mirror/anubis
1
0
Fork 0
mirror of https://github.com/TecharoHQ/anubis.git synced 2026-02-09 05:19:24 -06:00
Code Issues Packages Projects Releases Wiki Activity
144 Commits 172 Branches 40 Tags
Xe/pkgserver
Commit Graph

32 Commits

Author SHA1 Message Date
Xe Iaso
2d22491e8c undo depot for now until I have the corp set up 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-20 09:07:54 -04:00
Xe Iaso
736c3ade09 .github/funding: add GitHub sponsors 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-17 23:48:36 -04:00
dependabot[bot]
5d4d2e3e2a build(deps): bump github/codeql-action in the github-actions group (#264) 
Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).


Updates `github/codeql-action` from 3.28.13 to 3.28.15
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](1b549b9259...45775bd823)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-15 05:56:14 -04:00
dependabot[bot]
2ebce26709 build(deps): bump the gomod group with 3 updates (#265) 
* build(deps): bump the gomod group with 3 updates

Bumps the gomod group with 3 updates: [github.com/playwright-community/playwright-go](https://github.com/playwright-community/playwright-go), [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) and [golang.org/x/net](https://github.com/golang/net).


Updates `github.com/playwright-community/playwright-go` from 0.5001.0 to 0.5101.0
- [Release notes](https://github.com/playwright-community/playwright-go/releases)
- [Commits](https://github.com/playwright-community/playwright-go/compare/v0.5001.0...v0.5101.0)

Updates `github.com/prometheus/client_golang` from 1.21.1 to 1.22.0
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.21.1...v1.22.0)

Updates `golang.org/x/net` from 0.38.0 to 0.39.0
- [Commits](https://github.com/golang/net/compare/v0.38.0...v0.39.0)

---
updated-dependencies:
- dependency-name: github.com/playwright-community/playwright-go
  dependency-version: 0.5101.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/prometheus/client_golang
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/net
  dependency-version: 0.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>

* internal/test: bump playwright version

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xe Iaso <me@xeiaso.net>
 2025-04-15 05:55:50 -04:00
Xe Iaso
62e20a213a use depot builders (#262) 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-13 15:57:47 -04:00
Patrick Linnane
503f466ecf workflows: hash pin more Actions (#241) 
Signed-off-by: Patrick Linnane <patrick@linnane.io>
 2025-04-11 22:18:13 -04:00
Patrick Linnane
1614504922 workflows: hash pin Actions (#203) 
Signed-off-by: Patrick Linnane <patrick@linnane.io>
 2025-04-08 00:45:06 -04:00
Xe Iaso
2324395ae2 move pull request template to a hidden folder 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-07 17:36:29 -04:00
Xe Iaso
8adf1a06eb .github/workflows/package-builds-stable: allow write permissions to upload binary packages 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-06 13:05:45 -04:00
Xe Iaso
df27a96f1f make a half-baked tarball (#221) 
* make a half-baked tarball

Closes #217

Signed-off-by: Xe Iaso <me@xeiaso.net>

* make two tarballs: one with just the vendor, and one with vendor and npm

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-06 12:44:52 +00:00
Xe Iaso
f1f8fdf752 package.json: fix build command (#230) 
Closes #225

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-06 04:29:52 +00:00
Xe Iaso
878b37178d implement packaging proof of concept with yeet (#194) 
* implement packaging proof of concept with yeet

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs/developer: add local dev docs for yeet

Signed-off-by: Xe Iaso <me@xeiaso.net>

* apply review feedback

Signed-off-by: Xe Iaso <me@xeiaso.net>

* build package artifacts in CI

Signed-off-by: Xe Iaso <me@xeiaso.net>

* tell CI to fetch all git metadata

Signed-off-by: Xe Iaso <me@xeiaso.net>

* rename package builds job

Signed-off-by: Xe Iaso <me@xeiaso.net>

* upload each package individually

Signed-off-by: Xe Iaso <me@xeiaso.net>

* split package build CI jobs

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix code injection?

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix ci?

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix security alert

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs/local-dev: point people to yeet v1.13.3

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-04 08:15:04 -04:00
dependabot[bot]
515453c607 build(deps): bump actions/cache from 3 to 4 in the github-actions group (#198) 
Bumps the github-actions group with 1 update: [actions/cache](https://github.com/actions/cache).


Updates `actions/cache` from 3 to 4
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-02 00:15:49 -04:00
Patrick Linnane
01c2e45843 dependabot: enable (#189) 
* dependabot: enable

Signed-off-by: Patrick Linnane <patrick@linnane.io>

* dependabot: group updates

Signed-off-by: Patrick Linnane <patrick@linnane.io>

---------

Signed-off-by: Patrick Linnane <patrick@linnane.io>
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
 2025-04-02 00:09:46 -04:00
Patrick Linnane
fc237a1690 workflows: fix zizmor findings (part 1) (#190) 
Signed-off-by: Patrick Linnane <patrick@linnane.io>
 2025-04-01 22:33:44 +00:00
Patrick Linnane
6af7c5891f ci: add zizmor (#188) 
Signed-off-by: Patrick Linnane <patrick@linnane.io>
 2025-04-01 17:56:27 -04:00
Xe Iaso
52ca5390c2 Add staticheck to CI (#152) 
* Add staticheck to CI

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix staticcheck warnings

Signed-off-by: Xe Iaso <me@xeiaso.net>

* oh, right, playwright is broken

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-29 15:00:22 -04:00
Xe Iaso
937f1dd330 all: do not commit generated JS/CSS to source control (#148) 
Closes #125
Closes #40

Among other things, this moves all of the asset generation to run within
the context of an npm script. Developer documentation stubs have been
added so that people can get started more easily.

The top-level Dockerfile (which is no longer used in production) has
been removed as its presence has been causing confusion. This changeset
will break it anyways.

These changes will make for less "repo churn" as the static assets are
built and rebuilt, at the cost of making the build step more complicated
for downstream packagers. If this becomes a burden, we can explore
making a "release tarball" that contains pre-massaged outputs.
 2025-03-28 14:55:25 -04:00
Xe Iaso
7d4be0dcec Apply bits of the cookie settings PR one by one (#140) 
Enables uses to change the cookie domain and partitioned flags.

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-27 15:24:03 -04:00
Yulian Kuncheff
6156d3d729 Refactor and split out things into cmd and lib (#77) 
* Refactor anubis to split business logic into a lib, and cmd to just be direct usage.

* Post-rebase fixes.

* Update changelog, remove unnecessary one.

* lib: refactor this

This is mostly based on my personal preferences for how Go code should
be laid out. I'm not sold on the package name "lib" (I'd call it anubis
but that would stutter), but people are probably gonna import it as
libanubis so it's likely fine.

Packages have been "flattened" to centralize implementation with area of
concern. This goes against the Java-esque style that many people like,
but I think this helps make things simple.

Most notably: the dnsbl client (which is a hack) is an internal package
until it's made more generic. Then it can be made external.

I also fixed the logic such that `go generate` works and rebased on
main.

* internal/test: run tests iff npx exists and DONT_USE_NETWORK is not set

Signed-off-by: Xe Iaso <me@xeiaso.net>

* internal/test: install deps

Signed-off-by: Xe Iaso <me@xeiaso.net>

* .github/workflows: verbose go tests?

Signed-off-by: Xe Iaso <me@xeiaso.net>

* internal/test: sleep 2

Signed-off-by: Xe Iaso <me@xeiaso.net>

* internal/test: nix this test so CI works

Signed-off-by: Xe Iaso <me@xeiaso.net>

* internal/test: warmup per browser?

Signed-off-by: Xe Iaso <me@xeiaso.net>

* internal/test: disable for now :(

Signed-off-by: Xe Iaso <me@xeiaso.net>

* lib/anubis: do not apply bot rules if address check fails

Closes #83

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
 2025-03-22 18:44:49 -04:00
Xe Iaso
56cdb2e51b Fix docker image CI for pull requests (#84) 
Closes #65

Pull request images will now be `ttl.sh/techaro/pr-{number}/anubis:24h`.
 2025-03-22 11:26:49 -04:00
Xe Iaso
4ec4dc3624 .github/workflows: don't publish provenance data for PRs 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-21 15:42:51 -04:00
Xe Iaso
38e1e8cb5e comment out the comment PR experiment for now, ugh, I hate GitHub ACLs 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-21 11:06:31 -04:00
Xe Iaso
f730326814 off by one 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-21 10:40:30 -04:00
Xe Iaso
db6d424aaa .github/workflows/docker: only do comments if we're in a PR 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-21 10:36:24 -04:00
Xe Iaso
95dddb5549 cmd/containerbuild: default to ttl.sh for third party contributions (#51) 
* cmd/containerbuild: default to ttl.sh for third party contributions

Closes #48

Signed-off-by: Xe Iaso <me@xeiaso.net>

* track comment tags

Signed-off-by: Xe Iaso <me@xeiaso.net>

* empty commit to make sure double-commenting doesn't work

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-21 10:34:01 -04:00
Xe Iaso
c47347ff76 add docs site based on docusarus (#35) 
* add docs site based on docusarus

Closes #2

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs: deploy to aeacus

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ready for merge

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs: fix anubis port

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-20 15:06:58 -04:00
Xe Iaso
1efcb88261 Try using ko to build images 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-19 09:10:29 -04:00
Xe Iaso
b22676da6c add FUNDING file 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-19 07:10:20 -04:00
Xe Iaso
fad32f79f9 make docker image for Anubis 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-18 08:35:05 -04:00
Xe Iaso
836eaf829a .github/workflows/go: make this slower for now 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-17 19:39:56 -04:00
Xe Iaso
9923878c5c initial import from /x/ monorepo 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-03-17 19:33:07 -04:00