2902
#### Special notes for your reviewer:
Steps to test:
1. Run Halo with command-line arguments:
docker run --rm -it -p6666:6666 johnniang/halo:support-command-line-args --server.port=6666
1. Request <http://localhost:6666>
curl -v http://localhost:6666
#### Does this PR introduce a user-facing change?
支持命令行参数启动 Halo
#### What type of PR is this?
/kind feature
/area core
#### What this PR does / why we need it:
see #2837 for more detail
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.1.x
#### What this PR does / why we need it:
Force to add environment variables `HALO_WORK_DIR` and `SPRING_CONFIG_LOCATION` into Dockerfile. After that, we can configure `application.yaml` in working directory as we want.
Please note that we can not configure Halo working directory in `/root/.halo2/application.yaml` directly. Use environment variable `HALO_WORK_DIR` instead.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2812
#### Special notes for your reviewer:
Steps to test:
1. Prepare custom configuration
mkdir -p halo2
cat <<EOF > halo2/application.yaml
port: 12345
2. Start up Halo using Docker
docker run -it --rm -p12345:12345 -v `pwd`/halo2:/root/.halo2 johnniang/halo:configure-halo-in-work-dir
3. Request http://localhost:12345
curl -v localhost:12345
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind bug
/area core
#### What this PR does / why we need it:
修复插件 logo 为相对路径时先启用再停后就无法加载 logo 的问题
原因是 reverse proxy reconciler 资源被删除要取消注册路由时没有确切指定名称,logo 这样的 ReverseProxy 是插件安装时初始化的这条初始化的规则要跟随插件的生命周期,只有插件卸载时才会被删除,而在此之前插件被停止时就被误取消注册了
see #2937 for more detail
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
修复插件 logo 为相对路径时先启用再停后就无法加载 logo 的问题
#### What type of PR is this?
/kind bug
/area core
#### What this PR does / why we need it:
修复插件开发模式下后续增加的 fixedPluginPath 项无法被加载的问题
- 目前启动时会加载 pluginRepository 的所有 path,fixedPluginPath 被 DefaultDevelopmentPluginRepository 管理,所以在遍历 fixedPluginPath 加载时可能已经被加载过,需要判断是否被加载过,但即使被加载过也不能跳过而要继续执行创建/更新 plugin.yaml 资源的逻辑
- 创建/更新 plugin.yaml 时需要使用重试机制防止因为乐观锁冲突导致 Halo 无法启动
see #2939 for more detail
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
修复插件开发模式下后续增加的 fixedPluginPath 项无法被加载的问题
#### What type of PR is this?
/kind improvement
#### What this PR does / why we need it:
将 http 请求体的最大字节数改为 10m。
Ref https://github.com/halo-dev/halo/issues/2861#issuecomment-1339526589
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2861
#### Special notes for your reviewer:
1. 在 Console 端新建文章,保存大量文本内容(最快方式是截图或者复制图片到编辑器,这时候因为会转为 base64,所以内容会很大)
2. 保存文章,检查是否成功。
#### Does this PR introduce a user-facing change?
修改 HTTP 请求体最大字节数的限制,修复保存大内容文章异常的问题。
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
1. 去掉了访问量总数存储在 Meter Counter 中的逻辑,因为迁移时是直接像 Counter 自定义模型创建数据,而文章被访问时是存储在 Meter Counter 后定时同步到数据库,这就存在双向同步问题且都有新数据无法知道该如何合并数据。
2. 目前访问时会发送一个事件,当得到事件后会缓存在队列中,每隔一分钟将增量更新到数据库中
3. 评论统计也去掉了 Meter Counter 改为事件队列处理
4. 如果后续要暴露 Metrics 应该使用 Gauge 监控 Counter 自定义模型
5. Counter 自定义模型的查询优化后续可以使用 Indexer 或者加缓存来实现而非将 Meter Counter 当作缓存
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
1. 测试迁移导入看文章访问量是否正确
2. 创建评论及回复观察未读回复数量、评论回复数、最新回复时间是否正确
3. 多创建一些回复然后删除评论,看是否正确删除
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind bug
/area core
#### What this PR does / why we need it:
Shutdown AsyncLogWriter on VM exit.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2901
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind bug
/area core
#### What this PR does / why we need it:
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
how to test it?
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
#### Which issue(s) this PR fixes:
A part of #2901
#### Special notes for your reviewer:
how to test it?
1. 配置 `halo.plugin.fixed-plugin-path` 为一些不合法的插件项目路径不影响 Halo 正常启动,且有错误提示
2. 配置合法路径,插件能正确启动
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind documentation
#### What this PR does / why we need it:
更新 Readme 中快速开始的命令,提供初始管理员账号和外部访问链接的环境变量设置。
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
Bump halo version to 2.1.0-SNAPSHOT for next release.
#### Which issue(s) this PR fixes:
#### What type of PR is this?
/kind bug
/area core
#### What this PR does / why we need it:
Add forgotten label `rbac.authorization.halo.run/system-reserved` for system-reserved roles. See the screenshot below:

#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/2844
#### Special notes for your reviewer:
For @halo-dev/sig-halo-console : We have to determine whether the role is system-reserved by checking if label `rbac.authorization.halo.run/system-reserved` is equal to `true`.
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind bugfix
/area core
#### What this PR does / why we need it:
文章列表查询将 collectList 错写为 collectSortedList 导致此 `Contributor cannot be cast to class java.lang.Comparable`,
collectSortedList 会使用 `Arrays.sort(a, (Comparator) c)`,这需要目标类实现 Comparable 才行,而此处并不需要自然排序。
#### Which issue(s) this PR fixes:
#### Special notes for your reviewer:
此 bug 的复现方式为:
编辑一篇文章保存后,在使用另一个用户账户编辑此文章并发布就会出现,而使用此 PR 后问题消失,此问题只对 Contributor 这个类型有效它不是自定义模型类,而 Tag 和 Category 都是自定义模型 继承了 AbstractExtension 而它 实现了 Comparable 接口。
/cc @halo-dev/sig-halo
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind improvement
/area core
#### What this PR does / why we need it:
Bump Halo version in gradle.properties for next release.
#### Does this PR introduce a user-facing change?
#### What type of PR is this?
/kind documentation
#### What this PR does / why we need it:
鉴于目前已不在 Release 中提供 Jar 包下载,Releases 下载数量的展示已经没有太大意思,所以去掉了 README 中的 Releases 下载数量徽章。
#### Does this PR introduce a user-facing change?