sec: enhance some desc for users (#344)

* sec: enhance some desc for users
---------

Co-authored-by: YangJiaqi <[email protected]>

content/cn/docs/changelog/hugegraph-1.3.0-release-notes.md

@@ -7,17 +7,18 @@ weight: 4
 ### 运行环境/版本说明
 
 1. 优先在 `hugegraph/toolchain/commons`软件中使用 Java 11, 此次是这些模块最后一次主版本兼容 Java 8 了。(computer 则仅支持 Java11)
-2. 另外相比 Java11, 使用 Java8 会失去一些**安全性**的保障，我们推荐生产或对外网暴露访问的环境使用 Java11 并开启 [Auth 权限认证](/cn/docs/config/config-authentication/)。
+2. 另外相比 Java11, 使用 Java8 会失去一些**安全性**的保障，我们推荐生产或对外网暴露访问的环境使用 Java11 并开启 [Auth 权限认证](/cn/docs/config/config-authentication/)
 
-**1.3.0** is the last major version compatible with **Java 8**, compatibility with Java 8 will end in 
-next release(1.5.0) when [PD/Store](https://github.com/apache/incubator-hugegraph/issues/2265) merged into master branch (Except for the `java-client`).
+**1.3.0** 是最后兼容 **Java 8** 的版本，在下一个 1.5.0 版本发布 -- [PD/Store](https://github.com/apache/incubator-hugegraph/issues/2265) 合入主分支时就会全面使用 Java 11 (除`client`外).
 
-PS: In the future, we will gradually upgrade the java version, **Java 11** -> **Java 17** -> **Java 21**.
+PS: 未来 HugeGraph 组件的版本会朝着 `Java 11 -> Java 17 -> Java 21` 演进
 
-> WIP: this doc is under construction, please wait for the final version (BETA) 
+> WIP: This doc is under construction, please wait for the final version (BETA) 
 
 ### hugegraph
 
+> 在此次版本中我们修复了一些 SEC 相关的问题，如果是线上或者对外服务请升级到最新版本 + 开启权限认证
+
 #### API Changes
 
 * feat(api): optimize adjacent-edges query ([#2408](https://github.com/apache/incubator-hugegraph/pull/2408))

content/cn/docs/contribution-guidelines/hugegraph-server-idea-setup.md

@@ -8,14 +8,16 @@ weight: 4
 
 ### 背景
 
-在 [Quick Start](/docs/quickstart/hugegraph-server/) 部分已经介绍了使用**脚本**启停 HugeGraph-Server 的流程。下面以 Linux 平台为例，介绍使用 **IntelliJ IDEA** 运行与调试 HugeGraph-Server 的流程。
+在 [Quick Start](/docs/quickstart/hugegraph-server/) 部分已经介绍了使用**脚本**启停 HugeGraph-Server 的流程。下面以 Linux 平台为例，
+介绍使用 **IntelliJ IDEA** 运行与调试 HugeGraph-Server 的流程。
 
 本地启动的核心与**脚本启动**是一样的：
 
 1. 初始化数据库后端，执行 `InitStore` 类初始化图
 2. 启动 HugeGraph-Server，执行 `HugeGraphServer` 类加载初始化的图信息启动
 
-在执行下述流程之前，请确保已经克隆了 HugeGraph 的源代码，并且已经配置了 JDK 11 等开发环境。
+在执行下述流程之前，请确保已经克隆了 HugeGraph 的源代码，并且已经配置了 Java 11 环境 & 可以参考这个
+[配置文档](https://github.com/apache/incubator-hugegraph/wiki/The-style-config-for-HugeGraph-in-IDEA)
 
 ```bash
 git clone https://github.com/apache/hugegraph.git
@@ -157,3 +159,4 @@ curl "https://localhost:8080/graphs/hugegraph/graph/vertices" | gunzip
 2. [hugegraph-server 本地调试文档 (Win/Unix)](https://gist.github.com/imbajin/1661450f000cd62a67e46d4f1abfe82c)
 3. ["package sun.misc does not exist" compilation error](https://youtrack.jetbrains.com/issue/IDEA-180033)
 4. [Cannot compile: java: package sun.misc does not exist](https://youtrack.jetbrains.com/issue/IDEA-201168)
+5. [The code-style config for HugeGraph in IDEA](https://github.com/apache/incubator-hugegraph/wiki/The-style-config-for-HugeGraph-in-IDEA)

content/cn/docs/quickstart/hugegraph-client.md

@@ -6,9 +6,12 @@ weight: 4
 
 ### 1 HugeGraph-Client 概述
 
-HugeGraph-Client 向 HugeGraph-Server 发出 HTTP 请求，获取并解析 Server 的执行结果。目前仅提供了 Java 版，用户可以使用 HugeGraph-Client 编写 Java 代码操作 HugeGraph，比如元数据和图数据的增删改查，或者执行 gremlin 语句。
+[HugeGraph-Client](https://github.com/apache/hugegraph-toolchain) 向 HugeGraph-Server 发出 HTTP 请求，获取并解析 Server 的执行结果。
+提供了 Java/Go/[Python](https://github.com/apache/incubator-hugegraph-ai/tree/main/hugegraph-python-client) 版，
+用户可以使用 [Client-API](/cn/docs/clients/hugegraph-client) 编写代码操作 HugeGraph，比如元数据和图数据的增删改查，或者执行 gremlin 语句等。
+后文主要是 Java 使用示例 (其他语言 SDK 可参考对应 `READEME` 页面)
 
-> 现在已经支持[基于 Go 语言的 HugeGraph Client SDK 工具](https://github.com/apache/incubator-hugegraph-toolchain/blob/master/hugegraph-client-go/README.md) (version >=1.2.0)
+> 现在已经支持基于 Go 语言的 HugeGraph [Client SDK](https://github.com/apache/incubator-hugegraph-toolchain/blob/master/hugegraph-client-go/README.md) (version >=1.2.0)
 
 ### 2 环境要求
 
@@ -44,10 +47,12 @@ HugeGraph-Client 向 HugeGraph-Server 发出 HTTP 请求，获取并解析 Serve
     <dependency>
         <groupId>org.apache.hugegraph</groupId>
         <artifactId>hugegraph-client</artifactId>
-        <version>${version}</version>
+        <!-- Update to the latest release version -->
+        <version>1.3.0</version>
     </dependency>
 </dependencies>
 ```
+> 注：Graph 所有组件版本号均保持一致
 
 #### 4.3 Example
 
@@ -348,7 +353,7 @@ public class BatchExample {
 运行 Example 之前需要启动 Server,
 启动过程见[HugeGraph-Server Quick Start](/cn/docs/quickstart/hugegraph-server)
 
-### 4.5 Example 示例说明
+### 4.5 详细 API 说明
 
 示例说明见[HugeGraph-Client 基本 API 介绍](/cn/docs/clients/hugegraph-client)
 

content/cn/docs/quickstart/hugegraph-hubble.md

@@ -6,9 +6,12 @@ weight: 3
 
 ### 1 HugeGraph-Hubble 概述
 
-HugeGraph 是一款面向分析型，支持批量操作的图数据库系统，它由百度安全团队自主研发，全面支持[Apache TinkerPop3](https://tinkerpop.apache.org)框架和[Gremlin](https://tinkerpop.apache.org/gremlin.html)图查询语言，提供导出、备份、恢复等完善的工具链生态，有效解决海量图数据的存储、查询和关联分析需求。HugeGraph 广泛应用于银行券商的风控打击、保险理赔、推荐搜索、公安犯罪打击、知识图谱构建、网络安全、IT 运维等领域，致力于让更多行业、组织及用户享受到更广泛的数据综合价值。
+> **注:** 当前版本的 Hubble 还没有添加 Auth/Login 相关界面和接口和单独防护, 在下一个 Release 版 (≥ 1.5) 会加入, 
+> 请留意避免把它暴露在公网环境或不受信任的网络中，以免引起相关 SEC 问题 (另外也可以使用 IP & 端口白名单 + HTTPS)
 
-**HugeGraph-Hubble** 是 HugeGraph 的一站式可视化分析平台，平台涵盖了从数据建模，到数据快速导入，再到数据的在线、离线分析、以及图的统一管理的全过程，实现了图应用的全流程向导式操作，旨在提升用户的使用流畅度，降低用户的使用门槛，提供更为高效易用的使用体验。
+**HugeGraph-Hubble** 是 HugeGraph 的一站式可视化分析平台，平台涵盖了从数据建模，到数据快速导入，
+再到数据的在线、离线分析、以及图的统一管理的全过程，实现了图应用的全流程向导式操作，旨在提升用户的使用流畅度，
+降低用户的使用门槛，提供更为高效易用的使用体验。
 
 平台主要包括以下模块：
 

content/cn/docs/quickstart/hugegraph-server.md

@@ -10,19 +10,20 @@ HugeGraph-Server 是 HugeGraph 项目的核心部分，包含 Core、Backend、A
 
 Core 模块是 Tinkerpop 接口的实现，Backend 模块用于管理数据存储，目前支持的后端包括：Memory、Cassandra、ScyllaDB 以及 RocksDB，API 模块提供 HTTP Server，将 Client 的 HTTP 请求转化为对 Core 的调用。
 
-> 文档中会大量出现 `HugeGraph-Server` 及 `HugeGraphServer` 这两种写法，其他组件也类似。这两种写法含义上并无大的差异，可以这么区分：`HugeGraph-Server` 表示服务端相关组件代码，`HugeGraphServer` 表示服务进程。
+> 文档中会出现 `HugeGraph-Server` 及 `HugeGraphServer` 这两种写法，其他组件也类似。
+> 这两种写法含义上并明显差异，可以这么区分：`HugeGraph-Server` 表示服务端相关组件代码，`HugeGraphServer` 表示服务进程。
 
 ### 2 依赖
 
 #### 2.1 安装 Java 11 (JDK 11)
 
-请优先考虑在 Java 11 的环境上启动 `HugeGraph-Server`，目前同时保留对 Java 8 的兼容
+请优先考虑在 Java 11 的环境上启动 `HugeGraph-Server`(在 1.5.0 版前，会保留对 Java 8 的基本兼容)
 
-**在往下阅读之前务必执行 `java -version` 命令查看 jdk 版本**
+**在往下阅读之前先执行 `java -version` 命令确认 jdk 版本**
 
-```bash
-java -version
-```
+> 注：使用 Java 8 启动 HugeGraph-Server 会失去一些**安全性**的保障，也会降低性能相关指标
+>
+> 我们推荐生产或对外网暴露访问的环境使用 Java 11 并考虑开启 [Auth 权限认证](/cn/docs/config/config-authentication/)。
 
 ### 3 部署
 
@@ -34,7 +35,7 @@ java -version
 - 方式 4：使用 tools 工具部署 (Outdated)
 
 #### 3.1 使用 Docker 容器 (便于**测试**)
-<!-- 3.1 is linked by other place. if change 3.1's title, please check -->
+<!-- 3.1 is linked by another place. if change 3.1's title, please check -->
 
 可参考 [Docker 部署方式](https://github.com/apache/incubator-hugegraph/blob/master/hugegraph-server/hugegraph-dist/README.md)。
 
@@ -83,7 +84,7 @@ tar zxf *hugegraph*.tar.gz
 
 #### 3.3 源码编译
 
-源码编译前请确保安装了 wget 命令
+源码编译前请确保本机有安装 `wget/curl` 命令
 
 下载 HugeGraph 源代码
 
@@ -95,6 +96,7 @@ git clone https://github.com/apache/hugegraph.git
 
 ```bash
 cd hugegraph
+# (Optional) use "-P stage" param if you build failed with the latest code(during pre-release period)
 mvn package -DskipTests
 ```
 

content/en/docs/changelog/hugegraph-1.3.0-release-notes.md

@@ -10,15 +10,19 @@ weight: 4
 2. `hugegraph-computer` required to use Java 11, **not compatible with Java 8!**
 3. Using Java8 may loss some security ensured, we recommend using Java 11 in **production env** with [AuthSystem](/docs/config/config-authentication/) enabled.
 
-**1.3.0** is the last major version compatible with **Java 8**, compatibility with Java 8 will end in 
-next release(1.5.0) when [PD/Store](https://github.com/apache/incubator-hugegraph/issues/2265) merged into master branch (Except for the `java-client`).
+**1.3.0** is the **last major** version compatible with **Java 8**, compatibility with Java 8 will end in 
+next release(1.5.0) when [PD/Store](https://github.com/apache/hugegraph/issues/2265) merged into 
+master branch (Except for the `java-client`).
 
-PS: In the future, we will gradually upgrade the java version, **Java 11** -> **Java 17** -> **Java 21**.
+PS: In the future, we will gradually upgrade the java version from `Java 11 -> Java 17 -> Java 21.`
 
 > WIP: this doc is under construction, please wait for the final version (BETA) 
 
 ### hugegraph
 
+> In this version, we have fixed some SEC-related issues. If used in an online service or exposed to 
+> the public, please upgrade to the latest version and enable authorization authentication
+
 #### API Changes
 
 * feat(api): optimize adjacent-edges query ([#2408](https://github.com/apache/incubator-hugegraph/pull/2408))

content/en/docs/contribution-guidelines/hugegraph-server-idea-setup.md

@@ -1,5 +1,5 @@
 ---
-title: "Setup Server in IDEA"
+title: "Setup Server in IDEA (Dev)"
 linkTitle: "Setup Server in IDEA"
 weight: 4
 ---
@@ -15,7 +15,9 @@ The core steps for local startup are the same as starting with **scripts**:
 1. Initialize the database backend by executing the `InitStore` class to initialize the graph.
 2. Start HugeGraph-Server by executing the `HugeGraphServer` class to load the initialized graph information and start the server.
 
-Before proceeding with the following process, make sure that you have cloned the source code of HugeGraph and have configured the development environment, such as JDK 11.
+Before proceeding with the following process, make sure that you have cloned the source code of HugeGraph 
+and have configured the development environment, such as `Java 11` & you could config your local environment 
+with this [config-doc](https://github.com/apache/incubator-hugegraph/wiki/The-style-config-for-HugeGraph-in-IDEA) 
 
 ```bash
 git clone https://github.com/apache/hugegraph.git
@@ -155,4 +157,5 @@ This is because Log4j2 uses asynchronous loggers. You can refer to the [official
 1. [HugeGraph-Server Quick Start](/docs/quickstart/hugegraph-server/)
 2. [Local Debugging Guide for HugeGraph Server (Win/Unix)](https://gist.github.com/imbajin/1661450f000cd62a67e46d4f1abfe82c)
 3. ["package sun.misc does not exist" compilation error](https://youtrack.jetbrains.com/issue/IDEA-180033)
-4. [Cannot compile: java: package sun.misc does not exist](https://youtrack.jetbrains.com/issue/IDEA-201168)
+4. [Cannot compile: java: package sun.misc does not exist](https://youtrack.jetbrains.com/issue/IDEA-201168)
+5. [The code-style config for HugeGraph in IDEA](https://github.com/apache/incubator-hugegraph/wiki/The-style-config-for-HugeGraph-in-IDEA)

content/en/docs/quickstart/hugegraph-client.md

@@ -6,9 +6,11 @@ weight: 4
 
 ### 1 Overview Of Hugegraph
 
-HugeGraph-Client sends HTTP request to HugeGraph-Server to obtain and parse the execution result of Server. Currently only the HugeGraph-Client for Java is provided. You can use HugeGraph-Client to write Java code to operate HugeGraph, such as adding, deleting, modifying, and querying schema and graph data, or executing gremlin statements.
+[HugeGraph-Client](https://github.com/apache/hugegraph-toolchain) sends HTTP request to HugeGraph-Server to obtain and parse the execution result of Server. 
+We support HugeGraph-Client for Java/Go/[Python](https://github.com/apache/incubator-hugegraph-ai/tree/main/hugegraph-python-client) language.
+You can use [Client-API](/cn/docs/clients/hugegraph-client) to write code to operate HugeGraph, such as adding, deleting, modifying, and querying schema and graph data, or executing gremlin statements.
 
-> Now we support [HugeGraph client SDK tool based on Go language](https://github.com/apache/incubator-hugegraph-toolchain/blob/master/hugegraph-client-go/README.en.md) (version >=1.2.0)
+> [HugeGraph client SDK tool based on Go language](https://github.com/apache/incubator-hugegraph-toolchain/blob/master/hugegraph-client-go/README.en.md) (version >=1.2.0)
 
 ### 2 What You Need
 
@@ -41,10 +43,12 @@ Using IDEA or Eclipse to create the project:
     <dependency>
         <groupId>org.apache.hugegraph</groupId>
         <artifactId>hugegraph-client</artifactId>
-        <version>${version}</version>
+        <!-- Update to the latest release version -->
+        <version>1.3.0</version>
     </dependency>    
 </dependencies>
 ```
+> Note: The versions of all graph components remain consistent
 
 #### 4.3 Example
 
@@ -344,7 +348,7 @@ public class BatchExample {
 
 Before running Example, you need to start the Server. For the startup process, see[HugeGraph-Server Quick Start](/docs/quickstart/hugegraph-server).
 
-### 4.5 More Information About Example
+### 4.5 More Information About Client-API
 
 See[Introduce basic API of HugeGraph-Client](/docs/clients/hugegraph-client).
 

content/en/docs/quickstart/hugegraph-hubble.md

@@ -6,9 +6,15 @@ weight: 3
 
 ### 1 HugeGraph-Hubble Overview
 
-HugeGraph is an analysis-oriented graph database system that supports batch operations, which fully supports [Apache TinkerPop3](https://tinkerpop.apache.org) framework and [Gremlin](https://tinkerpop.apache.org/gremlin.html) graph query language. It provides a complete tool chain ecology such as export, backup, and recovery, and effectively solve the storage, query and correlation analysis needs of massive graph data. HugeGraph is widely used in the fields of risk control, insurance claims, recommendation search, public security crime crackdown, knowledge graph, network security, IT operation and maintenance of bank securities companies, and is committed to allowing more industries, organizations and users to enjoy a wider range of data comprehensive value.
+> **Note:** The current version of Hubble has not yet added Auth/Login related interfaces and 
+> standalone protection, it will be added in the next Release version (≥ 1.5). 
+> Please be careful not to expose it in a public network environment or untrusted networks to 
+> avoid related SEC issues (you can also use IP & port whitelist + HTTPS)
 
-**HugeGraph-Hubble** is HugeGraph's one-stop visual analysis platform. The platform covers the whole process from data modeling, to efficient data import, to real-time and offline analysis of data, and unified management of graphs, realizing the whole process wizard of graph application. It is designed to improve the user's use fluency, lower the user's use threshold, and provide a more efficient and easy-to-use user experience.
+**HugeGraph-Hubble** is HugeGraph's one-stop visual analysis platform. The platform covers the whole 
+process from data modeling, to efficient data import, to real-time and offline analysis of data, and 
+unified management of graphs, realizing the whole process wizard of graph application. It is designed 
+to improve the user's use fluency, lower the user's use threshold, and provide a more efficient and easy-to-use user experience.
 
 The platform mainly includes the following modules:
 
@@ -26,7 +32,9 @@ By inputting the graph traversal language Gremlin, high-performance general anal
 
 ##### Task Management
 
-For Gremlin tasks that need to traverse the whole graph, index creation and reconstruction and other time-consuming asynchronous tasks, the platform provides corresponding task management functions to achieve unified management and result viewing of asynchronous tasks.
+For Gremlin tasks that need to traverse the whole graph, index creation and reconstruction, 
+and other time-consuming asynchronous tasks, the platform provides corresponding task management 
+functions to achieve unified management and result viewing of asynchronous tasks.
 
 ##### Data Import
 
@@ -44,7 +52,7 @@ error retry mechanism, etc., which reduces import costs and improves efficiency.
 
 ### 2 Deploy
 
-There are three ways to deplot `hugegraph-hubble`
+There are three ways to deploy `hugegraph-hubble`
 
 - Use Docker (Convenient for Test/Dev)
 - Download the Toolchain binary package