Release v2.11.0

This release introduces a range of improvements across the development environment, CI/CD pipelines, and dependency management for both backend and frontend. Key enhancements include optimized Docker and npm mirror usage for faster builds in China, improved caching and artifact handling in GitLab CI, and updates to frontend dependencies for better compatibility and performance.

Development Environment and Build Optimization

• Switched base Docker image and apt sources to China-based mirrors in .devcontainer/Dockerfile for faster image builds; also simplified npm mirror config. [1] [2]

CI/CD Pipeline Improvements

• Updated GitLab CI to improve caching: now caches both Maven and pnpm dependencies, ensures cache is pulled and pushed, and includes frontend/node_modules for faster builds. [1] [2] [3]
• Enhanced artifact and release handling: build artifacts (like JARs) are now uploaded using job tokens, and release jobs link to built packages for easier access. [1] [2]
• Improved Docker build caching by using S3-compatible cache storage for multi-arch builds, reducing build times.
• Ensured CI triggers on changes to .gitlab-ci.yml itself for better pipeline reliability.
• Fixed a typo in Maven build options (sktip → skip). [1] [2]
• Updated Docker login in GitHub Actions to support custom registry tokens.

Frontend Dependency Updates

• Upgraded key frontend dependencies: valibot to 1.2.0, vite to 6.4.1, and corresponding lockfile updates, improving compatibility and performance. [1] [2] [3] [4] [5]
• Updated several @rollup and @tailwindcss/oxide platform-specific packages to newer versions, with expanded platform and libc support in the lockfile. [1] [2]
• Added new dependencies and type definitions, including fdir@6.5.0 and @types/estree@1.0.8, for improved tooling and type safety. [1] [2]

Release v2.10.0

This pull request introduces a comprehensive DevContainer setup for the CertVault project, enabling a fully reproducible development environment with Java, Node.js, PostgreSQL, and Redis, along with automated configuration scripts and documentation. In addition, it updates the CI workflow to use newer GitHub Actions versions, enhances Docker build and signing processes, and improves artifact handling.

The most important changes are:

DevContainer Environment Setup:

• Added a complete DevContainer configuration, including a Dockerfile that installs Java 17, Maven, Node.js 22, pnpm, and PostgreSQL client, and configures npm/pnpm mirrors for faster dependency installation. (.devcontainer/Dockerfile)
• Introduced devcontainer.json with VS Code extension recommendations, port forwarding, persistent volume mounts, environment variables, and post-create/start hooks. (.devcontainer/devcontainer.json)
• Added supporting files for Maven (settings.xml), npm/pnpm mirror configs (.npmrc, .pnpmrc), and database initialization (init-db.sql). [1] [2] [3] [4]
• Provided setup scripts to automate dependency installation and environment readiness checks after container creation and start. (post-create.sh, post-start.sh) [1] [2]
• Added documentation describing the DevContainer environment, usage instructions, and troubleshooting. (README.md)
• Added a Docker Compose file to orchestrate the workspace, PostgreSQL, and Redis services with appropriate volumes and environment variables. (docker-compose.yml)

CI/CD Workflow Improvements:

• Upgraded GitHub Actions to the latest major versions for improved security and reliability, including actions/checkout@v5, actions/setup-java@v5, actions/setup-node@v6, and artifact actions. (backend-ci.yaml) [1] [2] [3] [4] [5] [6]
• Enhanced Docker build pipeline: added QEMU and BuildX setup for multi-architecture builds, and integrated Cosign for image signing (both with a private key and with GitHub OIDC). (backend-ci.yaml) [1] [2]
• Improved artifact handling and publishing, including copying and updating Helm chart documentation. (backend-ci.yaml)

Configuration and Documentation:

• Added a detailed DevContainer README to guide developers on environment usage, customization, and troubleshooting. (README.md)
• Provided sample npm and pnpm mirror configuration files for fast and reliable package installation in China. (.npmrc, .pnpmrc) [1] [2]

These changes together enable a fast, reliable, and portable local development experience and bring the CI/CD pipeline up to date with best practices.

Release v2.4.0

Release Description

Title: CI/CD Enhancements and Database Support for CertVault

Description:

This release introduces several updates to enhance the CertVault project, focusing on CI/CD workflows, database support, and API documentation. Below are the highlights:

---

1. CI/CD Workflow Enhancements

• OpenAPI Documentation:
• Added steps to generate OpenAPI documentation during the CI build process.
• Uploaded the OpenAPI YAML file as an artifact.
• Implemented a new job to publish API documentation to a separate repository (CertVaultAPIDoc).
• Redis Integration:
• Added Redis service configuration to backend-ci.yaml for testing in the CI environment.
• Application Configuration for CI:
• Created a new application-ci.yaml file with specific configurations for the CI environment, including database, security, logging, and superadmin initialization.

---

2. Database Support

• H2 Database Integration:
• Added support for the H2 database.
• Created an schema-h2.sql file defining tables for CA, certificates, roles, users, and login records.
• Updated configurations to extend PostgreSQL driver checks to include the H2 driver.
• Ensured column and table name formatting is compatible with both databases.

---

3. API and Documentation Updates

• Swagger UI Enhancements:
• Added the CertVault logo to the Swagger UI for branding.
• Updated API documentation configuration to improve clarity and remove unnecessary imports.

---

4. Version Updates

• Incremented the server version across the following updates:
• 2.3.0 → 2.3.1: Adjusted dependencies and added H2 database dependency.
• 2.3.1 → 2.3.2: Included CI-related configurations and Redis service.
• 2.3.2 → 2.3.3: Finalized incremental changes.

---

Commits:

1. Generate and publish OpenAPI documentation
2. Update server version to 2.3.1
3. Add H2 database schema
4. Add application-ci.yaml for CI environment
5. Add H2 database support
6. Enhance Swagger UI with CertVault logo
7. Update server version to 2.3.2
8. Add Redis service to GitHub Actions
9. Update server version to 2.3.3

Please note that the results may be incomplete. You can view additional commits for further details.

Release v2.3.0

Release Description

Title: Enhance Certificate and Private Key Management Features

Description:

This release introduces several key improvements and features for managing certificates and private keys in the CertVault project. Below are the detailed updates:

---

1. Private Key Management

• New Classes for Private Key Details:
• PrivkeyDetails: Stores metadata, such as algorithm, encoding, format, parameters, and specific information about private keys.
• PrivkeyDetailsDTO: Facilitates the transmission of private key metadata via APIs.
• Specific detail classes for private key types:
• ECCPrivkeySpecific
• Ed25519PrivkeySpecific
• RSAPrivkeySpecific
• Private Key Parsing Functionality:
• Introduced the analyzePrivkey method for parsing Base64-encoded PEM private keys.
• Supported key types include RSA, EC, and Ed25519.
• Added detailed parsing for:
• EC curve names.
• X coordinate and parity for Ed25519 keys.
• New API for Private Key Analysis:
• /cert/privkey/analyze: Enables the parsing and analysis of private key information.

---

2. Certificate Enhancements

• Certificate DTO Improvements:
• Added algorithm and keySize fields to certificate DTOs for more detailed metadata.
• API Enhancements:
• Extended the getCaCert API by introducing the needRootCa parameter, allowing the inclusion of root CA certificates in responses.
• Enhanced getSslCert API to support exporting full certificate chains with root CA.
• UI Updates:
• Updated DispCertInfoDlg to display detailed information about public keys, including RSA, ECC, and Ed25519-specific details.
• Improved ReqNewCertDlg to allow users to select algorithm and keySize when requesting new certificates.
• Added functionality in ExCertDlg to export full certificate chains with root CA.

---

3. Bug Fixes

• Corrected values for displaying ECC and Ed25519 details in DispCertInfoDlg:
• Updated AccordionPanel values for ECC Point Q and W, and Ed25519 Point.

---

4. Additional Features

• Enhanced Certificate Request Dialogs:
• Added support for algorithm and key size selection in ReqNewCertDlg.
• Included computed properties for key size validation.
• Reset form values upon dialog close or CA selection changes.
• Exporting Full Certificate Chains:
• Introduced the exportChainRoot state in ExCertDlg for managing root CA exports.
• Added a button for exporting full chains with root CA.

---

Commits:

1. Upgrade server version to 2.1.0
2. Add private key detail classes
3. Add private key parsing function
4. Add /cert/privkey/analyze API
5. Enhance certificate DTOs and APIs
6. Fix AccordionPanel values in certificate details
7. Add algorithm and key size options to certificate requests
8. Support exporting fullchain with root CA

For more details, view the full commit history.

Release v2.0.0

Release Description

Title: Dependency Updates, Component Refactoring, and UI Enhancements

Description:

This release introduces multiple improvements and updates for the CertVault project, focusing on dependency upgrades, component refactoring, and UI enhancements. Below are the details:

1. Dependency Updates

• Upgraded the Vite dependency from version 6.3.1 to 6.3.2 to ensure compatibility with the latest features and fixes.

2. Bug Fixes

• Fixed a potential runtime error in Binding.vue by adding a null check for caList.selection, ensuring robustness in the refreshUser function.

3. Refactoring

• Renamed profile dialog components to include a "Dlg" suffix for better clarity, updated references, and adjusted event handlers in Profile.vue.
• Removed async component imports in CertMgr.vue and replaced them with direct component usage, simplifying the codebase.
• Refactored Users.vue by removing async component loading, replacing the header with a Breadcrumb component, and cleaning up the template structure.
• Removed unused dependencies and code in SelectCa.vue, including the useUserStore import and isAdmin reactive property.

4. New Features

• Introduced the SelectCa component for CA selection and integrated it into existing views like ReqNewCertDlg and Binding.
• Added a warn method to the useNotify composable for warning notifications.
• Enhanced the dashboard by replacing the static header with a dynamic Breadcrumb component for better navigation.

5. UI Enhancements

• Customized the PrimeVue paginator styling in CertMgr with a pt prop for a consistent look.
• Updated the welcome message styling in the dashboard for improved consistency and aesthetics.

---

Commits:

• Update Vite to version 6.3.2
• Fix null check for caList.selection in Binding.vue
• Rename dialog components and update references
• Remove async component imports in CertMgr.vue
• Remove async component loading in certificate views
• Simplify Users view component
• Add SelectCa component and integrate into views
• Add PrimeVue paginator styling in CertMgr.vue
• Update dashboard with Breadcrumb component
• Remove unused user store from SelectCa.vue

Please note that the results may be incomplete. You can view additional commits for more details.

Release v1.9.0

Release Description

Title: Enhancements to Routing, Exception Handling, and Build Configuration

Description:

This release introduces various improvements and fixes in the CertVault project, focusing on routing configuration, exception handling, and build configuration. Below are the highlights:

1. Routing Improvements

• Updated router configuration to switch from createWebHashHistory to createWebHistory for cleaner URLs.
• Added a new NotFound.vue component to handle 404 errors gracefully.
• Included a catch-all route in the router to display the NotFound.vue component.

2. Exception Handling Fixes

• Fixed the HTTP status code for the NoResourceFoundException to return PAGE_NOT_FOUND instead of the commented FORBIDDEN.
• Improved page-not-found exception handling logic:
• Added HttpServletRequest parameter in GlobalExceptionHandler.
• Redirected non-API requests to the homepage for better user experience.
• Replaced response.sendRedirect with request.getRequestDispatcher(\"/index.html\").forward to better handle conflicts between front-end and back-end routing.

3. Build and CI Updates

• Updated the server module version from 1.8.3 to 1.8.7 across multiple commits.
• Improved GitHub Actions workflows:
• Upgraded docker/login-action to v3 and actions/checkout to v4.
• Enhanced the release process by replacing "Release" with "Release" in PR title and comment content.

4. Documentation Updates

• Updated document images to reflect the latest changes.

---

Commits:

• Update project version to 1.8.4
• Fix status code for page-not-found
• Optimize GitHub Actions workflow
• Update document images
• Update project version to 1.8.5
• Add NotFound view and update router configuration
• Update project version to 1.8.6
• Update project version to 1.8.7
• Fix page-not-found exception handling

Please note that the results may be incomplete. You can view additional commits for more details.

Release v1.8.3

Release Description

Title: Enhancements to Certificate Conversion, OpenID Connect, and Build Automation

Description:

This release introduces multiple improvements and new features across the CertVault project, focusing on certificate management, authentication support, and build automation. Below are the highlights:

1. Certificate Management

   • Added CertConverter class to support mutual conversion between PEM and PFX certificate formats.
   • Introduced convertFromPemToPfx and convertFromPfxToPem methods for certificate format conversion.
   • Implemented convertPemToPfx API to accept JSON input and return PKCS12 format certificates.
   • Enhanced security by optimizing parsing and encryption processes during certificate conversion.
   • Added unit tests to validate PEM-to-PFX and PFX-to-PEM conversions, including password-protected scenarios.

2. OpenID Connect Support

   • Added OpenID Connect-related configurations in application.yml.
   • Integrated OAuth2 authentication to enhance security and user management.

3. Build Automation

   • Added application.yml.example to provide configuration examples for project startup.
   • Created a Makefile to automate build and installation processes for the frontend and backend, supporting tasks like building, installation, and uninstallation.

4. Refactorings and Fixes

   • Updated database initialization configuration by replacing DATABASE_TYPE with spring.sql.init.platform for schema-locations.
   • Standardized text case in the SignIn view for consistency.

5. Version Updates

   • Incremented the project version from 1.8.1 to 1.8.3.

6. New Domain Classes

   • Added PemResult class to handle Base64-encoded certificates and private keys, simplifying entity management.

Commits:

• Update project version to 1.8.2
• Update database initialization configuration
• Add OpenID Connect configuration
• Add configuration examples and build scripts
• Add PEM format certificate and private key entity class
• Add certificate conversion feature
• Add certificate converter unit test
• Add PEM to PKCS12 conversion feature
• Refactor text case in SignIn view

Please note that the above results may be incomplete. You can view additional commits for more details.

Release v1.8.1

Release Description

Title: Add GeoIP Integration, API Enhancements, and Session Management Improvements

Description:

This release introduces several new features, improvements, and updates:

1. GeoIP Integration

• Added GeoLite2-City.mmdb as a geo-IP database for geolocation queries.
• Introduced new geographic information fields (region, province, city) in the login_record table for MySQL and PostgreSQL databases.
• Updated the project version from 1.6.1 to 1.7.0 and added necessary GeoIP2 dependencies.

2. Session Management Enhancements

• Reduced the maximum session count from 20 to 3 for improved security and performance.
• Improved user session management in Security.vue:
• Added sorting and selection functionality for online and offline login records.
• Introduced buttons for refreshing, logging out selected sessions, and logging out all sessions.
• Updated table columns to include browser, platform, and OS details.

3. API Enhancements

• Added AbortOption interface for timeout and signal control in API calls.
• Introduced an abort parameter to all API functions to replace the deprecated noTimeout flag.
• Updated callRestfulApi to handle abort signals effectively.

4. Authentication Refactoring

• Replaced DefaultAuthorizationCodeTokenResponseClient with RestClientAuthorizationCodeTokenResponseClient to improve maintainability and flexibility.

5. Dependency Updates

• Bumped @primeuix/themes to version 1.0.3 for compatibility with the latest theme updates.

6. Login Records Table

• Added a login records table in Security.vue:
• Utilized LoginRecordDTO and getUsrLoginRecs for fetching login data.
• Displayed online and offline login records with an asynchronous data table.

Commits:

• Add login records table
• Update project version to 1.6.1
• Adjust maximum session limit
• Optimize authentication code client
• Update @primeuix/themes
• Enhance user session management
• Upgrade version to 1.7.0 and add GeoIP dependency
• Add geographic information fields to login records
• Add GeoLite2-City.mmdb for GeoIP
• Add abort option to API calls

Please note that the above results may be incomplete. You can view additional commits for more details.

Release v1.6.0

Release Description

Title: Add OIDC Logo Support, Security Enhancements, and Dependency Updates

Description:

This release introduces several new features, enhancements, and updates:

1. OpenID Connect (OIDC) Logo Support

• Added OidcProviderDTO class for handling OpenID Connect Provider data, including provider name and Base64-encoded logo.
• Modified the getOidcProvider method to return OidcProviderDTO.
• Integrated OIDC provider logo display in SignIn.vue.
• Added configuration for OIDC logos in application-dev.yml and application-prod.yml.
• Updated deployment configuration with OIDC logo support via environment variables.

2. Security Enhancements

• Added a new Security component and route in the dashboard for enhanced security management.
• Simplified command functions in AppSidebar.vue.

3. Dependency and Build Updates

• Updated tailwindcss-primeui and moved it from devDependencies to dependencies.
• Upgraded vite to version 6.2.6.
• Updated pnpm to version 10.8.0.
• Incremented the project version to 1.5.2.

4. Styling Improvements

• Introduced a custom hover state variant in main.css for better user interaction.
• Improved styling of the login button and divider in SignIn.vue.

5. Bug Fixes

• Resolved issues with OIDC login redirection, ensuring redirection occurs within the same window and added a noopener flag for security.

Commits:

• Add OpenID Connect Provider DTO
• Add OIDC provider information and logo
• Add support for OIDC authentication provider logo
• Update project version to 1.5.1
• Added support for OIDC provider logo in deployment
• Update dependencies
• Enhance OIDC provider integration
• Add security section to dashboard
• Add custom hover state variant
• Update project version to 1.5.2

Please note that the above results may be incomplete. You can view additional commits for more details.

Release v1.5.0

Rleease Description

Title: Update Project Version, Fix Certificate Validity, and Enhance OIDC Support

Description:

This release includes various updates, fixes, and enhancements:

1. Project Version Updates

• Updated the version number of the certvault-server project:
• From 1.4.1 to 1.4.2.
• From 1.4.2 to 1.4.3.
• From 1.4.3 to 1.4.4.

2. Certificate Management Fix

• Fixed an issue where the validity period of sub CA and server certificates exceeded that of the parent CA:
• Added checks to validate the sub CA and server certificate validity periods.
• Exceptions with prompts are thrown if validity exceeds the parent CA.

3. Dependency Updates

• Upgraded @vueuse/core from ^13.0.0 to ^13.1.0.
• Upgraded @primeuix/themes from ^1.0.1 to ^1.0.2.

4. OIDC Support Enhancements

• Added OIDC provider support in the user store and sign-in view:
• Introduced oidcProvider state and fetch functionality in the user store.
• Integrated OIDC login button in the sign-in view.
• Handled busy state during the sign-in process.
• Fixed OIDC login redirection:
• Replaced fetch with window.open for OIDC login.
• Ensured redirection occurs in the same window with a noopener flag for security.

5. Cross-Origin Support

• Added global CORS configuration to WebConfig to solve cross-domain request issues.
• Enabled cross-origin support for all controllers by adding the @CrossOrigin annotation.

6. UI and Styling Improvements

• Adjusted styling for the divider and text in SignIn.vue:
• Updated border color for better visibility.
• Added consistent text colors for light and dark modes.

Commits:

• Update project version to 1.4.2
• Fix certificate validity issue
• Update dependency versions
• Add OIDC provider support
• Update project version to 1.4.3
• Update project version to 1.4.4
• Added global CORS configuration
• Add cross-domain support for controllers
• Styling improvements in SignIn.vue
• Fix OIDC login redirection

Please note that the above results may be incomplete. You can view additional commits for more details.