Halo

功能优化

• 提升登录设备管理中 UA 信息解析的准确性 by @JohnNiang in https://github.com/halo-dev/halo/pull/9921

问题修复

• 解决“保持登录会话”功能在特定情况下可能失效的问题 by @JohnNiang in https://github.com/halo-dev/halo/pull/9928
• 修复通过 URL 下载大文件（如插件安装包）时因响应体大小限制导致下载失败的问题 by @JohnNiang in https://github.com/halo-dev/halo/pull/9931
• 修复通过 PostFinder#random 随机获取文章时可能返回少于请求的文章的问题 by @JohnNiang in https://github.com/halo-dev/halo/pull/9932

Full Changelog: https://github.com/halo-dev/halo/compare/v2.24.1...v2.24.2

安全性修复

• 加强了个人中心通过 URL 上传附件时的目标地址校验，降低服务端请求被滥用的风险

问题修复

• 修复登录时勾选记住我后撤销设备后不起作用的问题 by @JohnNiang in https://github.com/halo-dev/halo/pull/9899
• 修复 2.24.0 自动为主题资源加版本参数功能在部分边缘场景下路径拼接错误的问题 by @ruibaby in https://github.com/halo-dev/halo/pull/9897

开发者相关

• 为 PostFinder 添加 random 方法以支持随机获取文章 by @JohnNiang in https://github.com/halo-dev/halo/pull/9918

致谢

感谢 JD-Security SHENYI Team 报告的安全漏洞。

Full Changelog: https://github.com/halo-dev/halo/compare/v2.24.0...v2.24.1

新特性

• 完善插件详情页面的管理功能 by @ruibaby in https://github.com/halo-dev/halo/pull/9867
• 支持在 Console 插件管理中重载插件 by @ruibaby in https://github.com/halo-dev/halo/pull/9865
• 创建个人令牌时支持直接选择当前拥有的角色 by @ruibaby in https://github.com/halo-dev/halo/pull/9842
• 支持菜单克隆 by @W33KT in https://github.com/halo-dev/halo/pull/8417

功能优化

• 禁用/重新配置两步验证时要求验证，以增强安全性 by @Copilot in https://github.com/halo-dev/halo/pull/9857
• 支持登录失败后回显用户名 by @JohnNiang in https://github.com/halo-dev/halo/pull/9893
• 扩充上传头像的文件类型限制 by @LIlGG in https://github.com/halo-dev/halo/pull/9892
• 支持一个用户绑定多个社交账号（同一提供商） by @JohnNiang in https://github.com/halo-dev/halo/pull/9859
• 为主题设置与插件设置增加了未保存内容的提示信息 by @LIlGG in https://github.com/halo-dev/halo/pull/9800

问题修复

• 修复主题更新后新增的配置默认值可能不生效的问题 by @JohnNiang in https://github.com/halo-dev/halo/pull/9894
• 修复 Console 输入框聚焦时出现黑色线条的问题 by @ruibaby in https://github.com/halo-dev/halo/pull/9891
• 修复当外部访问地址尾部带 / 时，生成的附件绝对路径不正确的问题 by @ruibaby in https://github.com/halo-dev/halo/pull/9885
• 修复创建文章时无法设置作者的问题 by @ruibaby in https://github.com/halo-dev/halo/pull/9862
• 修复编辑器图片、视频、音频类型的对齐图标显示不正确的问题 by @ruibaby in https://github.com/halo-dev/halo/pull/9852
• 修复生成个人令牌时主题管理权限缺失主题升级权限的问题 by @Copilot in https://github.com/halo-dev/halo/pull/9887
• 修复附件插件未实现缩略图生成功能时出现大量警告日志的问题 by @JohnNiang in https://github.com/halo-dev/halo/pull/9878
• 修复部分包含 Finder API 的插件可能在升级后无法正常启动的问题 by @Copilot in https://github.com/halo-dev/halo/pull/9853

开发者相关

• 提供 JWT 认证支持 by @JohnNiang in https://github.com/halo-dev/halo/pull/9799
• 为分类和作者归档页面提供 name 变量 by @Copilot in https://github.com/halo-dev/halo/pull/9850
• 支持自动为主题静态资源添加版本参数 by @Copilot in https://github.com/halo-dev/halo/pull/9854
• 修复主题通过 categoryFinder.getByNames 和 tagFinder.getByNames 获取的结果顺序不对的问题 by @Copilot in https://github.com/halo-dev/halo/pull/9882

依赖更新

• 升级 Spring Boot 至 4.0.5 by @JohnNiang in https://github.com/halo-dev/halo/pull/9840

Full Changelog: https://github.com/halo-dev/halo/compare/v2.23.2...v2.24.0

问题修复

• 修复编辑器图片、视频、音频类型的对齐图标显示不正确的问题 by @ruibaby in https://github.com/halo-dev/halo/pull/9852
• 修复创建文章时无法设置作者的问题 by @ruibaby in https://github.com/halo-dev/halo/pull/9862
• 修复部分包含 Finder API 的插件可能在升级后无法正常启动的问题 by @ruibaby in https://github.com/halo-dev/halo/pull/9853
• 修复附件插件未实现缩略图生成功能时出现大量警告日志的问题 by @JohnNiang in https://github.com/halo-dev/halo/pull/9878

Full Changelog: https://github.com/halo-dev/halo/compare/v2.23.2...v2.23.3

问题修复

• 解决当富文本编辑器中嵌套其他编辑器时所导致的异常滚动问题 by @LIlGG in https://github.com/halo-dev/halo/pull/8436
• 解决 FormKit Array 渲染图片时可能出现的报错问题 by @LIlGG in https://github.com/halo-dev/halo/pull/8495
• 修复 FormKit Iconify 自定义图片时，表单可能出现自动关闭的问题 by @ruibaby in https://github.com/halo-dev/halo/pull/8497

依赖更新

• 升级 Spring Boot 至 4.0.4 by @JohnNiang in https://github.com/halo-dev/halo/pull/8434

开发者相关

• 修复标签归档页面缺少 _templateId 变量的问题 by @Copilot in https://github.com/halo-dev/halo/pull/8485

Full Changelog: https://github.com/halo-dev/halo/compare/v2.23.1...v2.23.2